diff options
Diffstat (limited to 'install.php')
| -rw-r--r-- | install.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/install.php b/install.php index 649e608bc..e66ddff86 100644 --- a/install.php +++ b/install.php @@ -20,6 +20,14 @@ define('MAINTENANCE_MODE', 'install'); * The installation phase we should proceed to. */ function install_main() { + // The user agent header is used to pass a database prefix in the request when + // running tests. However, for security reasons, it is imperative that no + // installation be permitted using such a prefix. + if (preg_match("/^simpletest\d+$/", $_SERVER['HTTP_USER_AGENT'])) { + header('HTTP/1.1 403 Forbidden'); + exit; + } + require_once './includes/bootstrap.inc'; drupal_bootstrap(DRUPAL_BOOTSTRAP_CONFIGURATION); |