--- loncom/auth/lontokacc.pm	2002/08/08 13:45:21	1.6
+++ loncom/auth/lontokacc.pm	2003/08/01 15:46:10	1.8
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Access Handler for User File Transfers
 #
-# $Id: lontokacc.pm,v 1.6 2002/08/08 13:45:21 www Exp $
+# $Id: lontokacc.pm,v 1.8 2003/08/01 15:46:10 www Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -33,12 +33,16 @@ use Apache::Constants qw(:common :remote
 use Apache::lonnet();
 use Apache::File();
 
+
 sub handler {
     my $r = shift;
-    my $reqhost;
-    unless ($reqhost=$r->get_remote_host(REMOTE_DOUBLE_REV)) {
-       $r->log_reason("Spoof request ".$reqhost);
-       return FORBIDDEN;
+    my $reqhost = $r->get_remote_host(REMOTE_DOUBLE_REV);
+    if (!$reqhost && $r->get_remote_host(REMOTE_NOLOOKUP) eq $r->get_server_name()) { 
+        $reqhost = $r->get_server_name(); 
+    }
+    unless ($reqhost) {
+        $r->log_reason("Spoof request from ". $reqhost);
+        return FORBIDDEN;
     }
     if ($reqhost eq 'localhost.localdomain') {
        $r->register_cleanup(\&removefile);