indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Redirect parameter

merge-requests/30/head
Bob Mottram 2023-01-09 22:49:17 +00:00
parent 375550c331
commit bbbe6b21ea
2 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
daemon.py
View File

@ -1117,7 +1117,8 @@ class PubServer(BaseHTTPRequestHandler):
return False return False
def _redirect_headers(self, redirect: str, cookie: str, def _redirect_headers(self, redirect: str, cookie: str,
calling_domain: str) -> None: calling_domain: str,
code: int = 303) -> None:
if '://' not in redirect: if '://' not in redirect:
if calling_domain.endswith('.onion') and self.server.onion_domain: if calling_domain.endswith('.onion') and self.server.onion_domain:
redirect = 'http://' + self.server.onion_domain + redirect redirect = 'http://' + self.server.onion_domain + redirect
@ -1130,7 +1131,10 @@ class PubServer(BaseHTTPRequestHandler):
print('WARN: redirect was not an absolute url, changed to ' + print('WARN: redirect was not an absolute url, changed to ' +
redirect) redirect)
self.send_response(303) self.send_response(code)
if code != 303:
print('Redirect headers: ' + str(code))
if cookie: if cookie:
cookie_str = cookie.replace('SET:', '').strip() cookie_str = cookie.replace('SET:', '').strip()
@ -1743,7 +1747,7 @@ class PubServer(BaseHTTPRequestHandler):
self.server.domain_full) self.server.domain_full)
if protocol_url: if protocol_url:
self._redirect_headers(protocol_url, cookie, self._redirect_headers(protocol_url, cookie,
calling_domain) calling_domain, 308)
else: else:
self._404() self._404()
return True return True

3
webfinger.py
View File

@ -255,7 +255,6 @@ def webfinger_meta(http_prefix: str, domain_full: str) -> str:
def wellknown_protocol_handler(path: str, base_dir: str, def wellknown_protocol_handler(path: str, base_dir: str,
http_prefix: str, domain_full: str) -> {}: http_prefix: str, domain_full: str) -> {}:
"""See https://fedi-to.github.io/protocol-handler.html """See https://fedi-to.github.io/protocol-handler.html
Only return the path, not the full url
""" """
if not path.startswith('/.well-known/protocol-handler?'): if not path.startswith('/.well-known/protocol-handler?'):
return None return None
@ -282,7 +281,7 @@ def wellknown_protocol_handler(path: str, base_dir: str,
domain = domain_full domain = domain_full
# not an open redirect # not an open redirect
if domain == domain_full: if domain == domain_full:
return '/users/' + nickname return http_prefix + '://' + domain_full + '/users/' + nickname
return None return None