From: <de...@de...> - 2007-03-19 05:09:38
|
Author: PeterThoeny Date: 2007-03-19 00:09:37 -0500 (Mon, 19 Mar 2007) New Revision: 13185 Modified: twiki/branches/MAIN/twikiplugins/BlackListPlugin/data/TWiki/BlackListPlugin.txt twiki/branches/MAIN/twikiplugins/BlackListPlugin/lib/TWiki/Plugins/BlackListPlugin.pm Log: Item2391: Support for TWiki 4.2 (using new TWiki::Func::getExternalResource) Modified: twiki/branches/MAIN/twikiplugins/BlackListPlugin/data/TWiki/BlackListPlugin.txt =================================================================== --- twiki/branches/MAIN/twikiplugins/BlackListPlugin/data/TWiki/BlackListPlugin.txt 2007-03-19 00:16:28 UTC (rev 13184) +++ twiki/branches/MAIN/twikiplugins/BlackListPlugin/data/TWiki/BlackListPlugin.txt 2007-03-19 05:09:37 UTC (rev 13185) @@ -1,4 +1,4 @@ -%META:TOPICINFO{author="PeterThoeny" date="1174266362" format="1.0" version="1.18"}% +%META:TOPICINFO{author="PeterThoeny" date="1174266422" format="1.0" version="1.18"}% ---+!! Black List Plugin %TOC% @@ -144,9 +144,9 @@ ---++ Plugin Info | Plugin Author: | TWiki:Main/PeterThoeny | -| Plugin Version: | 18 Mar 2007 (r13184) | +| Plugin Version: | 18 Mar 2007 (r13185) | | Change History: | <!-- versions below in reverse order --> | -| 18 Mar 2007: | Scan for evil script eval() and escape() in topic text and attachments | +| 18 Mar 2007: | Scan for evil script eval() and escape() in topic text and attachments; support for TWiki 4.2 (using new =TWiki::Func::getExternalResource=) | | 28 Dec 2006: | Fixed bug where EXCLUDELIST pattern was removing only part of a wiki-spam pattern | | 27 Dec 2006: | Support for TWiki 4.1 | | 01 Jul 2006: | Added EXCLUDELIST; scan for evil script eval in attachments; scan also .js and .css attachments; fixed writeLog error on Cairo | Modified: twiki/branches/MAIN/twikiplugins/BlackListPlugin/lib/TWiki/Plugins/BlackListPlugin.pm =================================================================== --- twiki/branches/MAIN/twikiplugins/BlackListPlugin/lib/TWiki/Plugins/BlackListPlugin.pm 2007-03-19 00:16:28 UTC (rev 13184) +++ twiki/branches/MAIN/twikiplugins/BlackListPlugin/lib/TWiki/Plugins/BlackListPlugin.pm 2007-03-19 05:09:37 UTC (rev 13185) @@ -274,7 +274,7 @@ # check for evil eval() or escape() spam in <script> my $text = TWiki::Func::readFile( $tmpFilename ); - if( $text =~ /<script.*?(eval|escape) *\(.*?<\/script>/gis ) { + if( $_[0] =~ /<script.*?(eval|escape) *\(.*?<\/script>/gis ) { _oopsMessage( "topic", "script eval() or escape()", $remoteAddr ); } @@ -409,10 +409,14 @@ } elsif( $TWiki::Plugins::VERSION < 1.11 ) { # TWiki 4.0 $text = $TWiki::Plugins::SESSION->{net}->getUrl( $host, $port, $path ); + } elsif( $TWiki::Plugins::VERSION < 1.12 ) { + # TWiki 4.1 + $text = TWiki::Plugins::SESSION->{net}->getUrl( 'http', $host, $port, $path ); } else { - # TWiki 4.1 - $text = $TWiki::Plugins::SESSION->{net}->getUrl( 'http', $host, $port, $path ); - } # else FIXME once TWiki::Func::getUrl is available + # TWiki 4.2 + my $response = TWiki::Func::getExternalResource( "http://$host:$port/$path" ); + $text = $response->content() unless( $response->is_error() ); + } if( $text =~ /text\/plain\s*ERROR\: (.*)/s ) { my $msg = $1; |