[Koha-bugs] [Bug 14994] Add RSS/Atom feed proxy
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Mon Apr 17 15:34:41 CEST 2017
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14994
--- Comment #7 from Owen Leonard <oleonard at myacpl.org> ---
Created attachment 62215
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=62215&action=edit
[SIGNED-OFF] Bug 14994 - Request proxy (added opac-proxy.pl)
This patch adds a new opac page that is used as an endpoint
for external web requests such as RSS feeds. This allows user
scripts to pull data via XHR requests from external resources
without violating the 'same-origin' restriction.
I would appreciate some feedback on security implications of
doing this. Might need to add some DoS protection etc.
The script takes a single parameter; 'id', the number of the
feed to retrieve. This is an offset into an array of URLs
stored in the system preference named 'RequestProxyURL'.
The offset i based on 1 to make it easier for non-technical
people. The first feed is '1', '0' is invalid.
Test plan:
1) Apply the syspref patch first.
2) Apply this patch.
3) Enable the request proxy by going into System Preferences,
Web Services, set RequestProxyEnabled to 'yes' and
enter a test URL such as:
http://hyltebiblioteken.blogspot.se/feeds/posts/default
and:
http://bokbastisarna.blogspot.com/feeds/posts/default
into RequestProxyURL.
4) Save and go to the new url:
http://127.0.1.1/cgi-bin/koha/opac-proxy.pl?id=1
You should get the content of the first URL with 'id' = 1.
With 'id' = 2 you should get the second URL.
With 'id' = 3 you should get a 503 error.
5) Disable the service again, 'RequestProxyEnabled' = no.
6) Go back to the proxy url, you should now receive a 503 error
even for valid feed id's AND for invalid ones.
Sponsored-By: Halland County Library
Signed-off-by: Owen Leonard <oleonard at myacpl.org>
--
You are receiving this mail because:
You are watching all bug changes.
More information about the Koha-bugs
mailing list