Hello g00r00!
On 03 Jan 2023, g00r00 said the following...
g0> BW> Download via WEB (dlreq) functionality to work -- I always get "File
g0> BW> in queue" when clicking on a file to download it:
g0> Turns out I completely broke it at some point. I've fixed it up and I will
g0> put up a new build in just a few minutes to the prealpha folder.
Thanks a lot! It is much appreciated, and appears to be working just fine! I
have enabled "Download via WEB" on my BBS now.
Speaking of this, would it be possible (in the future) to be able to choose to
disable the anti-spoofing (IP) check? E.g. for the scenario when a user uses
fTelnet (an fTelnet proxy somewhere in the world) and then wants to download the
file via his/her web browser (another IP)?
+ 2023.01.04 09:04:04 HTTP 1-Cannot authenticate host (81.4.100.99/192.168.1.1)
+ 2023.01.04 09:04:04 HTTP 1-Refused: Not authorized
A configuration option for the download URL (e.g. if you have a web server in
front of MIS for HTTPS support with a "real" SSL certificate) would also be a
great addition. :)
And that might actually *require* the ability to disable dlreq IP checks, unless
dlreq could also be configured to trust some header(s), e.g. X-Forwarded-For,
from some "upstream" IP(s) or IP range(s), where that header would contain the
real IP of the user. Something like what mod_remoteip of Apache does:
https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteipinternalpro
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 127.0.0.1 192.168.1.0/24
Just food for thought. :)
Thanks again for your help!
Best regards
Björn
--- Mystic BBS v1.12 A48 (Linux/64)
* Origin: Star Collision BBS, Uppsala, Sweden (2:201/137)
|
