don't set a global uri-prefix and added checks (fixes #235)

git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-merge-1.4.x@641 152afb58-edef-0310-8abb-c4023f1b3aa9

src/mod_secure_download.c

@@ -115,13 +115,7 @@ SETDEFAULTS_FUNC(mod_secdownload_set_defaults) {
 		s->secret        = buffer_init();
 		s->doc_root      = buffer_init();
 		s->uri_prefix    = buffer_init();
-		s->timeout = 0;
-		
-		/* set global default */
-		if (i == 0) {
-			s->timeout = 60;
-			buffer_copy_string(s->uri_prefix, "/");
-		}
+		s->timeout       = 60;
 		
 		cv[0].destination = s->secret;
 		cv[1].destination = s->doc_root;
@@ -214,6 +208,8 @@ URIHANDLER_FUNC(mod_secdownload_uri_handler) {
 	if (con->uri.path->used == 0) return HANDLER_GO_ON;
 	
 	mod_secdownload_patch_connection(srv, con, p);
+
+	if (buffer_is_empty(p->conf.uri_prefix)) return HANDLER_GO_ON;
 	
 	if (buffer_is_empty(p->conf.secret)) {
 		log_error_write(srv, __FILE__, __LINE__, "s",

tests/lighttpd.conf

@@ -65,11 +65,6 @@ mimetype.assign             = ( ".png"  => "image/png",
 compress.cache-dir          = "@SRCDIR@/tmp/lighttpd/cache/compress/"
 compress.filetype           = ("text/plain", "text/html")
 
-secdownload.secret          = "verysecret"
-secdownload.document-root   = "/tmp/lighttpd/servers/www.example.org/pages/"
-secdownload.uri-prefix      = "/sec/"
-secdownload.timeout         = 120
-
 setenv.add-environment      = ( "TRAC_ENV" => "foo")
 setenv.add-request-header   = ( "FOO" => "foo")
 setenv.add-response-header  = ( "BAR" => "foo")
@@ -137,6 +132,10 @@ status.config-url           = "/server-config"
 
 $HTTP["host"] == "vvv.example.org" {
   server.document-root = "@SRCDIR@/tmp/lighttpd/servers/www.example.org/pages/"
+  secdownload.secret          = "verysecret"
+  secdownload.document-root   = "/tmp/lighttpd/servers/www.example.org/pages/"
+  secdownload.uri-prefix      = "/sec/"
+  secdownload.timeout         = 120
 }
 
 $HTTP["host"] == "zzz.example.org" {

tests/mod-secdownload.t

@@ -8,7 +8,7 @@ BEGIN {
 
 use strict;
 use IO::Socket;
-use Test::More tests => 5;
+use Test::More tests => 7;
 use LightyTest;
 use Digest::MD5 qw(md5_hex);
 
@@ -22,10 +22,9 @@ my $f = "/index.html";
 my $thex = sprintf("%08x", time);
 my $m = md5_hex($secret.$f.$thex);
 
-# mod-cgi
-#
 $t->{REQUEST}  = ( <<EOF
 GET /sec/$m/$thex$f HTTP/1.0
+Host: vvv.example.org
 EOF
  );
 $t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } );
@@ -35,24 +34,41 @@ ok($tf->handle_http($t) == 0, 'secdownload');
 $thex = sprintf("%08x", time - 1800);
 $m = md5_hex($secret.$f.$thex);
 
-# mod-cgi
-#
 $t->{REQUEST}  = ( <<EOF
 GET /sec/$m/$thex$f HTTP/1.0
+Host: vvv.example.org
 EOF
  );
 $t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 408 } );
 
 ok($tf->handle_http($t) == 0, 'secdownload - timeout');
 
+$t->{REQUEST}  = ( <<EOF
+GET /sec$f HTTP/1.0
+Host: vvv.example.org
+EOF
+ );
+$t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } );
+
+ok($tf->handle_http($t) == 0, 'secdownload - direct access');
+
+$t->{REQUEST}  = ( <<EOF
+GET $f HTTP/1.0
+Host: www.example.org
+EOF
+ );
+$t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 200 } );
+
+ok($tf->handle_http($t) == 0, 'secdownload - conditional access');
+
+
 $f = "/noexists";
 $thex = sprintf("%08x", time);
 $m = md5_hex($secret.$f.$thex);
 
-# mod-cgi
-#
 $t->{REQUEST}  = ( <<EOF
 GET /sec/$m/$thex$f HTTP/1.0
+Host: vvv.example.org
 EOF
  );
 $t->{RESPONSE} = ( { 'HTTP-Protocol' => 'HTTP/1.0', 'HTTP-Status' => 404 } );