Verification of website and blog

daemon.py

@@ -21,6 +21,7 @@ from functools import partial
 from hashlib import sha256
 from hashlib import md5
 from shutil import copyfile
+from session import site_is_verified
 from session import create_session
 from session import get_session_for_domain
 from session import get_session_for_domains
@@ -6309,6 +6310,13 @@ class PubServer(BaseHTTPRequestHandler):
                         if fields['blogAddress'] != current_blog_address:
                             set_blog_address(actor_json,
                                              fields['blogAddress'])
+                            site_is_verified(curr_session,
+                                             self.server.base_dir,
+                                             self.server.http_prefix,
+                                             nickname, domain,
+                                             fields['blogAddress'],
+                                             True,
+                                             self.server.debug)
                             actor_changed = True
                     else:
                         if current_blog_address:
@@ -6479,6 +6487,13 @@ class PubServer(BaseHTTPRequestHandler):
                             set_website(actor_json,
                                         fields['websiteUrl'],
                                         self.server.translate)
+                            site_is_verified(curr_session,
+                                             self.server.base_dir,
+                                             self.server.http_prefix,
+                                             nickname, domain,
+                                             fields['websiteUrl'],
+                                             True,
+                                             self.server.debug)
                             actor_changed = True
                     else:
                         if current_website:

session.py

@@ -9,6 +9,8 @@ __module_group__ = "Session"
 
 import os
 import requests
+from utils import text_in_file
+from utils import acct_dir
 from utils import url_permitted
 from utils import is_image_file
 from httpsig import create_signed_header
@@ -378,6 +380,9 @@ def verify_html(session, url: str, debug: bool,
     """Verify that the handle for nickname@domain exists within the
     given url
     """
+    if not url_exists(session, url, 3, http_prefix, domain):
+        return False
+
     as_header = {
         'Accept': 'text/html'
     }
@@ -409,6 +414,38 @@ def verify_html(session, url: str, debug: bool,
     return False
 
 
+def site_is_verified(session, base_dir: str, http_prefix: str,
+                     nickname: str, domain: str,
+                     url: str, update: bool, debug: bool) -> bool:
+    """Is the given website verified?
+    """
+    verified_sites_filename = \
+        acct_dir(base_dir, nickname, domain) + '/verified_sites.txt'
+    verified_file_exists = False
+    if os.path.isfile(verified_sites_filename):
+        verified_file_exists = True
+        if text_in_file(url, verified_sites_filename + '\n', True):
+            return True
+    if not update:
+        return False
+
+    verified = \
+        verify_html(session, url, debug,
+                    __version__, http_prefix, nickname, domain)
+    if verified:
+        write_type = 'a+'
+        if not verified_file_exists:
+            write_type = 'w+'
+        try:
+            with open(verified_sites_filename, write_type,
+                      encoding='utf-8') as fp_verified:
+                fp_verified.write(url + '\n')
+        except OSError:
+            print('EX: Verified sites could not be updated ' +
+                  verified_sites_filename)
+    return verified
+
+
 def download_ssml(signing_priv_key_pem: str,
                   session, url: str, headers: {}, params: {}, debug: bool,
                   version: str, http_prefix: str, domain: str,

webapp_profile.py

@@ -84,6 +84,7 @@ from blocking import get_cw_list_variable
 from blocking import is_blocked
 from content import bold_reading_string
 from roles import is_devops
+from session import site_is_verified
 
 THEME_FORMATS = '.zip, .gz'
 
@@ -712,6 +713,7 @@ def html_profile(signing_priv_key_pem: str,
     tox_address = get_tox_address(profile_json)
     briar_address = get_briar_address(profile_json)
     cwtch_address = get_cwtch_address(profile_json)
+    verified_site_checkmark = '✔️'
     if donate_url or website_url or xmpp_address or matrix_address or \
        ssb_address or tox_address or briar_address or \
        cwtch_address or pgp_pub_key or enigma_pub_key or \
@@ -724,8 +726,13 @@ def html_profile(signing_priv_key_pem: str,
                 '<button class="donateButton">' + translate['Donate'] + \
                 '</button></a></p>\n'
         if website_url:
+            donate_section += '<p>' + translate['Website'] + ': '
+            if site_is_verified(session, base_dir, http_prefix,
+                                nickname, domain,
+                                website_url, False, debug):
+                donate_section += verified_site_checkmark
             donate_section += \
-                '<p>' + translate['Website'] + ': <a href="' + \
+                '<a href="' + \
                 website_url + '" rel="me" tabindex="1">' + \
                 website_url + '</a></p>\n'
         if gemini_link:
@@ -739,8 +746,13 @@ def html_profile(signing_priv_key_pem: str,
                 email_address + '" tabindex="1">' + \
                 email_address + '</a></p>\n'
         if blog_address:
+            donate_section += '<p>Blog: '
+            if site_is_verified(session, base_dir, http_prefix,
+                                nickname, domain,
+                                blog_address, False, debug):
+                donate_section += verified_site_checkmark
             donate_section += \
-                '<p>Blog: <a href="' + \
+                '<a href="' + \
                 blog_address + '" rel="me" tabindex="1">' + \
                 blog_address + '</a></p>\n'
         if xmpp_address: