Prompt new site addition in raw mode

This commit is contained in:
shortcutme 2017-07-15 01:32:15 +02:00
parent 6a4882d81d
commit a0d85d7d83
No known key found for this signature in database
GPG key ID: 5B63BAE6CB9613AE
4 changed files with 73 additions and 3 deletions

View file

@ -47,7 +47,7 @@ class UiRequestPlugin(object):
if not os.path.isfile(archive_path):
site = self.server.site_manager.get(path_parts["address"])
if not site:
self.error404(path)
return self.actionSiteAddPrompt(path)
# Wait until file downloads
result = site.needFile(site.storage.getInnerPath(archive_path), priority=10)
# Send virutal file path download finished event to remove loading screen

View file

@ -102,6 +102,9 @@ class UiRequest(object):
# Wrapper-less static files
elif path.startswith("/raw/"):
return self.actionSiteMedia(path.replace("/raw", "/media", 1), header_noscript=True)
elif path.startswith("/add/"):
return self.actionSiteAdd()
# Site media wrapper
else:
if self.get.get("wrapper_nonce"):
@ -194,7 +197,7 @@ class UiRequest(object):
headers.append(("Access-Control-Allow-Origin", "*")) # Allow load font files from css
if noscript:
headers.append(("Content-Security-Policy", "default-src 'none'; sandbox allow-top-navigation; img-src 'self'; font-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline';"))
headers.append(("Content-Security-Policy", "default-src 'none'; sandbox allow-top-navigation allow-forms; img-src 'self'; font-src 'self'; media-src 'self'; style-src 'self' 'unsafe-inline';"))
if self.env["REQUEST_METHOD"] == "OPTIONS":
# Allow json access
@ -382,6 +385,12 @@ class UiRequest(object):
self.server.wrapper_nonces.append(wrapper_nonce)
return wrapper_nonce
# Create a new wrapper nonce that allows to get one site
def getAddNonce(self):
add_nonce = CryptHash.random()
self.server.add_nonces.append(add_nonce)
return add_nonce
def isSameOrigin(self, url_a, url_b):
if not url_a or not url_b:
return False
@ -448,7 +457,7 @@ class UiRequest(object):
return self.actionRedirect("./%s/" % path_parts["address"])
else: # File not exists, try to download
if address not in SiteManager.site_manager.sites: # Only in case if site already started downloading
return self.error404(path_parts["inner_path"])
return self.actionSiteAddPrompt(path)
site = SiteManager.site_manager.need(address)
@ -486,6 +495,26 @@ class UiRequest(object):
else: # Bad url
return self.error400()
def actionSiteAdd(self):
post = dict(cgi.parse_qsl(self.env["wsgi.input"].read()))
if post["add_nonce"] not in self.server.add_nonces:
return self.error403("Add nonce error.")
self.server.add_nonces.remove(post["add_nonce"])
SiteManager.site_manager.need(post["address"])
return self.actionRedirect(post["url"])
def actionSiteAddPrompt(self, path):
path_parts = self.parsePath(path)
if not path_parts or not self.server.site_manager.isAddress(path_parts["address"]):
return self.error404(path)
self.sendHeader(200, "text/html", noscript=True)
template = open("src/Ui/template/site_add.html").read()
template = template.replace("{url}", cgi.escape(self.env["PATH_INFO"], True))
template = template.replace("{address}", path_parts["address"])
template = template.replace("{add_nonce}", self.getAddNonce())
return template
# Stream a file to client
def actionFile(self, file_path, block_size=64 * 1024, send_header=True, header_length=True, header_noscript=False):
if ".." in file_path:

View file

@ -69,6 +69,7 @@ class UiServer:
self.learn_allowed_host = True # It will pin to the first http request's host
self.wrapper_nonces = []
self.add_nonces = []
self.site_manager = SiteManager.site_manager
self.sites = SiteManager.site_manager.list()
self.log = logging.getLogger(__name__)

View file

@ -0,0 +1,40 @@
<html>
<head>
<title>Add new site</title>
</head>
<body>
<style>
.content { line-height: 24px; font-family: monospace; font-size: 14px; color: #636363; text-transform: uppercase; top: 38%; position: relative; text-align: center; }
.content h1, .content h2 { font-weight: normal; letter-spacing: 1px; }
.content h2 { font-size: 15px; margin-bottom: 50px }
.content #details {
text-align: left; display: inline-block; width: 350px; background-color: white; padding: 17px 27px; border-radius: 0px;
box-shadow: 0px 2px 7px -1px #d8d8d8; text-transform: none; margin: 15px; transform: scale(0) rotateX(90deg); transition: all 0.6s cubic-bezier(0.785, 0.135, 0.15, 0.86);
}
.content #details #added { font-size: 12px; text-align: right; color: #a9a9a9; }
.button {
padding: 8px 20px; background-color: #FFF85F; border-bottom: 2px solid #CDBD1E; border-radius: 2px;
text-decoration: none; transition: all 0.5s; background-position: left center; color: black;
border-left: 0px; border-top: 0px; border-right: 0px; font-family: monospace; font-size: 14px;
}
.button:hover { background-color: #FFF400; border-bottom: 2px solid #4D4D4C; transition: none; }
.button:active { position: relative; top: 1px; }
.button:focus { outline: none; }
</style>
<div class="content">
<h1>Add new site</h1>
<h2>Please confirm before add new site to the client</h2>
<form action="/add/" method="POST">
<input type="hidden" name="add_nonce" value="{add_nonce}">
<input type="hidden" name="address" value="{address}">
<input type="hidden" name="url" value="{url}">
<input type="submit" class="button button-submit" id="button" value="Load site"/>
</form>
</div>
</body>
</html>