mark: A photo of Mark kneeling on top of the Taal Volcano in the Philippines. It was a long hike. (Default)
Mark Smith ([staff profile] mark) wrote in [site community profile] changelog2009-05-10 06:22 am

[dw-free] prohibit mogupic trick *somehow*

[commit: http://hg.dwscoalition.org/dw-free/rev/838d7b3fea1b]

http://bugs.dwscoalition.org/show_bug.cgi?id=888

Don't let people hotlink mogupic.bml.

Patch by [personal profile] alierak.

Files modified:
  • htdocs/misc/mogupic.bml
  • htdocs/misc/mogupic.bml.text
--------------------------------------------------------------------------------
diff -r 16cba21887f4 -r 838d7b3fea1b htdocs/misc/mogupic.bml
--- a/htdocs/misc/mogupic.bml	Sun May 10 06:18:31 2009 +0000
+++ b/htdocs/misc/mogupic.bml	Sun May 10 06:22:31 2009 +0000
@@ -2,6 +2,8 @@
 {
     use strict;
     use vars qw(%GET);
+
+    return $ML{'.error.referer'} unless LJ::check_referer('/tools/userpicfactory.bml');
 
     my $remote = LJ::get_remote();
     return LJ::error_noremote() unless $remote;
@@ -15,7 +17,7 @@
 
     my $upf = LJ::get_upf_scaled(size => $size, userid => $u->id, mogkey => "upf_$GET{index}:$u->{userid}");
 
-    return "Error retreiving image." unless $upf;
+    return $ML{'.error.image'} unless $upf;
 
     my $blob = $upf->[0];
     my $mime = $upf->[1];
diff -r 16cba21887f4 -r 838d7b3fea1b htdocs/misc/mogupic.bml.text
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/htdocs/misc/mogupic.bml.text	Sun May 10 06:22:31 2009 +0000
@@ -0,0 +1,5 @@
+;; -*- coding: utf-8 -*-
+
+.error.referer=Invalid Referer
+
+.error.image=Error retrieving image.
--------------------------------------------------------------------------------