commit b0540a518beecca4e7262e1b2d7aa986782030c9
parent d9abea41e943f8db1b580dec8e9efba805a3aab1
Author: dankert <devnull@localhost>
Date: Sat, 20 Jan 2007 16:24:53 +0100
Erweiterung um Registrierung.
Diffstat:
1 file changed, 22 insertions(+), 5 deletions(-)
diff --git a/doc/examples/mod-security.conf b/doc/examples/mod-security.conf
@@ -66,7 +66,7 @@
# Parameter Whitelist
- SecFilterSelective ARGS_NAMES "!^(targetSubAction|subaction|action|oi|id|login_name|login_password|elementid|dbid|ok|screenwidth|src|text|obj[0-9]+|type|valueid|release|objectid1|objectid2|commit|ids)$"
+ SecFilterSelective ARGS_NAMES "!^(targetSubAction|subaction|action|oi|id|login_name|login_password|elementid|dbid|ok|screenwidth|src|text|obj[0-9]+|type|valueid|release|objectid1|objectid2|commit|ids|groupid|username|name|fullname|desc|tel|ldap_dn|style|is_admin|ok|act_password|password1?|password2|e?mail|random|timeout|code|confirm)$"
@@ -75,17 +75,34 @@
SecFilterSelective ARG_login_name "!^[A-Za-z0-9_-]*$"
SecFilterSelective ARG_login_password "!^[A-Za-z0-9_-]*$"
+ SecFilterSelective ARG_password1 "!^[A-Za-z0-9_-]*$"
+ SecFilterSelective ARG_password2 "!^[A-Za-z0-9_-]*$"
SecFilterSelective ARG_action "!^[a-z]*$"
SecFilterSelective ARG_subaction "!^[a-z]*$"
SecFilterSelective ARG_oi "!^[a-f0-9]*$"
SecFilterSelective ARG_elementid "!^[0-9]*$"
+ SecFilterSelective ARG_objectid1 "!^[0-9]*$"
+ SecFilterSelective ARG_objectid2 "!^[0-9]*$"
SecFilterSelective ARG_dbid "!^[a-zA-Z0-9_-]*$"
+ SecFilterSelective ARG_tel "!^[a-zA-Z0-9_-]*$"
+ SecFilterSelective ARG_desc "!^[a-zA-Z0-9_-]*$"
+ SecFilterSelective ARG_mail "!^[a-zA-Z0-9_\.@-]*$"
+
+ SecFilterSelective ARG_style "!^[a-zA-Z0-9_-]*$"
+ SecFilterSelective ARG_ldap_dn "!^[a-zA-Z0-9_=;-]*$"
+ SecFilterSelective ARG_is_admin "!^1?$"
+ SecFilterSelective ARG_email "!^1?$"
+ SecFilterSelective ARG_random "!^1?$"
+ SecFilterSelective ARG_timeout "!^1?$"
# Aktionen
+ SecFilterSelective ARG_action "^index$" chain
+ SecFilterSelective ARG_subaction "^(|project|object|projectmenu|administration|changepassword|register|registercode|registercommit|password|showlogin|login|logout|setnewpassword)$" allow
+
SecFilterSelective ARG_action "^folder$" chain
SecFilterSelective ARG_subaction "^(|show|save|create|pub|prop|rights|createnewpage|createnewfolder|createnewlink|createnewfile|edit|changesequence|multiple)$" allow
@@ -98,9 +115,6 @@
SecFilterSelective ARG_action "^link$" chain
SecFilterSelective ARG_subaction "^(|show|save|pub|prop|rights)$" allow
- SecFilterSelective ARG_action "^index$" chain
- SecFilterSelective ARG_subaction "^(|project|object|projectmenu|administration|changepassword|register|password|showlogin|login|logout)$" allow
-
SecFilterSelective ARG_action "^pageelement$" chain
SecFilterSelective ARG_subaction "^(|save|editlink|editlongtext|archivelink|archivelongtext|diff)$" allow
@@ -138,11 +152,14 @@
SecFilterSelective ARG_subaction "^(|listing|edit|save|add|remove|maintanance)$" allow
SecFilterSelective ARG_action "^user$" chain
- SecFilterSelective ARG_subaction "^(|listing|edit|save|add|remove|groups|pw|rights)$" allow
+ SecFilterSelective ARG_subaction "^(|listing|edit|save|add|remove|groups|pw|rights|pwchange|addgrouptouser|delete)$" allow
SecFilterSelective ARG_action "^group$" chain
SecFilterSelective ARG_subaction "^(|listing|edit|save|add|remove|users)$" allow
+ SecFilterSelective ARG_action "^profile$" chain
+ SecFilterSelective ARG_subaction "^(|saveprofile|savepw)$" allow
+
# Fallback: Alles ablehnen.
