/[jscoverage]/trunk/jscoverage-server.c
ViewVC logotype

Diff of /trunk/jscoverage-server.c

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 505 by siliconforks, Sat Jan 2 04:55:54 2010 UTC revision 583 by siliconforks, Sat Sep 11 20:20:14 2010 UTC
# Line 42  Line 42 
42  const char * jscoverage_encoding = "ISO-8859-1";  const char * jscoverage_encoding = "ISO-8859-1";
43  bool jscoverage_highlight = true;  bool jscoverage_highlight = true;
44    
45    struct in_addr jscoverage_ip_address;
46    
47  typedef struct SourceCache {  typedef struct SourceCache {
48    char * url;    char * url;
49    uint16_t * characters;    uint16_t * characters;
# Line 696  Line 698 
698        return;        return;
699      }      }
700    
701      /* allow only from localhost */      /* check client IP address */
702      struct sockaddr_in client;      struct sockaddr_in client;
703      if (HTTPExchange_get_peer(exchange, &client) != 0) {      if (HTTPExchange_get_peer(exchange, &client) != 0) {
704        send_response(exchange, 500, "Cannot get client address\n");        send_response(exchange, 500, "Cannot get client address\n");
705        return;        return;
706      }      }
707      if (client.sin_addr.s_addr != htonl(INADDR_LOOPBACK)) {  
708        /*
709        We allow connections from loopback 127.0.0.0 to 127.255.255.255 (127/8)
710        and from the address specified with --ip-address
711        */
712        bool client_allowed = false;
713    
714        if (client.sin_addr.s_addr == htonl(INADDR_LOOPBACK)) {
715          client_allowed = true;
716        }
717    
718        if ((ntohl(client.sin_addr.s_addr) & 0xFF000000) == 0x7F000000) {
719          client_allowed = true;
720        }
721    
722        if (client.sin_addr.s_addr == jscoverage_ip_address.s_addr) {
723          client_allowed = true;
724        }
725    
726        if (! client_allowed) {
727        send_response(exchange, 403, "This operation can be performed only by localhost\n");        send_response(exchange, 403, "This operation can be performed only by localhost\n");
728        return;        return;
729      }      }
# Line 1276  Line 1297 
1297      }      }
1298  #endif  #endif
1299    
1300      /* INADDR_LOOPBACK */      HTTPConnection * connection = HTTPConnection_new_client(ip_address, numeric_port);
     HTTPConnection * connection = HTTPConnection_new_client("127.0.0.1", numeric_port);  
1301      if (connection == NULL) {      if (connection == NULL) {
1302        fatal("could not connect to server");        fatal("could not connect to server");
1303      }      }
# Line 1319  Line 1339 
1339      printf("Starting HTTP server on %s:%lu\n", ip_address, numeric_port);      printf("Starting HTTP server on %s:%lu\n", ip_address, numeric_port);
1340      fflush(stdout);      fflush(stdout);
1341    }    }
1342    
1343      /* set the IP address */
1344      if (! inet_aton(ip_address, &jscoverage_ip_address)) {
1345        fatal("invalid IP address: %s\n", ip_address);
1346      }
1347    
1348    HTTPServer_run(ip_address, (uint16_t) numeric_port, handler);    HTTPServer_run(ip_address, (uint16_t) numeric_port, handler);
1349    if (verbose) {    if (verbose) {
1350      printf("Stopping HTTP server\n");      printf("Stopping HTTP server\n");

Legend:
Removed from v.505  
changed lines
  Added in v.583

  ViewVC Help
Powered by ViewVC 1.1.24