|
|
|
|
@ -128,17 +128,28 @@ QString HttpConnection::translateDocument(QString data) {
@@ -128,17 +128,28 @@ QString HttpConnection::translateDocument(QString data) {
|
|
|
|
|
return data; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
void HttpConnection::respond() |
|
|
|
|
{ |
|
|
|
|
void HttpConnection::respond() { |
|
|
|
|
//qDebug("Respond called");
|
|
|
|
|
int nb_fail = parent->client_failed_attempts.value(socket->peerAddress().toString(), 0); |
|
|
|
|
if(nb_fail > 2) { |
|
|
|
|
generator.setStatusLine(403, "Forbidden"); |
|
|
|
|
generator.setMessage(tr("Your IP address has been banned after too many failed authentication attempts.")); |
|
|
|
|
write(); |
|
|
|
|
return; |
|
|
|
|
} |
|
|
|
|
QStringList auth = parser.value("Authorization").split(" ", QString::SkipEmptyParts); |
|
|
|
|
if (auth.size() != 2 || QString::compare(auth[0], "Basic", Qt::CaseInsensitive) != 0 || !parent->isAuthorized(auth[1].toLocal8Bit())) |
|
|
|
|
{ |
|
|
|
|
if (auth.size() != 2 || QString::compare(auth[0], "Basic", Qt::CaseInsensitive) != 0 || !parent->isAuthorized(auth[1].toLocal8Bit())) { |
|
|
|
|
// Update failed attempt counter
|
|
|
|
|
parent->client_failed_attempts.insert(socket->peerAddress().toString(), nb_fail+1); |
|
|
|
|
qDebug("client IP: %s (%d failed attempts)", socket->peerAddress().toString().toLocal8Bit().data(), nb_fail); |
|
|
|
|
// Return unauthorized header
|
|
|
|
|
generator.setStatusLine(401, "Unauthorized"); |
|
|
|
|
generator.setValue("WWW-Authenticate", "Basic realm=\"you know what\""); |
|
|
|
|
write(); |
|
|
|
|
return; |
|
|
|
|
} |
|
|
|
|
// Client sucessfuly authenticated, reset number of failed attempts
|
|
|
|
|
parent->client_failed_attempts.remove(socket->peerAddress().toString()); |
|
|
|
|
QString url = parser.url(); |
|
|
|
|
// Favicon
|
|
|
|
|
if(url.endsWith("favicon.ico")) { |
|
|
|
|
|
Christophe Dumez
15 years ago