From c1f65174714f13e7047868e5c1ba33454d5fabab Mon Sep 17 00:00:00 2001 From: xia-chu <771730766@qq.com> Date: Thu, 27 Jul 2023 15:39:43 +0800 Subject: [PATCH] =?UTF-8?q?=E5=9C=A8=E5=BC=80=E5=90=AFon=5Fhttp=5Faccess?= =?UTF-8?q?=20hook=E6=97=B6=EF=BC=8C=E8=AE=BF=E9=97=AEhttp=E6=96=87?= =?UTF-8?q?=E4=BB=B6(=E6=88=96=E7=9B=AE=E5=BD=95)ip=E7=99=BD=E5=90=8D?= =?UTF-8?q?=E5=8D=95=E6=9C=BA=E5=88=B6=E4=B8=8D=E7=94=9F=E6=95=88?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit on_http_access hook优先级更高,关闭on_http_access hook时才采用ip白名单机制,防止两种鉴权机制间的冲突 --- server/WebHook.cpp | 6 +++++- src/Http/HttpFileManager.cpp | 5 ----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/server/WebHook.cpp b/server/WebHook.cpp index c185444b..23fd7c4a 100755 --- a/server/WebHook.cpp +++ b/server/WebHook.cpp @@ -625,7 +625,11 @@ void installWebHook() { if (!hook_enable || hook_http_access.empty()) { // 未开启http文件访问鉴权,那么允许访问,但是每次访问都要鉴权; // 因为后续随时都可能开启鉴权(重载配置文件后可能重新开启鉴权) - invoker("", "", 0); + if (!HttpFileManager::isIPAllowed(sender.get_peer_ip())) { + invoker("Your ip is not allowed to access the service.", "", 0); + } else { + invoker("", "", 0); + } return; } diff --git a/src/Http/HttpFileManager.cpp b/src/Http/HttpFileManager.cpp index cd3ca62c..52f8fabd 100644 --- a/src/Http/HttpFileManager.cpp +++ b/src/Http/HttpFileManager.cpp @@ -382,11 +382,6 @@ static void canAccessPath(Session &sender, const Parser &parser, const MediaInfo return; } - if (!HttpFileManager::isIPAllowed(sender.get_peer_ip())) { - callback("Your ip is not allowed to access the service.", nullptr); - return; - } - // 事件未被拦截,则认为是http下载请求 bool flag = NoticeCenter::Instance().emitEvent(Broadcast::kBroadcastHttpAccess, parser, path, is_dir, accessPathInvoker, static_cast(sender)); if (!flag) {