Mercurial > hg > orthanc
comparison OrthancServer/main.cpp @ 3535:41365091a41e
display a security warning in the logs at startup when ExecuteLuaEnabled is true
| author | Alain Mazy <alain@mazy.be> |
|---|---|
| date | Sun, 06 Oct 2019 09:52:57 +0200 |
| parents | cac8ffcb9cef |
| children | 9cc09f4c0fa9 |
comparison
equal
deleted
inserted
replaced
| 3534:cac8ffcb9cef | 3535:41365091a41e |
|---|---|
| 896 } | 896 } |
| 897 else | 897 else |
| 898 { | 898 { |
| 899 httpServer.SetSslEnabled(false); | 899 httpServer.SetSslEnabled(false); |
| 900 } | 900 } |
| 901 | |
| 902 if (lock.GetConfiguration().GetBooleanParameter("ExecuteLuaEnabled", false)) | |
| 903 { | |
| 904 context.SetExecuteLuaEnabled(true); | |
| 905 LOG(WARNING) << "====> Remote LUA script execution is enabled. Review your configuration option \"ExecuteLuaEnabled\". " | |
| 906 << "Your setup is POSSIBLY INSECURE <===="; | |
| 907 } | |
| 908 else | |
| 909 { | |
| 910 context.SetExecuteLuaEnabled(false); | |
| 911 LOG(WARNING) << "Remote LUA script execution is disabled"; | |
| 912 } | |
| 901 } | 913 } |
| 902 | 914 |
| 903 MyHttpExceptionFormatter exceptionFormatter(httpDescribeErrors, plugins); | 915 MyHttpExceptionFormatter exceptionFormatter(httpDescribeErrors, plugins); |
| 904 | 916 |
| 905 httpServer.SetIncomingHttpRequestFilter(httpFilter); | 917 httpServer.SetIncomingHttpRequestFilter(httpFilter); |