From 6a6f79adc4b7a463e05d17b86498bac99ce22432 Mon Sep 17 00:00:00 2001
From: gggeek <giunta.gaetano@gmail.com>
Date: Tue, 3 Jan 2023 11:52:42 +0000
Subject: [PATCH] prevent proxy server from being accidentally put into
 production

---
 demo/server/proxy.php | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/demo/server/proxy.php b/demo/server/proxy.php
index d70bf139..586fcbc7 100644
--- a/demo/server/proxy.php
+++ b/demo/server/proxy.php
@@ -12,11 +12,15 @@
 
 require_once __DIR__ . "/_prepend.php";
 
+// *** NB: WE BLOCK THIS FROM RUNNING BY DEFAULT IN CASE ACCESS IS GRANTED TO IT IN PRODUCTION BY MISTAKE ***
+// Comment out the following safeguard if you want to use it as is, but remember: this is an open relay !!!
+if (!defined('TESTMODE')) {
+    die("Server disabled by default for safety");
+}
+
 /**
  * Forward an xmlrpc request to another server, and return to client the response received.
  *
- * DO NOT RUN AS IS IN PRODUCTION - this is an open relay !!!
- *
  * @param PhpXmlRpc\Request $req (see method docs below for a description of the expected parameters)
  *
  * @return PhpXmlRpc\Response
@@ -38,8 +42,10 @@ function forward_request($req)
         foreach ($options as $key => $val) {
             switch ($key) {
                 case 'Cookie':
+                    /// @todo add support for this if needed
                     break;
                 case 'Credentials':
+                    /// @todo add support for this as well if needed
                     break;
                 case 'RequestCompression':
                     $client->setRequestCompression($val);
-- 
2.47.0