Permalink
Browse files

Enable p2p and cluster communication when "Protection of all pages" on

As reported by paul89 on YaCy forum
(http://forum.yacy-websuche.de/viewtopic.php?f=23&t=5958 ), when setting
the "Protection of all pages" to "On" in the "ConfigAccounts_p.html"
page, the peer became completely unreachable by others, which is not the
purpose of this feature.
But the restriction still makes sense as a security enforcement and is
maintained in private "Robinson mode" where by the way any peer-to-peer
or cluster communication would be rejected.
  • Loading branch information...
luccioman committed May 17, 2017
1 parent 45346c1 commit bd7411a53af4f1e54bf27498f95b4f0f7934f090
Showing with 9 additions and 1 deletion.
  1. +9 −1 source/net/yacy/http/Jetty9YaCySecurityHandler.java
@@ -75,7 +75,15 @@ protected RoleInfo prepareConstraintInfo(String pathInContext, Request request)
final boolean accessFromLocalhost = Domains.isLocalhost(remoteip) && (refererHost == null || refererHost.length() == 0 || Domains.isLocalhost(refererHost));
// ! note : accessFromLocalhost compares localhost ip pattern
final boolean grantedForLocalhost = adminAccountGrantedForLocalhost && accessFromLocalhost;
boolean protectedPage = adminAccountNeededForAllPages || (pathInContext.indexOf("_p.") > 0);
/* Even when all pages are protected, we don't want to block those used for peer-to-peer or cluster communication (except in private robinson mode)
* (examples : /yacy/hello.html is required for p2p and cluster network presence and /solr/select for remote Solr search requests) */
boolean protectedPage = (adminAccountNeededForAllPages && ((sb.isRobinsonMode() && !sb.isPublicRobinson()) ||
!(pathInContext.startsWith("/yacy/") || pathInContext.startsWith("/solr/"))));
/* Pages suffixed with "_p" are by the way always considered protected */
protectedPage = protectedPage || (pathInContext.indexOf("_p.") > 0);
// check "/gsa" and "/solr" if not publicSearchpage
if (!protectedPage && !sb.getConfigBool(SwitchboardConstants.PUBLIC_SEARCHPAGE, true)) {
protectedPage = pathInContext.startsWith("/solr/") || pathInContext.startsWith("/gsa/");

0 comments on commit bd7411a

Please sign in to comment.