Mercurial > hg > orthanc
diff OrthancServer/OrthancRestApi/OrthancRestSystem.cpp @ 3535:41365091a41e
display a security warning in the logs at startup when ExecuteLuaEnabled is true
author | Alain Mazy <alain@mazy.be> |
---|---|
date | Sun, 06 Oct 2019 09:52:57 +0200 |
parents | cac8ffcb9cef |
children | 94f4a18a79cc |
line wrap: on
line diff
--- a/OrthancServer/OrthancRestApi/OrthancRestSystem.cpp Fri Oct 04 19:16:12 2019 +0200 +++ b/OrthancServer/OrthancRestApi/OrthancRestSystem.cpp Sun Oct 06 09:52:57 2019 +0200 @@ -139,22 +139,17 @@ static void ExecuteScript(RestApiPostCall& call) { - { - OrthancConfiguration::ReaderLock lock; + ServerContext& context = OrthancRestApi::GetContext(call); - static const char* const OPTION = "ExecuteLuaEnabled"; - if (!lock.GetConfiguration().GetBooleanParameter(OPTION, false)) - { - LOG(ERROR) << "The URI /tools/execute-script is disallowed for security, " - << "check value of configuration option \"" << OPTION << "\""; - call.GetOutput().SignalError(HttpStatus_403_Forbidden); - return; - } + if (!context.IsExecuteLuaEnabled()) + { + LOG(ERROR) << "The URI /tools/execute-script is disallowed for security, " + << "check your configuration file"; + call.GetOutput().SignalError(HttpStatus_403_Forbidden); + return; } std::string result; - ServerContext& context = OrthancRestApi::GetContext(call); - std::string command; call.BodyToString(command);