Rev 299 | Rev 305 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 299 | Rev 301 | ||
---|---|---|---|
Line 25... | Line 25... | ||
25 | <h2 id="systemCheckCaption" style="display:none">System check</h2> |
25 | <h2 id="systemCheckCaption" style="display:none">System check</h2> |
26 | 26 | ||
27 | <div id="dirAccessWarning"></div> |
27 | <div id="dirAccessWarning"></div> |
28 | 28 | ||
29 | <script> |
29 | <script> |
- | 30 | function RemoveLastDirectoryPartOf(the_url) { |
|
- | 31 | var the_arr = the_url.split('/'); |
|
- | 32 | if (the_arr.pop() == '') the_arr.pop(); |
|
- | 33 | return( the_arr.join('/') ); |
|
- | 34 | } |
|
30 | function checkAccess(dir) { |
35 | function checkAccess(dir) { |
- | 36 | url = '../' + dir; |
|
- | 37 | visibleUrl = RemoveLastDirectoryPartOf(window.location.href) + '/' + dir; // xhr.responseURL not available in IE |
|
- | 38 | ||
31 | var xhr = new XMLHttpRequest(); |
39 | var xhr = new XMLHttpRequest(); |
32 | xhr.onreadystatechange = function() { |
40 | xhr.onreadystatechange = function() { |
33 | if (xhr.readyState === 4) { |
41 | if (xhr.readyState === 4) { |
34 | if (xhr.status === 200) { |
42 | if (xhr.status === 200) { |
35 | document.getElementById('systemCheckCaption').style.display = 'block'; |
43 | document.getElementById('systemCheckCaption').style.display = 'block'; |
36 | document.getElementById('dirAccessWarning').innerHTML = document.getElementById('dirAccessWarning').innerHTML + 'Attention: The following directory is world-readable: <a target="_blank" href="'+xhr.responseURL+'">'+xhr.responseURL+'</a> ! You need to configure your web server to restrict access to this directory! (For Apache see <i>.htaccess</i>, for Microsoft IIS see <i>web.config</i>, for Nginx see <i>nginx.conf</i>)<br>'; |
44 | document.getElementById('dirAccessWarning').innerHTML = document.getElementById('dirAccessWarning').innerHTML + 'Attention: The following directory is world-readable: <a target="_blank" href="'+url+'">'+visibleUrl+'</a> ! You need to configure your web server to restrict access to this directory! (For Apache see <i>.htaccess</i>, for Microsoft IIS see <i>web.config</i>, for Nginx see <i>nginx.conf</i>)<br>'; |
37 | } |
45 | } |
38 | } |
46 | } |
39 | }; |
47 | }; |
40 | 48 | ||
41 | xhr.open('GET', dir); |
49 | xhr.open('GET', url); |
42 | xhr.send(); |
50 | xhr.send(); |
43 | } |
51 | } |
44 | 52 | ||
45 | document.getElementById('dirAccessWarning').innerHTML = ""; |
53 | document.getElementById('dirAccessWarning').innerHTML = ""; |
46 | checkAccess('../userdata/'); |
54 | checkAccess('userdata/'); |
47 | checkAccess('../dev/'); |
55 | checkAccess('dev/'); |
48 | checkAccess('../includes/'); |
56 | checkAccess('includes/'); |
49 | //checkAccess('../plugins/publicPages/100_whois/whois/cli/'); |
57 | //checkAccess('plugins/publicPages/100_whois/whois/cli/'); |
50 | </script> |
58 | </script> |
51 | 59 | ||
52 | <div id="step1"> |
60 | <div id="step1"> |
53 | <h2>Step 1: Enter setup information</h2> |
61 | <h2>Step 1: Enter setup information</h2> |
54 | 62 |