Gnous/mailcow
2
0
Fork 0
Code Issues Pull Requests 1 Packages Projects Releases Wiki Activity

[Web] deny api calls from sogo

Browse Source
This commit is contained in:
FreddleSpl0it 2024-04-03 10:06:43 +02:00
parent 237a25e6b0
commit 00d4b32a1b
No known key found for this signature in database
GPG Key ID: 00E14E7634F4BEC5
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
data/web/json_api.php
View File

@ -47,6 +47,14 @@ function api_log($_data) {
} }
} }
// deny requests from /SOGo locations
if (isset($_SERVER['HTTP_REFERER'])) {
if (strpos(strtolower($_SERVER['HTTP_REFERER']), '/sogo') !== false) {
header('HTTP/1.1 403 Forbidden');
exit;
}
}
if (isset($_GET['query'])) { if (isset($_GET['query'])) {
$query = explode('/', $_GET['query']); $query = explode('/', $_GET['query']);