File: 0100-0.6.2-hotfix.patch

package info (click to toggle)
php-dompdf 0.6.1%2Bdfsg-2%2Bdeb8u1
links: PTS, VCS
area: main
in suites: jessie
size: 4,656 kB
ctags: 7,083
sloc: php: 19,618; makefile: 38; sh: 13
file content (713 lines) | stat: -rw-r--r-- 24,003 bytes
Description: Hotfix based on 0.6.2
 This patch fixes:
 * CVE-2014-2383
 * CVE-2014-5011
 * CVE-2014-5012
 * CVE-2014-5013
 .
 The patch bundles code changes from 0.6.2
Author: Brian Sweeney <bsweeney@eclecticgeek.com>
Origin: upstream
Applied-Upstream: 0.6.2
Reviewed-by: Markus Frosch <lazyfrosch@debian.org>
Last-Update: 2016-02-27
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/dompdf.php
+++ b/dompdf.php
@@ -130,6 +130,8 @@
 $sapi = php_sapi_name();
 $options = array();
 
+$dompdf = new DOMPDF();
+
 switch ( $sapi ) {
 
  case "cli":
@@ -169,7 +171,7 @@
     if ( $file === "-" )
       $outfile = "dompdf_out.pdf";
     else
-      $outfile = str_ireplace(array(".html", ".htm", ".php"), "", $file) . ".pdf";
+      $outfile = str_ireplace(array(".html", ".htm"), "", $file) . ".pdf";
   }
 
   if ( isset($opts["v"]) )
@@ -194,6 +196,8 @@
 
  default:
 
+  $dompdf->set_option('enable_php', false);
+  
   if ( isset($_GET["input_file"]) )
     $file = rawurldecode($_GET["input_file"]);
   else
@@ -220,26 +224,12 @@
   
   $file_parts = explode_url($file);
   
-  /* Check to see if the input file is local and, if so, that the base path falls within that specified by DOMDPF_CHROOT */
-  if(($file_parts['protocol'] == '' || $file_parts['protocol'] === 'file://')) {
-    $file = realpath($file);
-    if ( strpos($file, DOMPDF_CHROOT) !== 0 ) {
-      throw new DOMPDF_Exception("Permission denied on $file. The file could not be found under the directory specified by DOMPDF_CHROOT.");
-    }
-  }
-  
-  if($file_parts['protocol'] === 'php://') {
-    throw new DOMPDF_Exception("Permission denied on $file. This script does not allow PHP streams.");
-  }
-  
   $outfile = "dompdf_out.pdf"; # Don't allow them to set the output file
   $save_file = false; # Don't save the file
   
   break;
 }
 
-$dompdf = new DOMPDF();
-
 if ( $file === "-" ) {
   $str = "";
   while ( !feof(STDIN) )
--- a/dompdf_config.custom.inc.php
+++ b/dompdf_config.custom.inc.php
@@ -1,6 +1,7 @@
-<?php 
+<?php
+// Please refer to dompdf_config.inc.php for details on each configuration option.
+
 //define("DOMPDF_TEMP_DIR", "/tmp");
-//define("DOMPDF_CHROOT", DOMPDF_DIR);
 //define("DOMPDF_FONT_DIR", DOMPDF_DIR."/lib/fonts/");
 //define("DOMPDF_FONT_CACHE", DOMPDF_DIR."/lib/fonts/");
 //define("DOMPDF_UNICODE_ENABLED", true);
@@ -9,8 +10,6 @@
 //define("DOMPDF_DEFAULT_PAPER_SIZE", "letter");
 //define("DOMPDF_DEFAULT_FONT", "serif");
 //define("DOMPDF_DPI", 72);
-//define("DOMPDF_ENABLE_PHP", true);
-//define("DOMPDF_ENABLE_REMOTE", true);
 //define("DOMPDF_ENABLE_CSS_FLOAT", true);
 //define("DOMPDF_ENABLE_JAVASCRIPT", false);
 //define("DEBUGPNG", true);
@@ -26,6 +25,17 @@
 //define("DOMPDF_ENABLE_HTML5PARSER", true);
 //define("DOMPDF_ENABLE_FONTSUBSETTING", true);
 
-// DOMPDF authentication
+// Authentication for the dompdf/www
 //define("DOMPDF_ADMIN_USERNAME", "user");
-//define("DOMPDF_ADMIN_PASSWORD", "password");
\ No newline at end of file
+//define("DOMPDF_ADMIN_PASSWORD", "password");
+
+/**
+ * Attention!
+ * The following settings may increase the risk of system exploit.
+ * Do not change these settings without understanding the consequences.
+ * Additional documentation is available on the dompdf wiki at:
+ * https://github.com/dompdf/dompdf/wiki
+ */
+//define("DOMPDF_CHROOT", DOMPDF_DIR);
+//define("DOMPDF_ENABLE_PHP", false);
+//define("DOMPDF_ENABLE_REMOTE", false);
--- a/include/abstract_renderer.cls.php
+++ b/include/abstract_renderer.cls.php
@@ -100,7 +100,7 @@
     //Therefore read dimension directly from file, instead of creating gd object first.
     //$img_w = imagesx($src); $img_h = imagesy($src);
 
-    list($img_w, $img_h) = dompdf_getimagesize($img);
+    list($img_w, $img_h) = dompdf_getimagesize($img, $this->_dompdf->get_http_context());
     if (!isset($img_w) || $img_w == 0 || !isset($img_h) || $img_h == 0) {
       return;
     }
--- a/include/cpdf_adapter.cls.php
+++ b/include/cpdf_adapter.cls.php
@@ -604,7 +604,7 @@
   }
 
   function image($img, $x, $y, $w, $h, $resolution = "normal") {
-    list($width, $height, $type) = dompdf_getimagesize($img);
+    list($width, $height, $type) = dompdf_getimagesize($img, $this->_dompdf->get_http_context());
     
     $debug_png = $this->_dompdf->get_option("debug_png");
 
--- a/include/dompdf.cls.php
+++ b/include/dompdf.cls.php
@@ -184,6 +184,25 @@
    * @var bool
    */
   private $_quirksmode = false;
+  
+  /**
+   * Protocol whitelist
+   *
+   * Protocols and PHP wrappers allowed in URLs. Full support is not 
+   * guarantee for the protocols/wrappers contained in this array.
+   *
+   * @var array
+   */
+  private $_allowed_protocols = array(null, "", "file://", "http://", "https://");
+  
+  /**
+   * Local file extension whitelist
+   *
+   * File extensions supported by dompdf for local files.
+   *
+   * @var array
+   */
+  private $_allowed_local_file_extensions = array("htm", "html");
 
   /**
    * The list of built-in fonts
@@ -474,6 +493,10 @@
       list($this->_protocol, $this->_base_host, $this->_base_path) = explode_url($file);
     }
 
+    if ( !in_array($this->_protocol, $this->_allowed_protocols) ) {
+      throw new DOMPDF_Exception("Permission denied on $file. The communication protocol is not supported.");
+    }
+    
     if ( !$this->get_option("enable_remote") && ($this->_protocol != "" && $this->_protocol !== "file://" ) ) {
       throw new DOMPDF_Exception("Remote file requested, but DOMPDF_ENABLE_REMOTE is false.");
     }
@@ -482,23 +505,24 @@
 
       // Get the full path to $file, returns false if the file doesn't exist
       $realfile = realpath($file);
-      if ( !$realfile ) {
-        throw new DOMPDF_Exception("File '$file' not found.");
-      }
 
       $chroot = $this->get_option("chroot");
       if ( strpos($realfile, $chroot) !== 0 ) {
         throw new DOMPDF_Exception("Permission denied on $file. The file could not be found under the directory specified by DOMPDF_CHROOT.");
       }
-
-      // Exclude dot files (e.g. .htaccess)
-      if ( substr(basename($realfile), 0, 1) === "." ) {
+      
+      $ext = pathinfo($realfile, PATHINFO_EXTENSION);
+      if (!in_array($ext, $this->_allowed_local_file_extensions)) {
         throw new DOMPDF_Exception("Permission denied on $file.");
       }
-
+      
+      if ( !$realfile ) {
+        throw new DOMPDF_Exception("File '$file' not found.");
+      }
+            
       $file = $realfile;
     }
-
+    
     $contents = file_get_contents($file, null, $this->_http_context);
     $encoding = null;
 
--- a/include/font_metrics.cls.php
+++ b/include/font_metrics.cls.php
@@ -217,10 +217,18 @@
    */
   static function save_font_families() {
     // replace the path to the DOMPDF font directories with the corresponding constants (allows for more portability)
-    $cache_data = var_export(self::$_font_lookup, true);
-    $cache_data = str_replace('\''.DOMPDF_FONT_DIR , 'DOMPDF_FONT_DIR . \'' , $cache_data);
-    $cache_data = str_replace('\''.DOMPDF_DIR , 'DOMPDF_DIR . \'' , $cache_data);
-    $cache_data = "<"."?php return $cache_data ?".">";
+    $cache_data = sprintf("<?php return array (%s", PHP_EOL);
+    foreach (self::$_font_lookup as $family => $variants) {
+      $cache_data .= sprintf("  '%s' => array(%s", addslashes($family), PHP_EOL);
+      foreach ($variants as $variant => $path) {
+        $path = sprintf("'%s'", $path);
+        $path = str_replace('\'' . DOMPDF_FONT_DIR , 'DOMPDF_FONT_DIR . \'' , $path);
+        $path = str_replace('\'' . DOMPDF_DIR , 'DOMPDF_DIR . \'' , $path);
+        $cache_data .= sprintf("    '%s' => %s,%s", $variant, $path, PHP_EOL);
+      }
+      $cache_data .= sprintf("  ),%s", PHP_EOL);
+    }
+    $cache_data .= ") ?>";
     file_put_contents(self::CACHE_FILE, $cache_data);
   }
 
@@ -249,13 +257,18 @@
       return;
     }
     
-    self::$_font_lookup = require_once self::CACHE_FILE;
+    $cache_data = require_once self::CACHE_FILE;
     
     // If the font family cache is still in the old format
     if ( self::$_font_lookup === 1 ) {
       $cache_data = file_get_contents(self::CACHE_FILE);
       file_put_contents(self::CACHE_FILE, "<"."?php return $cache_data ?".">");
-      self::$_font_lookup = require_once self::CACHE_FILE;
+      $cache_data = require_once self::CACHE_FILE;
+    }
+    
+    self::$_font_lookup = array();
+    foreach ($cache_data as $key => $value) {
+      self::$_font_lookup[stripslashes($key)] = $value;
     }
     
     // Merge provided fonts
@@ -318,7 +331,7 @@
     self::$_font_lookup[mb_strtolower($fontname)] = $entry;
   }
   
-  static function register_font($style, $remote_file) {
+  static function register_font($style, $remote_file, $context = null) {
     $fontname = mb_strtolower($style["family"]);
     $families = Font_Metrics::get_font_families();
     
@@ -328,6 +341,7 @@
     }
     
     $local_file = DOMPDF_FONT_DIR . md5($remote_file);
+    $local_temp_file = DOMPDF_TEMP_DIR . "/" . md5($remote_file);
     $cache_entry = $local_file;
     $local_file .= ".ttf";
     
@@ -336,23 +350,28 @@
     if ( !isset($entry[$style_string]) ) {
       $entry[$style_string] = $cache_entry;
       
-      Font_Metrics::set_font_family($fontname, $entry);
-      
       // Download the remote file
-      if ( !is_file($local_file) ) {
-        file_put_contents($local_file, file_get_contents($remote_file));
-      }
+      file_put_contents($local_temp_file, file_get_contents($remote_file, null, $context));
       
-      $font = Font::load($local_file);
+      $font = Font::load($local_temp_file);
       
       if (!$font) {
+        unlink($local_temp_file);
         return false;
       }
       
       $font->parse();
       $font->saveAdobeFontMetrics("$cache_entry.ufm");
       
+      unlink($local_temp_file);
+      
+      if ( !file_exists("$cache_entry.ufm") ) {
+        return false;
+      }
+      
       // Save the changes
+      file_put_contents($local_file, file_get_contents($remote_file, null, $context));
+      Font_Metrics::set_font_family($fontname, $entry);
       Font_Metrics::save_font_families();
     }
     
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -128,47 +128,45 @@
  * is appended (o.k. also for Windows)
  */
 function build_url($protocol, $host, $base_path, $url) {
-  if ( strlen($url) == 0 ) {
+  $protocol = mb_strtolower($protocol);
+  if (strlen($url) == 0) {
     //return $protocol . $host . rtrim($base_path, "/\\") . "/";
     return $protocol . $host . $base_path;
   }
-
   // Is the url already fully qualified or a Data URI?
-  if ( mb_strpos($url, "://") !== false || mb_strpos($url, "data:") === 0 ) {
+  if (mb_strpos($url, "://") !== false || mb_strpos($url, "data:") === 0) {
     return $url;
   }
-
   $ret = $protocol;
-
-  if ( !in_array(mb_strtolower($protocol), array("http://", "https://", "ftp://", "ftps://")) ) {
+  if (!in_array(mb_strtolower($protocol), array("http://", "https://", "ftp://", "ftps://"))) {
     //On Windows local file, an abs path can begin also with a '\' or a drive letter and colon
     //drive: followed by a relative path would be a drive specific default folder.
     //not known in php app code, treat as abs path
     //($url[1] !== ':' || ($url[2]!=='\\' && $url[2]!=='/'))
-    if ( $url[0] !== '/' && (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN' || ($url[0] !== '\\' && $url[1] !== ':')) ) {
+    if ($url[0] !== '/' && (strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN' || ($url[0] !== '\\' && $url[1] !== ':'))) {
       // For rel path and local acess we ignore the host, and run the path through realpath()
-      $ret .= realpath($base_path).'/';
+      $ret .= realpath($base_path) . '/';
     }
     $ret .= $url;
     $ret = preg_replace('/\?(.*)$/', "", $ret);
     return $ret;
   }
-
-  //remote urls with backslash in html/css are not really correct, but lets be genereous
-  if ( $url[0] === '/' || $url[0] === '\\' ) {
+  // Protocol relative urls (e.g. "//example.org/style.css")
+  if (strpos($url, '//') === 0) {
+    $ret .= substr($url, 2);
+    //remote urls with backslash in html/css are not really correct, but lets be genereous
+  } elseif ($url[0] === '/' || $url[0] === '\\') {
     // Absolute path
     $ret .= $host . $url;
-  }
-  else {
+  } else {
     // Relative path
     //$base_path = $base_path !== "" ? rtrim($base_path, "/\\") . "/" : "";
     $ret .= $host . $base_path . $url;
   }
-
   return $ret;
-
 }
 
+
 /**
  * parse a full url or pathname and return an array(protocol, host, path,
  * file + query + fragment)
@@ -183,7 +181,10 @@
   $file = "";
 
   $arr = parse_url($url);
-
+  if ( isset($arr["scheme"])) {
+    $arr["scheme"] == mb_strtolower($arr["scheme"]);
+  }
+  
   // Exclude windows drive letters...
   if ( isset($arr["scheme"]) && $arr["scheme"] !== "file" && strlen($arr["scheme"]) > 1 ) {
     $protocol = $arr["scheme"] . "://";
@@ -229,7 +230,7 @@
   }
   else {
 
-    $i = mb_strpos($url, "file://");
+    $i = mb_stripos($url, "file://");
     if ( $i !== false ) {
       $url = mb_substr($url, $i + 7);
     }
@@ -400,6 +401,12 @@
     }
   }
   
+  if (!function_exists('mb_stripos')) {
+    function mb_stripos($haystack, $needle, $offset = 0) {
+      return stripos($haystack, $needle, $offset);
+    }
+  }
+  
   if (!function_exists('mb_strrpos')) {
     function mb_strrpos($haystack, $needle, $offset = 0) {
       return strrpos($haystack, $needle, $offset);
@@ -748,7 +755,7 @@
  * @param string $filename
  * @return array The same format as getimagesize($filename)
  */
-function dompdf_getimagesize($filename) {
+function dompdf_getimagesize($filename, $context = null) {
   static $cache = array();
   
   if ( isset($cache[$filename]) ) {
@@ -758,7 +765,7 @@
   list($width, $height, $type) = getimagesize($filename);
   
   if ( $width == null || $height == null ) {
-    $data = file_get_contents($filename, null, null, 0, 26);
+    $data = file_get_contents($filename, null, $context, 0, 26);
     
     if ( substr($data, 0, 2) === "BM" ) {
       $meta = unpack('vtype/Vfilesize/Vreserved/Voffset/Vheadersize/Vwidth/Vheight', $data);
@@ -1005,31 +1012,6 @@
   }
 }
 
-if ( function_exists("curl_init") ) {
-  function DOMPDF_fetch_url($url, &$headers = null) {
-    $ch = curl_init($url);
-    curl_setopt($ch, CURLOPT_TIMEOUT, 10);
-    curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 10);
-    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
-    curl_setopt($ch, CURLOPT_HEADER, true);
-    
-    $data = curl_exec($ch);
-    $raw_headers = substr($data, 0, curl_getinfo($ch, CURLINFO_HEADER_SIZE));
-    $headers = preg_split("/[\n\r]+/", trim($raw_headers));
-    $data = substr($data, curl_getinfo($ch, CURLINFO_HEADER_SIZE));
-    curl_close($ch);
-    
-    return $data;
-  }
-}
-else {
-  function DOMPDF_fetch_url($url, &$headers = null) {
-    $data = file_get_contents($url);
-    $headers = $http_response_header;
-    
-    return $data;
-  }
-}
 
 /**
  * Affect null to the unused objects
--- a/include/gd_adapter.cls.php
+++ b/include/gd_adapter.cls.php
@@ -553,7 +553,7 @@
    * @internal param string $img_type the type (e.g. extension) of the image
    */
   function image($img_url, $x, $y, $w, $h, $resolution = "normal") {
-    $img_type = Image_Cache::detect_type($img_url);
+    $img_type = Image_Cache::detect_type($img_url, $this->_dompdf->get_http_context());
     $img_ext  = Image_Cache::type_to_ext($img_type);
 
     if ( !$img_ext ) {
--- a/include/image_cache.cls.php
+++ b/include/image_cache.cls.php
@@ -45,6 +45,7 @@
    * @return array             An array with two elements: The local path to the image and the image extension
    */
   static function resolve_url($url, $protocol, $host, $base_path, DOMPDF $dompdf) {
+    $protocol = mb_strtolower($protocol);
     $parsed_url = explode_url($url);
     $message = null;
 
@@ -84,7 +85,7 @@
           }
           else {
             set_error_handler("record_warnings");
-            $image = file_get_contents($full_url);
+            $image = file_get_contents($full_url, null, $dompdf->get_http_context());
             restore_error_handler();
           }
   
@@ -118,7 +119,7 @@
       
       // Check is the file is an image
       else {
-        list($width, $height, $type) = dompdf_getimagesize($resolved_url);
+        list($width, $height, $type) = dompdf_getimagesize($resolved_url, $dompdf->get_http_context());
         
         // Known image type
         if ( $width && $height && in_array($type, array(IMAGETYPE_GIF, IMAGETYPE_PNG, IMAGETYPE_JPEG, IMAGETYPE_BMP)) ) {
@@ -138,7 +139,8 @@
     catch(DOMPDF_Image_Exception $e) {
       $resolved_url = self::$broken_image;
       $type = IMAGETYPE_PNG;
-      $message = $e->getMessage()." \n $url";
+      $message = "Image not found or type unknown";
+      $_dompdf_warnings[] = $e->getMessage()." :: $url";
     }
 
     return array($resolved_url, $type, $message);
@@ -159,8 +161,8 @@
     self::$_cache = array();
   }
   
-  static function detect_type($file) {
-    list(, , $type) = dompdf_getimagesize($file);
+  static function detect_type($file, $context = null) {
+    list(, , $type) = dompdf_getimagesize($file, $context);
     return $type;
   }
   
--- a/include/image_frame_reflower.cls.php
+++ b/include/image_frame_reflower.cls.php
@@ -41,7 +41,7 @@
   function get_min_max_width() {
     if (DEBUGPNG) {
       // Determine the image's size. Time consuming. Only when really needed?
-      list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url());
+      list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url(), $this->get_dompdf()->get_http_context());
       print "get_min_max_width() ".
         $this->_frame->get_style()->width.' '.
         $this->_frame->get_style()->height.';'.
@@ -104,7 +104,7 @@
 
     if ($width == 0 || $height == 0) {
       // Determine the image's size. Time consuming. Only when really needed!
-      list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url());
+      list($img_width, $img_height) = dompdf_getimagesize($this->_frame->get_image_url(), $this->get_dompdf()->get_http_context());
       
       // don't treat 0 as error. Can be downscaled or can be catched elsewhere if image not readable.
       // Resample according to px per inch
--- a/include/list_bullet_image_frame_decorator.cls.php
+++ b/include/list_bullet_image_frame_decorator.cls.php
@@ -48,7 +48,7 @@
     $frame->get_node()->setAttribute("src", $url);
     $this->_img = new Image_Frame_Decorator($frame, $dompdf);
     parent::__construct($this->_img, $dompdf);
-    list($width, $height) = dompdf_getimagesize($this->_img->get_image_url());
+    list($width, $height) = dompdf_getimagesize($this->_img->get_image_url(), $dompdf->get_http_context());
 
     // Resample the bullet image to be consistent with 'auto' sized images
     // See also Image_Frame_Reflower::get_min_max_width
--- a/include/list_bullet_renderer.cls.php
+++ b/include/list_bullet_renderer.cls.php
@@ -141,7 +141,7 @@
       // Tested php ver: value measured in px, suffix "px" not in value: rtrim unnecessary.
       //$w = $frame->get_width();
       //$h = $frame->get_height();
-      list($width, $height) = dompdf_getimagesize($img);
+      list($width, $height) = dompdf_getimagesize($img, $this->_dompdf->get_http_context());
       $dpi = $this->_dompdf->get_option("dpi");
       $w = ((float)rtrim($width, "px") * 72) / $dpi;
       $h = ((float)rtrim($height, "px") * 72) / $dpi;
--- a/include/pdflib_adapter.cls.php
+++ b/include/pdflib_adapter.cls.php
@@ -770,7 +770,7 @@
     $w = (int)$w;
     $h = (int)$h;
 
-    $img_type = Image_Cache::detect_type($img_url);
+    $img_type = Image_Cache::detect_type($img_url, $this->_dompdf->get_http_context());
     $img_ext  = Image_Cache::type_to_ext($img_type);
 
     if ( !isset($this->_imgs[$img_url]) ) {
--- a/include/stylesheet.cls.php
+++ b/include/stylesheet.cls.php
@@ -1250,7 +1250,7 @@
         "path"   => build_url($this->_protocol, $this->_base_host, $this->_base_path, $src[2][$i]),
       );
       
-      if ( !$source["local"] && in_array($source["format"], array("", "woff", "opentype", "truetype")) ) {
+      if ( !$source["local"] && in_array($source["format"], array("", "truetype")) ) {
         $valid_sources[] = $source;
       }
       
@@ -1268,7 +1268,7 @@
       "style"  => $descriptors->font_style,
     );
     
-    Font_Metrics::register_font($style, $valid_sources[0]["path"]);
+    Font_Metrics::register_font($style, $valid_sources[0]["path"], $this->_dompdf->get_http_context());
   }
 
   /**
--- a/lib/class.pdf.php
+++ b/lib/class.pdf.php
@@ -749,7 +749,7 @@
 EOT;
 
         $res = "<</Length " . mb_strlen($stream, '8bit') . " >>\n";
-        $res .= "stream\n" . $stream . "endstream";
+        $res .= "stream\n" . $stream . "\nendstream";
 
         $this->objects[$toUnicodeId]['c'] = $res;
 
@@ -1875,7 +1875,7 @@
       $tmp = 'o_'.$v['t'];
       $cont = $this->$tmp($k, 'out');
       $content.= $cont;
-      $xref[] = $pos;
+      $xref[] = $pos+1; //+1 to account for \n at the start of each object
       $pos+= mb_strlen($cont, '8bit');
     }
 
@@ -2426,7 +2426,7 @@
           $flags+= pow(2, 5); // assume non-sybolic
           $list = array(
             'Ascent' => 'Ascender',
-            'CapHeight' => 'CapHeight',
+            'CapHeight' => 'Ascender', //FIXME: php-font-lib is not grabbing this value, so we'll fake it and use the Ascender value // 'CapHeight'
             'MissingWidth' => 'MissingWidth',
             'Descent' => 'Descender',
             'FontBBox' => 'FontBBox',
--- a/www/debugger.php
+++ b/www/debugger.php
@@ -1,4 +1,12 @@
-<?php 
+<?php
+require_once "functions.inc.php";
+
+$allowed_hosts = array("::1", "127.0.0.1");
+if( !auth_ok() || !in_array($_SERVER['REMOTE_ADDR'], $allowed_hosts) ) {
+  die("Access denied to host at " . $_SERVER['REMOTE_ADDR']);
+}
+
+
 $files = glob("test/*.{html,htm,php}", GLOB_BRACE);
 ?>
 
@@ -6,6 +14,7 @@
 <html lang="en">
 <head>
   <title>dompdf debugger</title>
+  <meta name="robots" content="noindex">
   <script type="text/javascript" src="jquery-1.4.2.js"></script>
   
   <script type="text/javascript">
--- a/www/demo.php
+++ b/www/demo.php
@@ -6,7 +6,7 @@
 $local = array("::1", "127.0.0.1");
 $is_local = in_array($_SERVER['REMOTE_ADDR'], $local);
 
-if ( isset( $_POST["html"] ) && $is_local ) {
+if ( auth_ok() && $is_local && isset( $_POST["html"] ) ) {
 
   if ( get_magic_quotes_gpc() )
     $_POST["html"] = stripslashes($_POST["html"]);
@@ -27,7 +27,7 @@
 <a name="demo"> </a>
 <h2>Demo</h2>
 
-<?php if ($is_local) { ?>
+<?php if (auth_ok() && $is_local) { ?>
 
 <p>Enter your html snippet in the text box below to see it rendered as a
 PDF: (Note by default, remote stylesheets, images &amp; inline PHP are disabled.)</p>
@@ -79,6 +79,8 @@
     User input has been disabled for remote connections.
   </p>
   
+  <?php echo auth_get_link(); ?>
+
 <?php } ?>
 
 <?php include("foot.inc"); ?>
\ No newline at end of file
--- a/www/head.inc
+++ b/www/head.inc
@@ -1,4 +1,8 @@
 <?php
+$allowed_hosts = array("::1", "127.0.0.1");
+if( !in_array($_SERVER['REMOTE_ADDR'], $allowed_hosts) ) {
+  die("Access denied to host at " . $_SERVER['REMOTE_ADDR']);
+}
 
 session_start();
 
@@ -21,6 +25,7 @@
 <head>
   <title>dompdf - The PHP 5 HTML to PDF Converter</title>
   <link rel="stylesheet" href="style.css" type="text/css"/>
+  <meta name="robots" content="noindex">
   <link rel="SHORTCUT ICON" href="images/favicon.ico"/>
   <script type="text/javascript" src="jquery-1.4.2.js"></script>
   
--- a/www/setup.php
+++ b/www/setup.php
@@ -1,5 +1,9 @@
 <?php include("head.inc"); ?>
 
+<?php
+if (auth_ok()) {
+?>
+
 <a name="setup"> </a>
 <h2>Setup</h2>
 
@@ -296,5 +300,12 @@
 
 </table>
 
+<?php
+} else {
+  echo auth_get_link();
+}
+?>
+
+
 
 <?php include("foot.inc"); ?>
\ No newline at end of file