Restricted to https?://*.project-open.net/ domain, produce JSON error message instead of TCL error

717d6121 · cosine · 39298b94 · 717d6121
Commit 717d6121 authored Apr 06, 2023 by cosine
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 10 deletions

domain-proxy.tcl www/data-source/domain-proxy.tcl +12 -10

No files found.
--- a/www/data-source/domain-proxy.tcl
+++ b/www/data-source/domain-proxy.tcl
@@ -14,20 +14,22 @@ ad_page_contract {
 # Security & Permissions
 #
-if {![regexp {^https://www\.project-open\.[a-z]+} $url match]} {
-    ad_return_complaint 1 "Domain-proxy: This proxy can relay information only from project-open.* domains"
-    ad_script_abort
-}
 ns_log Notice "/intranet-rest/data-source/domain-proxy.tcl: url=$url"
+set json ""
+if {![regexp {^https?://www\.project-open\.net/} $url match]} {
+    set json "{\"success\": false, \"message\": \"Domain-proxy: This proxy can relay information only from https://*.project-open.net domains\"}"
+    # ad_return_complaint 1 "Domain-proxy: This proxy can relay information only from project-open.* domains"
+    # ad_script_abort
+}
 # --------------------------------------------
 # Fetch and return the page
 #
-if {[catch {
+if {"" eq $json} {
-    set json [im_httpget $url]
+    if {[catch {
-} err_msg]} {
+	set json [im_httpget $url]
-    set json "{\"success\": false, \"message\": \"Error message: $err_msg\"}"
+    } err_msg]} {
+	set json "{\"success\": false, \"message\": \"Error message: $err_msg\"}"
+    }
 }