improve uninstalled-protection

author Michiel@unhosted <michiel@unhosted.org>

Mon, 12 Sep 2011 12:22:48 +0000 (14:22 +0200)

committer Michiel@unhosted <michiel@unhosted.org>

Mon, 12 Sep 2011 12:22:48 +0000 (14:22 +0200)
author Michiel@unhosted <michiel@unhosted.org>
Mon, 12 Sep 2011 12:22:48 +0000 (14:22 +0200)
committer Michiel@unhosted <michiel@unhosted.org>
Mon, 12 Sep 2011 12:22:48 +0000 (14:22 +0200)
diff --git a/apps/user_webfinger/host-meta.php b/apps/user_webfinger/host-meta.php

index c37b7dd77693f453884156604257f7a8239f87b4..ceb15f22da4457a223056083b5f475e51f1de96e 100644 (file)
--- a/apps/user_webfinger/host-meta.php
+++ b/apps/user_webfinger/host-meta.php
@@ -2,7 +2,7 @@
  if($_SERVER['SCRIPT_NAME'] == '/.well-known/host-meta.php') {
         header("Access-Control-Allow-Origin: *");
  } else {
-       header('Please visit /apps/user_webfinger/activate.php first');
+       header('Please-first: activate');
  }
  header("Content-Type: application/xml+xrd");
  echo "<";
diff --git a/apps/user_webfinger/webfinger.php b/apps/user_webfinger/webfinger.php

index fdec9e8e5633f2aecce375d4b31e7ab6ceee5dc7..4f94cc3c4fa0305e8d01cda90326a97eaebc73d9 100644 (file)
--- a/apps/user_webfinger/webfinger.php
+++ b/apps/user_webfinger/webfinger.php
@@ -1,5 +1,9 @@
  <?php
-header("Access-Control-Allow-Origin: *");
+if($_SERVER['SCRIPT_NAME'] == '/.well-known/host-meta.php') {
+       header("Access-Control-Allow-Origin: *");
+} else {
+       header('Please-first: activate');
+}
  header("Content-Type: application/xml+xrd");
  
  if($_GET['q']) {
author	Michiel@unhosted <michiel@unhosted.org>
	Mon, 12 Sep 2011 12:22:48 +0000 (14:22 +0200)
committer	Michiel@unhosted <michiel@unhosted.org>
	Mon, 12 Sep 2011 12:22:48 +0000 (14:22 +0200)
apps/user_webfinger/host-meta.php		patch \| blob \| history
apps/user_webfinger/webfinger.php		patch \| blob \| history