/**
* Test
*
* @return void
*
*/
public function testCheckEmpty()
{
$whitelist = new CWhitelist();
$whitelist->set($this->remote_whitelist);
$hostname = "";
$res = $whitelist->check($hostname);
$this->assertFalse($res, "Should not be a valid hostname on the whitelist: '{$hostname}'.");
}
public function isRemoteSourceOnWhitelist($src)
{
if (is_null($this->remoteHostWhitelist)) {
$this->log("Remote host on whitelist not configured - allowing.");
return true;
}
$whitelist = new CWhitelist();
$hostname = parse_url($src, PHP_URL_HOST);
$allow = $whitelist->check($hostname, $this->remoteHostWhitelist);
$this->log("Remote host is on whitelist: " . ($allow ? "true" : "false"));
return $allow;
}
$serverName = isset($_SERVER['SERVER_NAME']) ? $_SERVER['SERVER_NAME'] : null;
$referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : null;
$refererHost = parse_url($referer, PHP_URL_HOST);
if (!$allowHotlinking) {
if ($passwordMatch) {
// Always allow when password match
verbose("Hotlinking since passwordmatch");
} elseif ($passwordMatch === false) {
errorPage("Hotlinking/leeching not allowed when password missmatch.", 403);
} elseif (!$referer) {
errorPage("Hotlinking/leeching not allowed and referer is missing.", 403);
} elseif (strcmp($serverName, $refererHost) == 0) {
// Allow when serverName matches refererHost
verbose("Hotlinking disallowed but serverName matches refererHost.");
} elseif (!empty($hotlinkingWhitelist)) {
$whitelist = new CWhitelist();
$allowedByWhitelist = $whitelist->check($refererHost, $hotlinkingWhitelist);
if ($allowedByWhitelist) {
verbose("Hotlinking/leeching allowed by whitelist.");
} else {
errorPage("Hotlinking/leeching not allowed by whitelist. Referer: {$referer}.", 403);
}
} else {
errorPage("Hotlinking/leeching not allowed.", 403);
}
}
verbose("allow_hotlinking = {$allowHotlinking}");
verbose("referer = {$referer}");
verbose("referer host = {$refererHost}");
/**
* Get the source files.
