Fossil SCM
/wikiedit can now be opened if the user has at least RdWiki permissions, primarily to allow access to the Sandbox for pikchr experimentation. A user without WrWiki still cannot save anything, and users without RdWiki cannot open it at all because it would give them access to the list of wiki pages, which they otherwise aren't privvy to without RdWiki. Also added a RdWiki check to the internal wikiedit ajax routes, as those could have potentially leaked pages to unprivileged users who decoded their internal ajax interfaces.
Commit
bff3df00b80ffe478b89cf2a143445cf0b203f5d279c2bf79db1488d9f44bf9f
Parent
2ffd9dd1bfd9d02…
1 file changed
+13
-5
+13
-5
| --- src/wiki.c | ||
| +++ src/wiki.c | ||
| @@ -1071,10 +1071,13 @@ | ||
| 1071 | 1071 | } |
| 1072 | 1072 | login_check_credentials(); |
| 1073 | 1073 | if( pRoute->bWriteMode!=0 && g.perm.WrWiki==0 ){ |
| 1074 | 1074 | ajax_route_error(403,"Write permissions required."); |
| 1075 | 1075 | return; |
| 1076 | + }else if( pRoute->bWriteMode==0 && g.perm.RdWiki==0 ){ | |
| 1077 | + ajax_route_error(403,"Read-Wiki permissions required."); | |
| 1078 | + return; | |
| 1076 | 1079 | }else if(0==cgi_csrf_safe(pRoute->bPost)){ |
| 1077 | 1080 | ajax_route_error(403, |
| 1078 | 1081 | "CSRF violation (make sure sending of HTTP " |
| 1079 | 1082 | "Referer headers is enabled for XHR " |
| 1080 | 1083 | "connections)."); |
| @@ -1108,24 +1111,29 @@ | ||
| 1108 | 1111 | if(zPageName && *zPageName){ |
| 1109 | 1112 | if( check_name(zPageName) ) return; |
| 1110 | 1113 | } |
| 1111 | 1114 | isSandbox = is_sandbox(zPageName); |
| 1112 | 1115 | if( isSandbox ){ |
| 1113 | - if( !g.perm.WrWiki ){ | |
| 1114 | - login_needed(g.anon.WrWiki); | |
| 1116 | + if( !g.perm.RdWiki ){ | |
| 1117 | + login_needed(g.anon.RdWiki); | |
| 1115 | 1118 | return; |
| 1116 | 1119 | } |
| 1117 | 1120 | found = 1; |
| 1118 | - }else if( zPageName!=0 ){ | |
| 1121 | + }else if( zPageName!=0 && zPageName[0]!=0){ | |
| 1119 | 1122 | int rid = 0; |
| 1120 | 1123 | if( !wiki_special_permission(zPageName) ){ |
| 1121 | 1124 | login_needed(0); |
| 1122 | 1125 | return; |
| 1123 | 1126 | } |
| 1124 | 1127 | found = wiki_fetch_by_name(zPageName, 0, &rid, 0); |
| 1125 | - if( (rid && !g.perm.WrWiki) || (!rid && !g.perm.NewWiki) ){ | |
| 1126 | - login_needed(rid ? g.anon.WrWiki : g.anon.NewWiki); | |
| 1128 | + if( (rid && !g.perm.RdWiki) || (!rid && !g.perm.NewWiki) ){ | |
| 1129 | + login_needed(rid ? g.anon.RdWiki : g.anon.NewWiki); | |
| 1130 | + return; | |
| 1131 | + } | |
| 1132 | + }else{ | |
| 1133 | + if( !g.perm.RdWiki ){ | |
| 1134 | + login_needed(g.anon.RdWiki); | |
| 1127 | 1135 | return; |
| 1128 | 1136 | } |
| 1129 | 1137 | } |
| 1130 | 1138 | style_header("Wiki Editor"); |
| 1131 | 1139 | style_emit_noscript_for_js_page(); |
| 1132 | 1140 |
| --- src/wiki.c | |
| +++ src/wiki.c | |
| @@ -1071,10 +1071,13 @@ | |
| 1071 | } |
| 1072 | login_check_credentials(); |
| 1073 | if( pRoute->bWriteMode!=0 && g.perm.WrWiki==0 ){ |
| 1074 | ajax_route_error(403,"Write permissions required."); |
| 1075 | return; |
| 1076 | }else if(0==cgi_csrf_safe(pRoute->bPost)){ |
| 1077 | ajax_route_error(403, |
| 1078 | "CSRF violation (make sure sending of HTTP " |
| 1079 | "Referer headers is enabled for XHR " |
| 1080 | "connections)."); |
| @@ -1108,24 +1111,29 @@ | |
| 1108 | if(zPageName && *zPageName){ |
| 1109 | if( check_name(zPageName) ) return; |
| 1110 | } |
| 1111 | isSandbox = is_sandbox(zPageName); |
| 1112 | if( isSandbox ){ |
| 1113 | if( !g.perm.WrWiki ){ |
| 1114 | login_needed(g.anon.WrWiki); |
| 1115 | return; |
| 1116 | } |
| 1117 | found = 1; |
| 1118 | }else if( zPageName!=0 ){ |
| 1119 | int rid = 0; |
| 1120 | if( !wiki_special_permission(zPageName) ){ |
| 1121 | login_needed(0); |
| 1122 | return; |
| 1123 | } |
| 1124 | found = wiki_fetch_by_name(zPageName, 0, &rid, 0); |
| 1125 | if( (rid && !g.perm.WrWiki) || (!rid && !g.perm.NewWiki) ){ |
| 1126 | login_needed(rid ? g.anon.WrWiki : g.anon.NewWiki); |
| 1127 | return; |
| 1128 | } |
| 1129 | } |
| 1130 | style_header("Wiki Editor"); |
| 1131 | style_emit_noscript_for_js_page(); |
| 1132 |
| --- src/wiki.c | |
| +++ src/wiki.c | |
| @@ -1071,10 +1071,13 @@ | |
| 1071 | } |
| 1072 | login_check_credentials(); |
| 1073 | if( pRoute->bWriteMode!=0 && g.perm.WrWiki==0 ){ |
| 1074 | ajax_route_error(403,"Write permissions required."); |
| 1075 | return; |
| 1076 | }else if( pRoute->bWriteMode==0 && g.perm.RdWiki==0 ){ |
| 1077 | ajax_route_error(403,"Read-Wiki permissions required."); |
| 1078 | return; |
| 1079 | }else if(0==cgi_csrf_safe(pRoute->bPost)){ |
| 1080 | ajax_route_error(403, |
| 1081 | "CSRF violation (make sure sending of HTTP " |
| 1082 | "Referer headers is enabled for XHR " |
| 1083 | "connections)."); |
| @@ -1108,24 +1111,29 @@ | |
| 1111 | if(zPageName && *zPageName){ |
| 1112 | if( check_name(zPageName) ) return; |
| 1113 | } |
| 1114 | isSandbox = is_sandbox(zPageName); |
| 1115 | if( isSandbox ){ |
| 1116 | if( !g.perm.RdWiki ){ |
| 1117 | login_needed(g.anon.RdWiki); |
| 1118 | return; |
| 1119 | } |
| 1120 | found = 1; |
| 1121 | }else if( zPageName!=0 && zPageName[0]!=0){ |
| 1122 | int rid = 0; |
| 1123 | if( !wiki_special_permission(zPageName) ){ |
| 1124 | login_needed(0); |
| 1125 | return; |
| 1126 | } |
| 1127 | found = wiki_fetch_by_name(zPageName, 0, &rid, 0); |
| 1128 | if( (rid && !g.perm.RdWiki) || (!rid && !g.perm.NewWiki) ){ |
| 1129 | login_needed(rid ? g.anon.RdWiki : g.anon.NewWiki); |
| 1130 | return; |
| 1131 | } |
| 1132 | }else{ |
| 1133 | if( !g.perm.RdWiki ){ |
| 1134 | login_needed(g.anon.RdWiki); |
| 1135 | return; |
| 1136 | } |
| 1137 | } |
| 1138 | style_header("Wiki Editor"); |
| 1139 | style_emit_noscript_for_js_page(); |
| 1140 |