From: gggeek Date: Tue, 3 Jan 2023 11:52:42 +0000 (+0000) Subject: prevent proxy server from being accidentally put into production X-Git-Tag: 4.9.4~32 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=6a6f79adc4b7a463e05d17b86498bac99ce22432;p=plcapi.git prevent proxy server from being accidentally put into production --- diff --git a/demo/server/proxy.php b/demo/server/proxy.php index d70bf139..586fcbc7 100644 --- a/demo/server/proxy.php +++ b/demo/server/proxy.php @@ -12,11 +12,15 @@ require_once __DIR__ . "/_prepend.php"; +// *** NB: WE BLOCK THIS FROM RUNNING BY DEFAULT IN CASE ACCESS IS GRANTED TO IT IN PRODUCTION BY MISTAKE *** +// Comment out the following safeguard if you want to use it as is, but remember: this is an open relay !!! +if (!defined('TESTMODE')) { + die("Server disabled by default for safety"); +} + /** * Forward an xmlrpc request to another server, and return to client the response received. * - * DO NOT RUN AS IS IN PRODUCTION - this is an open relay !!! - * * @param PhpXmlRpc\Request $req (see method docs below for a description of the expected parameters) * * @return PhpXmlRpc\Response @@ -38,8 +42,10 @@ function forward_request($req) foreach ($options as $key => $val) { switch ($key) { case 'Cookie': + /// @todo add support for this if needed break; case 'Credentials': + /// @todo add support for this as well if needed break; case 'RequestCompression': $client->setRequestCompression($val);