mirror of
git://git.psyced.org/git/psyced
synced 2024-08-15 03:25:10 +00:00
fake redirection by iframe...
This commit is contained in:
psyc://loupsycedyglgamf.onion/~lynX
parent
5c859e6fef
commit
0a7f208a72
6 changed files with 114 additions and 35 deletions
|
|
@ -18,6 +18,10 @@
|
|||
#include <status.h>
|
||||
#include <uniform.h>
|
||||
|
||||
#ifndef HT_LOGO
|
||||
# define HT_LOGO DEFAULT_HT_LOGO
|
||||
#endif
|
||||
|
||||
#ifdef BRAIN
|
||||
|
||||
# ifdef SLAVE
|
||||
|
|
@ -610,8 +614,9 @@ htget(prot, query, headers, qs) {
|
|||
}
|
||||
#endif
|
||||
|
||||
#ifdef CHALLENGE_MATCH
|
||||
#ifdef CHALLENGE_QUESTION // should make media player etc work also w/o challenge FIXME
|
||||
#include <sys/regexp.h>
|
||||
#include "ht/http.h"
|
||||
|
||||
#define CHALOG(verb) log_file("CHALLENGE", "%s %s %O A:%O P:%O C:%O\n", \
|
||||
MYNICK, verb, query_ip_name(), \
|
||||
|
|
@ -619,14 +624,47 @@ htget(prot, query, headers, qs) {
|
|||
|
||||
// maybe this all belongs into archetype.gen.. chesmo!
|
||||
htget(prot, query, headers, qs, data, noprocess) {
|
||||
string item = headers[item] || "/@"+ MYNICK;
|
||||
if (stringp(headers["cookie"]) && regmatch(headers["cookie"],
|
||||
"challenge=complete&answer="+ md5(CHALLENGE_MATCH))) {
|
||||
if (probably_private(this_interactive()) <= PRIVACY_SURVEILLED) {
|
||||
hterror(prot, R_PAYMENTREQ, "To protect against abuse in this nasty world this function needs 'https' instead of 'http'.");
|
||||
htnotify(query, headers, "_challenge_disabled_encryption",
|
||||
"[_nick_place] sees no TLS by [_web_on] from [_web_from].");
|
||||
return 0;
|
||||
}
|
||||
string item = "/@"+ MYNICK;
|
||||
if (
|
||||
# ifdef CHALLENGE_AGENT
|
||||
stringp(headers["user-agent"]) &&
|
||||
regmatch(lower_case(headers["user-agent"]), CHALLENGE_AGENT)
|
||||
# else
|
||||
# ifdef CHALLENGE_ACCOUNTS
|
||||
# define CHALLENGE_CHECK CHALLENGE_ACCOUNTS
|
||||
# else
|
||||
# ifdef CHALLENGE_MATCH
|
||||
# define CHALLENGE_CHECK CHALLENGE_MATCH
|
||||
# endif
|
||||
# endif
|
||||
stringp(headers["cookie"]) && regmatch(headers["cookie"],
|
||||
"challenge=complete&answer="+ md5(CHALLENGE_CHECK))
|
||||
# endif
|
||||
) {
|
||||
CHALOG("completes");
|
||||
htnotify(query, headers, "_accomplished_web",
|
||||
htnotify(query, headers, "_challenge_accomplished_web",
|
||||
"Challenge accomplished in [_nick_place] by [_web_on] coming from [_web_from].");
|
||||
# ifdef CHALLENGE_REDIRECT
|
||||
return htredirect(prot, CHALLENGE_REDIRECT, "There you go", 0, "Set-Cookie: psycplace=\"challenge=done\"; Path="+ item +"; Secure; Max-Age=9\n");
|
||||
# ifdef CHALLENGE_REDIRECT_TITLE
|
||||
# ifdef CHALLENGE_QUESTION
|
||||
htok3(prot, 0, "Set-Cookie: psycplace=\"challenge=done\"; Path="+ item +"; Secure; Max-Age=9\n");
|
||||
# else
|
||||
htok();
|
||||
# endif
|
||||
w("_PAGES_frame_redirect", 0,
|
||||
([ "_uniform_page" : CHALLENGE_REDIRECT,
|
||||
"_title_page" : CHALLENGE_REDIRECT_TITLE,
|
||||
"_nick_place" : MYNICK ]) );
|
||||
return 1;
|
||||
# else
|
||||
return htredirect(prot, CHALLENGE_REDIRECT, "Download or redirect initiated", 0, "Content-Disposition: attachment\nSet-Cookie: psycplace=\"challenge=done\"; Path="+ item +"; Secure; Max-Age=9\n");
|
||||
# endif
|
||||
# else
|
||||
# ifdef HTGET
|
||||
// you may want to output a player iframe instead of a redirect...
|
||||
|
|
@ -636,33 +674,66 @@ htget(prot, query, headers, qs, data, noprocess) {
|
|||
# endif
|
||||
# endif
|
||||
}
|
||||
if (stringp(query["answer"]) && headers["cookie"] &&
|
||||
regmatch(headers["cookie"], "challenge=given") &&
|
||||
regmatch(lower_case(query["answer"]), CHALLENGE_MATCH)) {
|
||||
// lazy me could have used referer here ;)
|
||||
string nu = stringp(query["parameters"]) &&
|
||||
strlen(query["parameters"]) ?
|
||||
item +"?"+ query["parameters"] : item;
|
||||
CHALOG("reloads");
|
||||
htredirect(prot, nu, "Reload, please", 0, "Set-Cookie: psycplace=\"challenge=complete&answer="+ md5(CHALLENGE_MATCH) +"\"; Path="+ item +"; Secure; Max-Age=99\n");
|
||||
return 1;
|
||||
# if defined(CHALLENGE_MATCH) || defined(CHALLENGE_ACCOUNTS)
|
||||
if (stringp(query["answer"])) {
|
||||
unless (headers["cookie"]) {
|
||||
CHALOG("disabled");
|
||||
hterror(prot, R_PAYMENTREQ, "To protect against abuse in this nasty world this function needs just temporarily enabled cookies. There are no de-anonymizing purposes involved. Or did you just lowercase my name in the URL?");
|
||||
htnotify(query, headers, "_challenge_disabled_web",
|
||||
"[_nick_place] sees no cookies by [_web_on] from [_web_from].");
|
||||
return 1;
|
||||
}
|
||||
string acct;
|
||||
if (regmatch(headers["cookie"], "challenge=given")) {
|
||||
if (query["answer"] &&
|
||||
# ifdef CHALLENGE_ACCOUNTS
|
||||
(acct = CHALLENGE_ACCOUNTS->consult(query["answer"]))
|
||||
# else
|
||||
regmatch(lower_case(query["answer"]), CHALLENGE_MATCH)
|
||||
# endif
|
||||
) {
|
||||
// lazy me could have used referer here ;)
|
||||
string nu = stringp(query["parameters"]) &&
|
||||
strlen(query["parameters"]) &&
|
||||
query["parameters"] != "0" ?
|
||||
item +"?"+ query["parameters"] : item;
|
||||
CHALOG(acct? ("authenticates as "+ acct): "reloads");
|
||||
htredirect(prot, nu, "Reload, please", 0, "Set-Cookie: psycplace=\"challenge=complete&answer="+ md5(CHALLENGE_CHECK) +"\"; Path="+ item +"; Secure; Max-Age=99\n");
|
||||
if (acct) htnotify(query, headers, "_challenge_authenticated_web",
|
||||
"[_web_on] authenticated for [_nick_place] coming from [_web_from].", acct);
|
||||
return 1;
|
||||
} else {
|
||||
CHALOG("fails");
|
||||
htnotify(query, headers, "_challenge_failed_web",
|
||||
"[_nick_place] sees [_web_on] from [_web_from] fail the challenge.");
|
||||
}
|
||||
}
|
||||
} else
|
||||
# endif
|
||||
{
|
||||
CHALOG("challenges");
|
||||
htnotify(query, headers, "_challenge_presented_web",
|
||||
"[_nick_place] challenges [_web_on] coming from [_web_from].");
|
||||
// (query [_web_query], cookie [_web_cookie]).");
|
||||
}
|
||||
// If you have trouble reloading the HTML template
|
||||
// look out for both 'ht' and 'html' textdbs!
|
||||
sTextPath(query["layout"], query["lang"], "html");
|
||||
// using a non-psyced cookie here so that you can't construct a
|
||||
// url that allows other people to bypass the challenge.
|
||||
// could add a timeout here...
|
||||
htok3(prot, 0, "Set-Cookie: psycplace=\"challenge=given\"; Path="+ item +"; Secure; Max-Age=999\n");
|
||||
CHALOG("challenges");
|
||||
# ifndef CHALLENGE_REDIRECT_TITLE
|
||||
# define CHALLENGE_REDIRECT_TITLE "Challenge for " MYNICK
|
||||
# endif
|
||||
w("_PAGES_group_challenge", 0,
|
||||
([ "_challenge" : htquote(CHALLENGE_QUESTION),
|
||||
// if the user failed the challenge,
|
||||
// we maintain the original qs for next attempt:
|
||||
"_parameters" : query["parameters"] || qs,
|
||||
"_uniform_logo" : HT_LOGO,
|
||||
"_title_page" : CHALLENGE_REDIRECT_TITLE,
|
||||
"_nick_place" : MYNICK ]) );
|
||||
// printf("%O vs %O\n", query, headers);
|
||||
htnotify(query, headers, "_challenged_web",
|
||||
"[_nick_place] challenges [_web_on] coming from [_web_from].");
|
||||
// (query [_web_query], cookie [_web_cookie]).");
|
||||
return 1;
|
||||
}
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue