diff --git a/OpenSim/Framework/Console/RemoteConsole.cs b/OpenSim/Framework/Console/RemoteConsole.cs index 7eb289ba72..07de27a2fc 100644 --- a/OpenSim/Framework/Console/RemoteConsole.cs +++ b/OpenSim/Framework/Console/RemoteConsole.cs @@ -32,6 +32,7 @@ using System.Collections.Generic; using System.Diagnostics; using System.Reflection; using System.Text; +using System.Text.RegularExpressions; using System.Threading; using OpenMetaverse; using Nini.Config; @@ -62,6 +63,7 @@ namespace OpenSim.Framework.Console new Dictionary(); private string m_UserName = String.Empty; private string m_Password = String.Empty; + private string m_AllowedOrigin = String.Empty; public RemoteConsole(string defaultPrompt) : base(defaultPrompt) { @@ -77,6 +79,7 @@ namespace OpenSim.Framework.Console m_UserName = netConfig.GetString("ConsoleUser", String.Empty); m_Password = netConfig.GetString("ConsolePass", String.Empty); + m_AllowedOrigin = netConfig.GetString("ConsoleAllowedOrigin", String.Empty); } public void SetServer(IHttpServer server) @@ -150,6 +153,29 @@ namespace OpenSim.Framework.Console return cmdinput; } + private Hashtable CheckOrigin(Hashtable result) + { + if (!string.IsNullOrEmpty(m_AllowedOrigin)) + result["access_control_allow_origin"] = m_AllowedOrigin; + return result; + } + /* TODO: Figure out how PollServiceHTTPHandler can access the request headers + * in order to use m_AllowedOrigin as a regular expression + private Hashtable CheckOrigin(Hashtable headers, Hashtable result) + { + if (!string.IsNullOrEmpty(m_AllowedOrigin)) + { + if (headers.ContainsKey("origin")) + { + string origin = headers["origin"].ToString(); + if (Regex.IsMatch(origin, m_AllowedOrigin)) + result["access_control_allow_origin"] = origin; + } + } + return result; + } + */ + private void DoExpire() { List expired = new List(); @@ -235,6 +261,7 @@ namespace OpenSim.Framework.Console reply["str_response_string"] = xmldoc.InnerXml; reply["int_response_code"] = 200; reply["content_type"] = "text/xml"; + reply = CheckOrigin(reply); return reply; } @@ -289,6 +316,7 @@ namespace OpenSim.Framework.Console reply["str_response_string"] = xmldoc.InnerXml; reply["int_response_code"] = 200; reply["content_type"] = "text/xml"; + reply = CheckOrigin(reply); return reply; } @@ -344,6 +372,7 @@ namespace OpenSim.Framework.Console reply["str_response_string"] = xmldoc.InnerXml; reply["int_response_code"] = 200; reply["content_type"] = "text/xml"; + reply = CheckOrigin(reply); return reply; } @@ -457,6 +486,7 @@ namespace OpenSim.Framework.Console result["content_type"] = "application/xml"; result["keepalive"] = false; result["reusecontext"] = false; + result = CheckOrigin(result); return result; } @@ -480,6 +510,7 @@ namespace OpenSim.Framework.Console result["content_type"] = "text/xml"; result["keepalive"] = false; result["reusecontext"] = false; + result = CheckOrigin(result); return result; } diff --git a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs index ba8c1941a8..30505f6a5b 100644 --- a/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs +++ b/OpenSim/Framework/Servers/HttpServer/BaseHttpServer.cs @@ -1450,6 +1450,10 @@ namespace OpenSim.Framework.Servers.HttpServer if (responsedata.ContainsKey("reusecontext")) response.ReuseContext = (bool) responsedata["reusecontext"]; + // Cross-Origin Resource Sharing with simple requests + if (responsedata.ContainsKey("access_control_allow_origin")) + response.AddHeader("Access-Control-Allow-Origin", (string)responsedata["access_control_allow_origin"]); + //Even though only one other part of the entire code uses HTTPHandlers, we shouldn't expect this //and should check for NullReferenceExceptions