Mercurial > hg > orthanc

comparison OrthancServer/Sources/main.cpp @ 5200:f8f1c4a9a216

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
New configuration option 'RestApiWriteToFileSystemEnabled'
author Alain Mazy <am@osimis.io>
date Wed, 29 Mar 2023 11:23:37 +0200
parents 0ea402b4d901
children 345dac17a349
comparison
equal deleted inserted replaced
5195:32df369198ac 5200:f8f1c4a9a216
1170 { 1170 {
1171 context.SetExecuteLuaEnabled(false); 1171 context.SetExecuteLuaEnabled(false);
1172 LOG(WARNING) << "Remote LUA script execution is disabled"; 1172 LOG(WARNING) << "Remote LUA script execution is disabled";
1173 } 1173 }
1174 1174
1175 if (lock.GetConfiguration().GetBooleanParameter("RestApiWriteToFileSystemEnabled", false))
1176 {
1177 context.SetRestApiWriteToFileSystemEnabled(true);
1178 LOG(WARNING) << "====> Your Rest API can write to the FileSystem. Review your configuration option \"RestApiWriteToFileSystemEnabled\". "
1179 << "Your setup is POSSIBLY INSECURE <====";
1180 }
1181 else
1182 {
1183 context.SetRestApiWriteToFileSystemEnabled(false);
1184 LOG(WARNING) << "Rest API can not write to the file system.";
1185 }
1186
1175 if (lock.GetConfiguration().GetBooleanParameter("WebDavEnabled", true)) 1187 if (lock.GetConfiguration().GetBooleanParameter("WebDavEnabled", true))
1176 { 1188 {
1177 const bool allowDelete = lock.GetConfiguration().GetBooleanParameter("WebDavDeleteAllowed", false); 1189 const bool allowDelete = lock.GetConfiguration().GetBooleanParameter("WebDavDeleteAllowed", false);
1178 const bool allowUpload = lock.GetConfiguration().GetBooleanParameter("WebDavUploadAllowed", true); 1190 const bool allowUpload = lock.GetConfiguration().GetBooleanParameter("WebDavUploadAllowed", true);
1179 1191