Merge pull request #5899 from annando/avoid-flooding
Avoid beeing flooded by invalid requests
This commit is contained in:
commit
14e7686df4
|
@ -46,6 +46,10 @@ if ($a->isMaxProcessesReached() || $a->isMaxLoadReached()) {
|
||||||
System::httpExit(503, ['title' => 'Error 503 - Service Temporarily Unavailable', 'description' => 'System is currently overloaded. Please try again later.']);
|
System::httpExit(503, ['title' => 'Error 503 - Service Temporarily Unavailable', 'description' => 'System is currently overloaded. Please try again later.']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (strstr($a->query_string, '.well-known/host-meta') and ($a->query_string != '.well-known/host-meta')) {
|
||||||
|
System::httpExit(404);
|
||||||
|
}
|
||||||
|
|
||||||
if (!$a->getMode()->isInstall()) {
|
if (!$a->getMode()->isInstall()) {
|
||||||
if (Config::get('system', 'force_ssl') && ($a->getScheme() == "http")
|
if (Config::get('system', 'force_ssl') && ($a->getScheme() == "http")
|
||||||
&& (intval(Config::get('system', 'ssl_policy')) == SSL_POLICY_FULL)
|
&& (intval(Config::get('system', 'ssl_policy')) == SSL_POLICY_FULL)
|
||||||
|
|
|
@ -13,7 +13,7 @@ function xrd_init(App $a)
|
||||||
{
|
{
|
||||||
if ($a->argv[0] == 'xrd') {
|
if ($a->argv[0] == 'xrd') {
|
||||||
if (empty($_GET['uri'])) {
|
if (empty($_GET['uri'])) {
|
||||||
killme();
|
System::httpExit(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$uri = urldecode(notags(trim($_GET['uri'])));
|
$uri = urldecode(notags(trim($_GET['uri'])));
|
||||||
|
@ -24,7 +24,7 @@ function xrd_init(App $a)
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (empty($_GET['resource'])) {
|
if (empty($_GET['resource'])) {
|
||||||
killme();
|
System::httpExit(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$uri = urldecode(notags(trim($_GET['resource'])));
|
$uri = urldecode(notags(trim($_GET['resource'])));
|
||||||
|
@ -48,7 +48,7 @@ function xrd_init(App $a)
|
||||||
|
|
||||||
$user = DBA::selectFirst('user', [], ['nickname' => $name]);
|
$user = DBA::selectFirst('user', [], ['nickname' => $name]);
|
||||||
if (!DBA::isResult($user)) {
|
if (!DBA::isResult($user)) {
|
||||||
killme();
|
System::httpExit(404);
|
||||||
}
|
}
|
||||||
|
|
||||||
$profile_url = System::baseUrl().'/profile/'.$user['nickname'];
|
$profile_url = System::baseUrl().'/profile/'.$user['nickname'];
|
||||||
|
|
Loading…
Reference in a new issue