blankie/breezewiki
1
0
Fork 0
forked from cadence/breezewiki
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: blankie:51bf087b30b8626038e4799726255510fbecbb33
Branches Tags
blankie:main
blankie:personal
blankie:no-redirect-link
blankie:tabs
blankie:tabs-dev
blankie:gamespot-reviews
blankie:noscript-a-img
blankie:redirect-param
blankie:file-namespace
blankie:file-page
blankie:referrer-policy
blankie:proxy-image-class
blankie:wikiname-regex
blankie:number-title
blankie:category-title
cadence:main
cadence:disable-requests
cadence:early-hints
...
compare: blankie:19aeeea60fc6c7c724206c2ba2d21f847c366d98
Branches Tags
blankie:personal
blankie:main
blankie:no-redirect-link
blankie:tabs
blankie:tabs-dev
blankie:gamespot-reviews
blankie:noscript-a-img
blankie:redirect-param
blankie:file-namespace
blankie:file-page
blankie:referrer-policy
blankie:proxy-image-class
blankie:wikiname-regex
blankie:number-title
blankie:category-title
cadence:main
cadence:disable-requests
cadence:early-hints

3 commits
51bf087b30 ... 19aeeea60f

Author SHA1 Message Date
blankie
19aeeea60f
more stuff 2022-10-09 14:21:28 +07:00
blankie
ba806d0633
simple tests 2022-10-09 14:16:15 +07:00
blankie
bc07a37bf7
Set Referrer-Policy to no-referrer 
Fandom sends a fake 404 to media if there's a Referer header that has an origin
that's not Fandom. However, we can choose not to send the header by setting
Referrer-Policy. See also:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy
 2022-10-09 14:08:20 +07:00
5 changed files with 37 additions and 16 deletions
Show stats Expand all files Collapse all files

3
src/application-globals.rkt
View file

@ -9,6 +9,8 @@
"url-utils.rkt") "url-utils.rkt")
(provide (provide
; header to not send referers to fandom
referrer-policy
; timeout durations for http-easy requests ; timeout durations for http-easy requests
timeouts timeouts
; generates a consistent footer ; generates a consistent footer
@ -22,6 +24,7 @@
(require rackunit (require rackunit
html-writing)) html-writing))
(define referrer-policy (header #"Referrer-Policy" #"no-referrer"))
(define timeouts (easy:make-timeout-config #:lease 5 #:connect 5)) (define timeouts (easy:make-timeout-config #:lease 5 #:connect 5))
(define (application-footer source-url #:license [license-in #f]) (define (application-footer source-url #:license [license-in #f])

1
src/page-category.rkt
View file

@ -113,6 +113,7 @@
(xexp->html body)) (xexp->html body))
(response/output (response/output
#:code 200 #:code 200
#:headers (list referrer-policy)
(λ (out) (λ (out)
(write-html body out)))))) (write-html body out))))))
(module+ test (module+ test

18
src/page-file.rkt
View file

@ -33,13 +33,24 @@
(easy:response-headers-ref dest-res 'content-type)) (easy:response-headers-ref dest-res 'content-type))
(define (get-media-html url content-type) (define (get-media-html url content-type)
(define maybe-proxied-url (if (config-true? 'strict_proxy) (u-proxy-url url) url))
(cond (cond
[(eq? content-type #f) `""] [(eq? content-type #f) `""]
[(regexp-match? #rx"(?i:^image/)" content-type) `(img (@ (src ,url)))] [(regexp-match? #rx"(?i:^image/)" content-type) `(img (@ (src ,maybe-proxied-url)))]
[(regexp-match? #rx"(?i:^audio/|^application/ogg(;|$))" content-type) [(regexp-match? #rx"(?i:^audio/|^application/ogg(;|$))" content-type)
`(audio (@ (src ,url) (controls)))] `(audio (@ (src ,maybe-proxied-url) (controls)))]
[(regexp-match? #rx"(?i:^video/)" content-type) `(video (@ (src ,url) (controls)))] [(regexp-match? #rx"(?i:^video/)" content-type) `(video (@ (src ,maybe-proxied-url) (controls)))]
[else `""])) [else `""]))
(module+ test
(require rackunit)
(parameterize ([config-parameter 'strict_proxy "true"])
(check-equal? (get-media-html "https://static.wikia.nocookie.net/a" "image/jpeg") (img (@ (src "/proxy?dest=https%3A%2F%2Fstatic.wikia.nocookie.net%2Fa"))))
(check-equal? (get-media-html "https://static.wikia.nocookie.net/b" "audio/mp3") (audio (@ (src "/proxy?dest=https%3A%2F%2Fstatic.wikia.nocookie.net%2Fb")))))
(parameterize ([config-parameter 'strict_proxy "no"])
(check-equal? (get-media-html "https://static.wikia.nocookie.net/c" "application/ogg") (audio (@ (src "/proxy?dest=https%3A%2F%2Fstatic.wikia.nocookie.net%2Fc"))))
(check-equal? (get-media-html "https://static.wikia.nocookie.net/d" "video/mp4") (video (@ (src "/proxy?dest=https%3A%2F%2Fstatic.wikia.nocookie.net%2Fd")))))
(check-equal? (get-media-html "https://example.com" "who knows") "")
(check-equal? (get-media-html #f "who knows") ""))
(define (generate-results-page #:source-url source-url (define (generate-results-page #:source-url source-url
#:wikiname wikiname #:wikiname wikiname
@ -125,6 +136,7 @@
; convert to string with error checking, error will be raised if xexp is invalid ; convert to string with error checking, error will be raised if xexp is invalid
(xexp->html body)) (xexp->html body))
(response/output #:code 200 (response/output #:code 200
#:headers (list referrer-policy)
(λ (out) (write-html body out))))))) (λ (out) (write-html body out)))))))
;(module+ test ;(module+ test
; (check-not-false ((query-selector (attribute-selector 'href "/test/wiki/Ankle_Monitor") ; (check-not-false ((query-selector (attribute-selector 'href "/test/wiki/Ankle_Monitor")

1
src/page-search.rkt
View file

@ -81,6 +81,7 @@
(xexp->html body)) (xexp->html body))
(response/output (response/output
#:code 200 #:code 200
#:headers (list referrer-policy)
(λ (out) (λ (out)
(write-html body out)))))) (write-html body out))))))
(module+ test (module+ test

18
src/page-wiki.rkt
View file

@ -152,15 +152,17 @@
(λ (v) (dict-update v 'rel (λ (s) (λ (v) (dict-update v 'rel (λ (s)
(list (string-append (car s) " noreferrer"))) (list (string-append (car s) " noreferrer")))
'("")))) '(""))))
; proxy images from inline styles ; proxy images from inline styles, if strict_proxy is set
(curry attribute-maybe-update 'style (curry u
(λ (v) (config-true? 'strict_proxy))
(λ (v) (attribute-maybe-update 'style
(λ (style) (λ (style)
(regexp-replace #rx"url\\(['\"]?(.*?)['\"]?\\)" style (regexp-replace #rx"url\\(['\"]?(.*?)['\"]?\\)" style
(λ (whole url) (λ (whole url)
(string-append (string-append
"url(" "url("
(u-proxy-url url) (u-proxy-url url)
")"))))) ")")))) v)))
; and also their links, if strict_proxy is set ; and also their links, if strict_proxy is set
(curry u (curry u
(λ (v) (λ (v)
@ -168,8 +170,10 @@
(eq? element-type 'a) (eq? element-type 'a)
(has-class? "image-thumbnail" v))) (has-class? "image-thumbnail" v)))
(λ (v) (attribute-maybe-update 'href u-proxy-url v))) (λ (v) (attribute-maybe-update 'href u-proxy-url v)))
; proxy images from src attributes ; proxy images from src attributes, if strict_proxy is set
(curry attribute-maybe-update 'src u-proxy-url) (curry u
(λ (v) (config-true? 'strict_proxy))
(λ (v) (attribute-maybe-update 'src u-proxy-url v)))
; don't lazyload images ; don't lazyload images
(curry u (curry u
(λ (v) (dict-has-key? v 'data-src)) (λ (v) (dict-has-key? v 'data-src))
@ -276,8 +280,8 @@
(define headers (if redirect-msg (define headers (if redirect-msg
(let* ([dest (get-attribute 'href (bits->attributes ((query-selector (λ (t a c) (eq? t 'a)) redirect-msg))))] (let* ([dest (get-attribute 'href (bits->attributes ((query-selector (λ (t a c) (eq? t 'a)) redirect-msg))))]
[value (bytes-append #"0;url=" (string->bytes/utf-8 dest))]) [value (bytes-append #"0;url=" (string->bytes/utf-8 dest))])
(list (header #"Refresh" value))) (list (header #"Refresh" value) referrer-policy))
(list))) (list referrer-policy)))
(when (config-true? 'debug) (when (config-true? 'debug)
; used for its side effects ; used for its side effects
; convert to string with error checking, error will be raised if xexp is invalid ; convert to string with error checking, error will be raised if xexp is invalid