Mercurial > hg > orthanc
comparison OrthancServer/Sources/main.cpp @ 5200:f8f1c4a9a216
New configuration option 'RestApiWriteToFileSystemEnabled'
author | Alain Mazy <am@osimis.io> |
---|---|
date | Wed, 29 Mar 2023 11:23:37 +0200 |
parents | 0ea402b4d901 |
children | 345dac17a349 |
comparison
equal
deleted
inserted
replaced
5195:32df369198ac | 5200:f8f1c4a9a216 |
---|---|
1170 { | 1170 { |
1171 context.SetExecuteLuaEnabled(false); | 1171 context.SetExecuteLuaEnabled(false); |
1172 LOG(WARNING) << "Remote LUA script execution is disabled"; | 1172 LOG(WARNING) << "Remote LUA script execution is disabled"; |
1173 } | 1173 } |
1174 | 1174 |
1175 if (lock.GetConfiguration().GetBooleanParameter("RestApiWriteToFileSystemEnabled", false)) | |
1176 { | |
1177 context.SetRestApiWriteToFileSystemEnabled(true); | |
1178 LOG(WARNING) << "====> Your Rest API can write to the FileSystem. Review your configuration option \"RestApiWriteToFileSystemEnabled\". " | |
1179 << "Your setup is POSSIBLY INSECURE <===="; | |
1180 } | |
1181 else | |
1182 { | |
1183 context.SetRestApiWriteToFileSystemEnabled(false); | |
1184 LOG(WARNING) << "Rest API can not write to the file system."; | |
1185 } | |
1186 | |
1175 if (lock.GetConfiguration().GetBooleanParameter("WebDavEnabled", true)) | 1187 if (lock.GetConfiguration().GetBooleanParameter("WebDavEnabled", true)) |
1176 { | 1188 { |
1177 const bool allowDelete = lock.GetConfiguration().GetBooleanParameter("WebDavDeleteAllowed", false); | 1189 const bool allowDelete = lock.GetConfiguration().GetBooleanParameter("WebDavDeleteAllowed", false); |
1178 const bool allowUpload = lock.GetConfiguration().GetBooleanParameter("WebDavUploadAllowed", true); | 1190 const bool allowUpload = lock.GetConfiguration().GetBooleanParameter("WebDavUploadAllowed", true); |
1179 | 1191 |