Mercurial > hg > orthanc
comparison OrthancServer/main.cpp @ 3535:41365091a41e
display a security warning in the logs at startup when ExecuteLuaEnabled is true
author | Alain Mazy <alain@mazy.be> |
---|---|
date | Sun, 06 Oct 2019 09:52:57 +0200 |
parents | cac8ffcb9cef |
children | 9cc09f4c0fa9 |
comparison
equal
deleted
inserted
replaced
3534:cac8ffcb9cef | 3535:41365091a41e |
---|---|
896 } | 896 } |
897 else | 897 else |
898 { | 898 { |
899 httpServer.SetSslEnabled(false); | 899 httpServer.SetSslEnabled(false); |
900 } | 900 } |
901 | |
902 if (lock.GetConfiguration().GetBooleanParameter("ExecuteLuaEnabled", false)) | |
903 { | |
904 context.SetExecuteLuaEnabled(true); | |
905 LOG(WARNING) << "====> Remote LUA script execution is enabled. Review your configuration option \"ExecuteLuaEnabled\". " | |
906 << "Your setup is POSSIBLY INSECURE <===="; | |
907 } | |
908 else | |
909 { | |
910 context.SetExecuteLuaEnabled(false); | |
911 LOG(WARNING) << "Remote LUA script execution is disabled"; | |
912 } | |
901 } | 913 } |
902 | 914 |
903 MyHttpExceptionFormatter exceptionFormatter(httpDescribeErrors, plugins); | 915 MyHttpExceptionFormatter exceptionFormatter(httpDescribeErrors, plugins); |
904 | 916 |
905 httpServer.SetIncomingHttpRequestFilter(httpFilter); | 917 httpServer.SetIncomingHttpRequestFilter(httpFilter); |