diff options
author | Dan Fandrich <danf@mageia.org> | 2025-05-23 18:50:29 -0700 |
---|---|---|
committer | Dan Fandrich <danf@mageia.org> | 2025-05-23 18:58:07 -0700 |
commit | e7818b9d1f8957ed4ae02f22b1e11e681bf45549 (patch) | |
tree | fd308ff09fbdd1ad3edb0705a1f3853943ddf8a8 /modules/viewvc/manifests/init.pp | |
parent | de3c56d3dff7c23adf9e6f1b6ebd141dcfb4efdc (diff) | |
download | puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar.gz puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar.bz2 puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar.xz puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.zip |
Block expensive svnweb operations without a cookie
If an expensive request comes in from anyone without a cookie attached,
redirect to a page where the cookie is set using JavaScript, then
redirect back. This should block robots from these paths, most of which
do not support JavaScript. The collateral damage is that a JavaScript
browser is now required for users to access those paths. The contents
of the cookie is not currently checked, merely that it is set.
Diffstat (limited to 'modules/viewvc/manifests/init.pp')
-rw-r--r-- | modules/viewvc/manifests/init.pp | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/modules/viewvc/manifests/init.pp b/modules/viewvc/manifests/init.pp index 99acec90..e1d336c9 100644 --- a/modules/viewvc/manifests/init.pp +++ b/modules/viewvc/manifests/init.pp @@ -40,9 +40,18 @@ class viewvc { source => 'puppet:///modules/viewvc/robots.txt', } + file { "$viewvc_docroot/setcookieredirect.html": + ensure => present, + mode => '0644', + owner => root, + group => root, + source => 'puppet:///modules/viewvc/setcookieredirect.html', + } + $vhost_aliases = { '/viewvc' => $viewvc_docroot, '/robots.txt' => $robotsfile, + '/_check' => "$viewvc_docroot/setcookieredirect.html", } $script_aliases = { |