Skip to content

Instantly share code, notes, and snippets.

@beezly
Created April 30, 2012 15:48
Show Gist options
  • Save beezly/2559465 to your computer and use it in GitHub Desktop.
Save beezly/2559465 to your computer and use it in GitHub Desktop.
Allow Nagios v-shell to support json-p format
Index: controller.php
===================================================================
--- controller.php (revision 1931)
+++ controller.php (working copy)
@@ -56,6 +56,23 @@
header('Location: '.BASEURL);
}
+function is_valid_callback($subject)
+{
+ $identifier_syntax
+ = '/^[$_\p{L}][$_\p{L}\p{Mn}\p{Mc}\p{Nd}\p{Pc}\x{200C}\x{200D}]*+$/u';
+
+ $reserved_words = array('break', 'do', 'instanceof', 'typeof', 'case',
+ 'else', 'new', 'var', 'catch', 'finally', 'return', 'void', 'continue',
+ 'for', 'switch', 'while', 'debugger', 'function', 'this', 'with',
+ 'default', 'if', 'throw', 'delete', 'in', 'try', 'class', 'enum',
+ 'extends', 'super', 'const', 'export', 'import', 'implements', 'let',
+ 'private', 'public', 'yield', 'interface', 'package', 'protected',
+ 'static', 'null', 'true', 'false');
+
+ return preg_match($identifier_syntax, $subject)
+ && ! in_array(mb_strtolower($subject, 'UTF-8'), $reserved_words);
+}
+
// *OLD*
// view=<hosts,services,hostgroups,servicegroups>
// cmd=filter<hosts,services>,arg=<UP,DOWN,WARNING,UNREACHABLE,UNKNOWN>
@@ -156,6 +173,15 @@
$output = json_encode($data);
break;
+ case 'jsonp':
+ if (isset($_GET['callback']) && is_valid_callback($_GET['callback'])) { $callback_name = $_GET['callback']; }
+ if (isset($_GET['jsonp']) && is_valid_callback($_GET['jsonp']) ) { $callback_name = $_GET['jsonp']; }
+ if (!isset($callback_name)) { $callback_name = 'callback'; }
+
+ header('Content-type: application/json-p');
+ $output = $callback_name . '(' . json_encode($data) . ');';
+ break;
+
case 'xml':
if($type!='backend')
{
@beezly
Copy link
Author

beezly commented Apr 30, 2012

Allows Nagios v-shell to support json-p format. Very handy if you want to make JSON-P queries from a different site, as JSON will not allow you to do XSS.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment