diff OrthancServer/Sources/OrthancRestApi/OrthancRestResources.cpp @ 5200:f8f1c4a9a216

New configuration option 'RestApiWriteToFileSystemEnabled'
author Alain Mazy <am@osimis.io>
date Wed, 29 Mar 2023 11:23:37 +0200
parents 0ea402b4d901
children d0f7c742d397
line wrap: on
line diff
--- a/OrthancServer/Sources/OrthancRestApi/OrthancRestResources.cpp	Tue Mar 28 10:48:13 2023 +0200
+++ b/OrthancServer/Sources/OrthancRestApi/OrthancRestResources.cpp	Wed Mar 29 11:23:37 2023 +0200
@@ -428,7 +428,12 @@
       call.GetDocumentation()
         .SetTag("Instances")
         .SetSummary("Write DICOM onto filesystem")
-        .SetDescription("Write the DICOM file onto the filesystem where Orthanc is running")
+        .SetDescription("Write the DICOM file onto the filesystem where Orthanc is running.  This is insecure for "
+                        "Orthanc servers that are remotely accessible since one could overwrite any system file.  "
+                        "Since Orthanc 1.12.0, this route is disabled by default and can be enabled thanks to "
+                        "the `RestApiWriteToFileSystemEnabled` configuration.")
+        .AddRequestType(MimeType_PlainText, "The Lua script to be executed")
+
         .SetUriArgument("id", "Orthanc identifier of the DICOM instance of interest")
         .AddRequestType(MimeType_PlainText, "Target path on the filesystem");
       return;
@@ -436,6 +441,14 @@
 
     ServerContext& context = OrthancRestApi::GetContext(call);
 
+    if (!context.IsRestApiWriteToFileSystemEnabled())
+    {
+      LOG(ERROR) << "The URI /instances/../export is disallowed for security, "
+                 << "check your configuration option `RestApiWriteToFileSystemEnabled`";
+      call.GetOutput().SignalError(HttpStatus_403_Forbidden);
+      return;
+    }
+
     std::string publicId = call.GetUriComponent("id", "");
 
     std::string dicom;