diff options
author | manu@netbsd.org <manu@netbsd.org@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2009-11-13 15:22:10 +0000 |
---|---|---|
committer | manu@netbsd.org <manu@netbsd.org@a716ebb1-153a-0410-b759-cfb97c6a1b53> | 2009-11-13 15:22:10 +0000 |
commit | 2a0c1327b861741efb9d3b9812fb3003bb8db7ca (patch) | |
tree | 58b18a7322d567b1835d92bab9002a094f51824b | |
parent | a4a155c031a846dc2ba46afa612b185d5e93df0b (diff) | |
download | mod_auth_mellon-2a0c1327b861741efb9d3b9812fb3003bb8db7ca.tar.gz mod_auth_mellon-2a0c1327b861741efb9d3b9812fb3003bb8db7ca.tar.xz mod_auth_mellon-2a0c1327b861741efb9d3b9812fb3003bb8db7ca.zip |
Require a session for accessing the repost endpoint
git-svn-id: https://modmellon.googlecode.com/svn/trunk@72 a716ebb1-153a-0410-b759-cfb97c6a1b53
-rw-r--r-- | auth_mellon_handler.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/auth_mellon_handler.c b/auth_mellon_handler.c index 66efce3..1c29b2d 100644 --- a/auth_mellon_handler.c +++ b/auth_mellon_handler.c @@ -1864,6 +1864,12 @@ static int am_handle_repost(request_rec *r) char *return_url; const char *(*post_mkform)(request_rec *, const char *); + if (am_cookie_get(r) == NULL) { + ap_log_rerror(APLOG_MARK, APLOG_ERR, 0, r, + "Repost query without a session"); + return HTTP_FORBIDDEN; + } + mod_cfg = am_get_mod_cfg(r->server); query = r->parsed_uri.query; |