Mercurial > hg > orthanc
diff Core/WebServiceParameters.cpp @ 2669:eaf10085ffa1 jobs
no passwords in public content of jobs
author | Sebastien Jodogne <s.jodogne@gmail.com> |
---|---|
date | Sat, 09 Jun 2018 14:15:32 +0200 |
parents | c27f7ecf9b54 |
children | d67298eec14e |
line wrap: on
line diff
--- a/Core/WebServiceParameters.cpp Fri Jun 08 18:08:48 2018 +0200 +++ b/Core/WebServiceParameters.cpp Sat Jun 09 14:15:32 2018 +0200 @@ -130,6 +130,11 @@ SetUsername(""); SetPassword(""); } + else if (peer.size() == 2) + { + LOG(ERROR) << "The HTTP password is not provided"; + throw OrthancException(ErrorCode_BadFileFormat); + } else if (peer.size() == 3) { SetUsername(peer.get(1u, "").asString()); @@ -178,12 +183,25 @@ SetUsername(GetStringMember(peer, "Username", "")); SetPassword(GetStringMember(peer, "Password", "")); + if (!username_.empty() && + !peer.isMember("Password")) + { + LOG(ERROR) << "The HTTP password is not provided"; + throw OrthancException(ErrorCode_BadFileFormat); + } + #if ORTHANC_SANDBOXED == 0 if (peer.isMember("CertificateFile")) { SetClientCertificate(GetStringMember(peer, "CertificateFile", ""), GetStringMember(peer, "CertificateKeyFile", ""), GetStringMember(peer, "CertificateKeyPassword", "")); + + if (!peer.isMember("CertificateKeyPassword")) + { + LOG(ERROR) << "The password for the HTTPS certificate is not provided"; + throw OrthancException(ErrorCode_BadFileFormat); + } } #endif @@ -229,7 +247,8 @@ } - void WebServiceParameters::ToJson(Json::Value& value) const + void WebServiceParameters::ToJson(Json::Value& value, + bool includePasswords) const { if (advancedFormat_) { @@ -240,7 +259,11 @@ !password_.empty()) { value["Username"] = username_; - value["Password"] = password_; + + if (includePasswords) + { + value["Password"] = password_; + } } if (!certificateFile_.empty()) @@ -253,7 +276,8 @@ value["CertificateKeyFile"] = certificateKeyFile_; } - if (!certificateKeyPassword_.empty()) + if (!certificateKeyPassword_.empty() && + includePasswords) { value["CertificateKeyPassword"] = certificateKeyPassword_; } @@ -267,7 +291,11 @@ !password_.empty()) { value.append(username_); - value.append(password_); + + if (includePasswords) + { + value.append(password_); + } } } } @@ -283,6 +311,7 @@ target["CertificateKeyFile"] = certificateKeyFile_; target["CertificateKeyPassword"] = certificateKeyPassword_; target["PKCS11"] = pkcs11Enabled_; + target["AdvancedFormat"] = advancedFormat_; } @@ -304,5 +333,6 @@ } pkcs11Enabled_ = SerializationToolbox::ReadBoolean(serialized, "PKCS11"); + advancedFormat_ = SerializationToolbox::ReadBoolean(serialized, "AdvancedFormat"); } }