[mod] different HTTP status codes according to the errors :
* 200 - no URL * 403 - invalid mortyhash, or javascript content * 500 - error parsing URI or getting the webpage * 501 - .onion domain * 503 - no Content-Type header in the response, or error decoding content * 504 - timeout git-svn-id: file:///srv/svn/repo/yukari/trunk@35 f3bd38d9-da89-464d-a02a-eb04e43141b5
This commit is contained in:
alex
parent
40bd03923c
commit
00bd224041
89
morty.go
89
morty.go
@ -109,13 +109,13 @@ var HTML_FORM_EXTENSION string = `<input type="hidden" name="mortyurl" value="%s
|
||||
var HTML_BODY_EXTENSION string = `
|
||||
<div id="mortyheader">
|
||||
<input type="checkbox" id="mortytoggle" autocomplete="off" />
|
||||
<div><p>This is a proxified and sanitized view of the page,<br />visit <a href="%s" rel="noreferrer">original site</a>.</p><p><label for="mortytoggle">hide</label></p></div>
|
||||
<div><p>This is a proxified and sanitized view of the page,<br />visit <a href="%s">original site</a>.</p><div><p><label for="mortytoggle">hide</label></p></div></div>
|
||||
</div>
|
||||
<style>
|
||||
#mortyheader { position: fixed; padding: 12px 12px 12px 0; margin: 0; box-sizing: content-box; top: 15%%; left: 0; max-width: 140px; color: #444; overflow: hidden; z-index: 110000; font-size: 12px; line-height: normal; }
|
||||
#mortyheader a { color: #3498db; font-weight: bold; }
|
||||
#mortyheader p { padding: 0 0 0.7em 0; margin: 0; }
|
||||
#mortyheader > div { padding: 8px; font-size: 12px !important; font-family: sans !important; border-width: 4px 4px 4px 0; border-style: solid; border-color: #1abc9c; background: #FFF; line-height: 1em; }
|
||||
#mortyheader { position: fixed; top: 15%%; left: 0; max-width: 10em; color: #444; overflow: hidden; z-index: 110000; font-size: 0.9em; padding: 1em 1em 1em 0; margin: 0; }
|
||||
#mortyheader a { color: #3498db; }
|
||||
#mortyheader p { padding: 0; margin: 0; }
|
||||
#mortyheader > div { padding: 8px; font-size: 0.9em; border-width: 4px 4px 4px 0; border-style: solid; border-color: #1abc9c; background: #FFF; line-height: 1em; }
|
||||
#mortyheader label { text-align: right; cursor: pointer; display: block; color: #444; padding: 0; margin: 0; }
|
||||
input[type=checkbox]#mortytoggle { display: none; }
|
||||
input[type=checkbox]#mortytoggle:checked ~ div { display: none; }
|
||||
@ -133,13 +133,14 @@ func (p *Proxy) RequestHandler(ctx *fasthttp.RequestCtx) {
|
||||
requestURI := popRequestParam(ctx, []byte("mortyurl"))
|
||||
|
||||
if requestURI == nil {
|
||||
p.serveMainPage(ctx, nil)
|
||||
p.serveMainPage(ctx, 200, nil)
|
||||
return
|
||||
}
|
||||
|
||||
if p.Key != nil {
|
||||
if !verifyRequestURI(requestURI, requestHash, p.Key) {
|
||||
p.serveMainPage(ctx, errors.New(`invalid "mortyhash" parameter`))
|
||||
// HTTP status code 403 : Forbidden
|
||||
p.serveMainPage(ctx, 403, errors.New(`invalid "mortyhash" parameter`))
|
||||
return
|
||||
}
|
||||
}
|
||||
@ -147,12 +148,14 @@ func (p *Proxy) RequestHandler(ctx *fasthttp.RequestCtx) {
|
||||
parsedURI, err := url.Parse(string(requestURI))
|
||||
|
||||
if strings.HasSuffix(parsedURI.Host, ".onion") {
|
||||
p.serveMainPage(ctx, errors.New("Tor urls are not supported yet"))
|
||||
// HTTP status code 501 : Not Implemented
|
||||
p.serveMainPage(ctx, 501, errors.New("Tor urls are not supported yet"))
|
||||
return
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
p.serveMainPage(ctx, err)
|
||||
// HTTP status code 500 : Internal Server Error
|
||||
p.serveMainPage(ctx, 500, err)
|
||||
return
|
||||
}
|
||||
|
||||
@ -185,7 +188,13 @@ func (p *Proxy) RequestHandler(ctx *fasthttp.RequestCtx) {
|
||||
err = CLIENT.DoTimeout(req, resp, p.RequestTimeout)
|
||||
|
||||
if err != nil {
|
||||
p.serveMainPage(ctx, err)
|
||||
if err == fasthttp.ErrTimeout {
|
||||
// HTTP status code 504 : Gateway Time-Out
|
||||
p.serveMainPage(ctx, 504, err)
|
||||
} else {
|
||||
// HTTP status code 500 : Internal Server Error
|
||||
p.serveMainPage(ctx, 500, err)
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
@ -211,12 +220,14 @@ func (p *Proxy) RequestHandler(ctx *fasthttp.RequestCtx) {
|
||||
contentType := resp.Header.Peek("Content-Type")
|
||||
|
||||
if contentType == nil {
|
||||
p.serveMainPage(ctx, errors.New("invalid content type"))
|
||||
// HTTP status code 503 : Service Unavailable
|
||||
p.serveMainPage(ctx, 503, errors.New("invalid content type"))
|
||||
return
|
||||
}
|
||||
|
||||
if bytes.Contains(bytes.ToLower(contentType), []byte("javascript")) {
|
||||
p.serveMainPage(ctx, errors.New("forbidden content type"))
|
||||
// HTTP status code 403 : Forbidden
|
||||
p.serveMainPage(ctx, 403, errors.New("forbidden content type"))
|
||||
return
|
||||
}
|
||||
|
||||
@ -228,7 +239,8 @@ func (p *Proxy) RequestHandler(ctx *fasthttp.RequestCtx) {
|
||||
var err error
|
||||
responseBody, err = charmap.ISO8859_2.NewDecoder().Bytes(resp.Body())
|
||||
if err != nil {
|
||||
p.serveMainPage(ctx, err)
|
||||
// HTTP status code 503 : Service Unavailable
|
||||
p.serveMainPage(ctx, 503, err)
|
||||
return
|
||||
}
|
||||
} else {
|
||||
@ -294,7 +306,7 @@ func sanitizeCSS(rc *RequestConfig, out io.Writer, css []byte) {
|
||||
out.Write([]byte(uri))
|
||||
startIndex = urlEnd
|
||||
} else {
|
||||
log.Println("cannot proxify css uri:", string(css[urlStart:urlEnd]))
|
||||
log.Println("cannot proxify css uri:", css[urlStart:urlEnd])
|
||||
}
|
||||
}
|
||||
if startIndex < len(css) {
|
||||
@ -491,13 +503,6 @@ func sanitizeMetaAttrs(rc *RequestConfig, out io.Writer, attrs [][][]byte) {
|
||||
urlIndex := bytes.Index(bytes.ToLower(content), []byte("url="))
|
||||
if bytes.Equal(http_equiv, []byte("refresh")) && urlIndex != -1 {
|
||||
contentUrl := content[urlIndex+4:]
|
||||
// special case of <meta http-equiv="refresh" content="0; url='example.com/url.with.quote.outside'">
|
||||
if len(contentUrl)>=2 && (contentUrl[0] == byte('\'') || contentUrl[0] == byte('"')) {
|
||||
if contentUrl[0] == contentUrl[len(contentUrl)-1] {
|
||||
contentUrl=contentUrl[1:len(contentUrl)-1]
|
||||
}
|
||||
}
|
||||
// output proxify result
|
||||
if uri, err := rc.ProxifyURI(string(contentUrl)); err == nil {
|
||||
fmt.Fprintf(out, ` http-equiv="refresh" content="%surl=%s"`, content[:urlIndex], uri)
|
||||
}
|
||||
@ -523,7 +528,7 @@ func sanitizeAttr(rc *RequestConfig, out io.Writer, attrName, attrValue, escaped
|
||||
if uri, err := rc.ProxifyURI(string(attrValue)); err == nil {
|
||||
fmt.Fprintf(out, " %s=\"%s\"", attrName, uri)
|
||||
} else {
|
||||
log.Println("cannot proxify uri:", string(attrValue))
|
||||
log.Println("cannot proxify uri:", attrValue)
|
||||
}
|
||||
case "style":
|
||||
cssAttr := bytes.NewBuffer(nil)
|
||||
@ -532,7 +537,7 @@ func sanitizeAttr(rc *RequestConfig, out io.Writer, attrName, attrValue, escaped
|
||||
}
|
||||
}
|
||||
|
||||
func mergeURIs(u1, u2 *url.URL) *url.URL {
|
||||
func mergeURIs(u1, u2 *url.URL) (*url.URL) {
|
||||
return u1.ResolveReference(u2)
|
||||
}
|
||||
|
||||
@ -591,54 +596,46 @@ func verifyRequestURI(uri, hashMsg, key []byte) bool {
|
||||
return hmac.Equal(h, mac.Sum(nil))
|
||||
}
|
||||
|
||||
func (p *Proxy) serveMainPage(ctx *fasthttp.RequestCtx, err error) {
|
||||
func (p *Proxy) serveMainPage(ctx *fasthttp.RequestCtx, statusCode int, err error) {
|
||||
ctx.SetContentType("text/html")
|
||||
ctx.SetStatusCode(statusCode)
|
||||
ctx.Write([]byte(`<!doctype html>
|
||||
<head>
|
||||
<title>MortyProxy</title>
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1 , maximum-scale=1.0, user-scalable=1" />
|
||||
<style>
|
||||
html { height: 100%; }
|
||||
body { min-height : 100%; display: flex; flex-direction:column; font-family: 'Garamond', 'Georgia', serif; text-align: center; color: #444; background: #FAFAFA; margin: 0; padding: 0; font-size: 1.1em; }
|
||||
body { font-family: 'Garamond', 'Georgia', serif; text-align: center; color: #444; background: #FAFAFA; margin: 0; padding: 0; font-size: 1.1em; }
|
||||
input { border: 1px solid #888; padding: 0.3em; color: #444; background: #FFF; font-size: 1.1em; }
|
||||
input[placeholder] { width:80%; }
|
||||
a { text-decoration: none; #2980b9; }
|
||||
h1, h2 { font-weight: 200; margin-bottom: 2rem; }
|
||||
h1 { font-size: 3em; }
|
||||
.container { flex:1; min-height: 100%; margin-bottom: 1em; }
|
||||
.footer { margin: 1em; }
|
||||
.footer { position: absolute; bottom: 2em; width: 100%; }
|
||||
.footer p { font-size: 0.8em; }
|
||||
|
||||
</style>
|
||||
</head>
|
||||
<body>
|
||||
<div class="container">
|
||||
<h1>MortyProxy</h1>
|
||||
`))
|
||||
<h1>MortyProxy</h1>`))
|
||||
if err != nil {
|
||||
ctx.SetStatusCode(404)
|
||||
log.Println("error:", err)
|
||||
ctx.Write([]byte("<h2>Error: "))
|
||||
ctx.Write([]byte(html.EscapeString(err.Error())))
|
||||
ctx.Write([]byte("</h2>"))
|
||||
} else {
|
||||
ctx.SetStatusCode(200)
|
||||
}
|
||||
if p.Key == nil {
|
||||
ctx.Write([]byte(`
|
||||
<form action="post">
|
||||
Visit url: <input placeholder="https://url.." name="mortyurl" autofocus />
|
||||
<input type="submit" value="go" />
|
||||
</form>`))
|
||||
<form action="post">
|
||||
Visit url: <input placeholder="https://url.." name="mortyurl" />
|
||||
<input type="submit" value="go" />
|
||||
</form>`))
|
||||
} else {
|
||||
ctx.Write([]byte(`<h3>Warning! This instance does not support direct URL opening.</h3>`))
|
||||
}
|
||||
ctx.Write([]byte(`
|
||||
</div>
|
||||
<div class="footer">
|
||||
<p>Morty rewrites web pages to exclude malicious HTML tags and CSS/HTML attributes. It also replaces external resource references to prevent third-party information leaks.<br />
|
||||
<a href="https://github.com/asciimoo/morty">view on github</a>
|
||||
</p>
|
||||
</div>
|
||||
<div class="footer">
|
||||
<p>Morty rewrites web pages to exclude malicious HTML tags and CSS/HTML attributes. It also replaces external resource references to prevent third-party information leaks.<br />
|
||||
<a href="https://github.com/asciimoo/morty">view on github</a>
|
||||
</p>
|
||||
</div>
|
||||
</body>
|
||||
</html>`))
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user