Revision 306bab93
Von Bernd Bleßmann vor mehr als 5 Jahren hinzugefügt
- ID 306bab93d71fdd18138717b3d33abd9d9372b79f
- Vorgänger 12e76514
| SL/Dispatcher.pm | ||
|---|---|---|
|
if ( $action =~ m/LoginScreen\/user_login/
|
||
|
&& $params{action}
|
||
|
&& 'get' eq lc($ENV{REQUEST_METHOD})
|
||
|
&& !_is_callback_blacklisted(map {$_ => $params{$_}} qw(routing_type script controller action) )
|
||
|
) {
|
||
|
|
||
|
require SL::Controller::Base;
|
||
| ... | ... | |
|
$self->end_request;
|
||
|
}
|
||
|
|
||
|
sub _is_callback_blacklisted {
|
||
|
my (%params) = @_;
|
||
|
|
||
|
# You can give a name only, then all actions are blackisted.
|
||
|
# Or you can give name and action, then only this action is blacklisted
|
||
|
# examples:
|
||
|
# {name => 'is', action => 'edit'}
|
||
|
# {name => 'Project', action => 'edit'},
|
||
|
my @script_blacklist = (
|
||
|
{name => 'admin'},
|
||
|
{name => 'login'},
|
||
|
);
|
||
|
|
||
|
my @controller_blacklist = (
|
||
|
{name => 'Admin'},
|
||
|
{name => 'LoginScreen'},
|
||
|
);
|
||
|
|
||
|
my ($name, $blacklist);
|
||
|
if ('old' eq ($params{routing_type} // '')) {
|
||
|
$name = $params{script};
|
||
|
$blacklist = \@script_blacklist;
|
||
|
} else {
|
||
|
$name = $params{controller};
|
||
|
$blacklist = \@controller_blacklist;
|
||
|
}
|
||
|
|
||
|
foreach my $bl (@$blacklist) {
|
||
|
return 1 if _is_name_action_blacklisted($bl->{name}, $bl->{action}, $name, $params{action});
|
||
|
}
|
||
|
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
sub _is_name_action_blacklisted {
|
||
|
my ($blacklisted_name, $blacklisted_action, $name, $action) = @_;
|
||
|
|
||
|
return 1 if ($name // '') eq $blacklisted_name && !$blacklisted_action;
|
||
|
return 1 if ($name // '') eq $blacklisted_name && ($action // '') eq $blacklisted_action;
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
sub unrequire_bin_mozilla {
|
||
|
my $self = shift;
|
||
|
return unless $self->_interface_is_fcgi;
|
||
Auch abrufbar als: Unified diff
Login: blacklisting bei Callback für Redirect zum Ziel implementiert