version 0.3.32

[fms.git] / src / http / pages / showimagepage.cpp

diff --git a/src/http/pages/showimagepage.cpp b/src/http/pages/showimagepage.cpp
index cff1a2c..e63349d 100644 (file)
--- a/src/http/pages/showimagepage.cpp
+++ b/src/http/pages/showimagepage.cpp
@@ -7,6 +7,13 @@
 #endif\r
 \r
 std::map<std::string,std::vector<char> > ShowImagePage::m_imagecache;\r
+std::set<std::string> ShowImagePage::m_imagewhitelist;\r
+\r
+ShowImagePage::ShowImagePage(SQLite3DB::DB *db):IPageHandler(db)\r
+{\r
+       m_imagewhitelist.insert("images/new_posts.png");\r
+       m_imagewhitelist.insert("images/no_new_posts.png");\r
+}\r
 \r
 void ShowImagePage::handleRequest(Poco::Net::HTTPServerRequest &request, Poco::Net::HTTPServerResponse &response)\r
 {\r
@@ -21,7 +28,7 @@ void ShowImagePage::handleRequest(Poco::Net::HTTPServerRequest &request, Poco::N
        }\r
 \r
        std::string content="";\r
-       if(queryvars.find("image")!=queryvars.end())\r
+       if(queryvars.find("image")!=queryvars.end() && m_imagewhitelist.find((*queryvars.find("image")).second)!=m_imagewhitelist.end())\r
        {\r
                if(m_imagecache.find((*queryvars.find("image")).second)!=m_imagecache.end())\r
                {\r