aboutsummaryrefslogtreecommitdiffstats
path: root/modules/viewvc/manifests/init.pp
diff options
context:
space:
mode:
authorDan Fandrich <danf@mageia.org>2025-05-23 18:50:29 -0700
committerDan Fandrich <danf@mageia.org>2025-05-23 18:58:07 -0700
commite7818b9d1f8957ed4ae02f22b1e11e681bf45549 (patch)
treefd308ff09fbdd1ad3edb0705a1f3853943ddf8a8 /modules/viewvc/manifests/init.pp
parentde3c56d3dff7c23adf9e6f1b6ebd141dcfb4efdc (diff)
downloadpuppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar
puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar.gz
puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar.bz2
puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.tar.xz
puppet-e7818b9d1f8957ed4ae02f22b1e11e681bf45549.zip
Block expensive svnweb operations without a cookie
If an expensive request comes in from anyone without a cookie attached, redirect to a page where the cookie is set using JavaScript, then redirect back. This should block robots from these paths, most of which do not support JavaScript. The collateral damage is that a JavaScript browser is now required for users to access those paths. The contents of the cookie is not currently checked, merely that it is set.
Diffstat (limited to 'modules/viewvc/manifests/init.pp')
-rw-r--r--modules/viewvc/manifests/init.pp9
1 files changed, 9 insertions, 0 deletions
diff --git a/modules/viewvc/manifests/init.pp b/modules/viewvc/manifests/init.pp
index 99acec90..e1d336c9 100644
--- a/modules/viewvc/manifests/init.pp
+++ b/modules/viewvc/manifests/init.pp
@@ -40,9 +40,18 @@ class viewvc {
source => 'puppet:///modules/viewvc/robots.txt',
}
+ file { "$viewvc_docroot/setcookieredirect.html":
+ ensure => present,
+ mode => '0644',
+ owner => root,
+ group => root,
+ source => 'puppet:///modules/viewvc/setcookieredirect.html',
+ }
+
$vhost_aliases = {
'/viewvc' => $viewvc_docroot,
'/robots.txt' => $robotsfile,
+ '/_check' => "$viewvc_docroot/setcookieredirect.html",
}
$script_aliases = {