mirror of
https://github.com/oxen-io/oxen-storage-server.git
synced 2023-12-13 21:00:26 +01:00
Require loki or oxen prefix in server urls
This commit is contained in:
parent
305d73d62f
commit
41b434d6b2
3 changed files with 24 additions and 3 deletions
|
@ -194,6 +194,13 @@ static void relay_to_node(const ServiceNode& service_node,
|
|||
}
|
||||
}
|
||||
|
||||
bool is_server_url_allowed(std::string_view url) {
|
||||
return (util::starts_with(url, "/loki/") ||
|
||||
util::starts_with(url, "/oxen/")) &&
|
||||
util::ends_with(url, "/lsrpc") &&
|
||||
(url.find('?') == std::string::npos);
|
||||
}
|
||||
|
||||
void RequestHandler::process_onion_req(const std::string& ciphertext,
|
||||
const std::string& ephem_key,
|
||||
std::function<void(oxen::Response)> cb,
|
||||
|
@ -217,7 +224,8 @@ void RequestHandler::process_onion_req(const std::string& ciphertext,
|
|||
process_ciphertext_v2(this->channel_cipher_, ciphertext, ephem_key);
|
||||
} else {
|
||||
OXEN_LOG(warn, "onion requests v1 are no longer supported");
|
||||
cb(oxen::Response{Status::BAD_REQUEST, "onion requests v2 not supported"});
|
||||
cb(oxen::Response{Status::BAD_REQUEST,
|
||||
"onion requests v1 not supported"});
|
||||
return;
|
||||
}
|
||||
|
||||
|
@ -246,8 +254,7 @@ void RequestHandler::process_onion_req(const std::string& ciphertext,
|
|||
const auto& target = info->target;
|
||||
|
||||
// Forward the request to url but only if it ends in `/lsrpc`
|
||||
if ((util::ends_with(target, "/lsrpc")) &&
|
||||
(target.find('?') == std::string::npos)) {
|
||||
if (is_server_url_allowed(target)) {
|
||||
this->process_onion_to_url(info->protocol, info->host, info->port,
|
||||
target, info->payload, std::move(cb));
|
||||
|
||||
|
|
|
@ -66,4 +66,6 @@ auto parse_combined_payload(const std::string& payload) -> CiphertextPlusJson;
|
|||
auto process_inner_request(const CiphertextPlusJson& parsed,
|
||||
std::string plaintext) -> ParsedInfo;
|
||||
|
||||
bool is_server_url_allowed(std::string_view url);
|
||||
|
||||
} // namespace oxen
|
|
@ -114,4 +114,16 @@ BOOST_AUTO_TEST_CASE(relay_to_node) {
|
|||
|
||||
}
|
||||
|
||||
BOOST_AUTO_TEST_CASE(correctly_filters_urls) {
|
||||
|
||||
BOOST_CHECK(is_server_url_allowed("/loki/v3/lsrpc"));
|
||||
BOOST_CHECK(is_server_url_allowed("/loki/oxen/v4/lsrpc"));
|
||||
BOOST_CHECK(is_server_url_allowed("/oxen/v3/lsrpc"));
|
||||
|
||||
BOOST_CHECK(!is_server_url_allowed("/not_loki/v3/lsrpc"));
|
||||
BOOST_CHECK(!is_server_url_allowed("/loki/v3"));
|
||||
BOOST_CHECK(!is_server_url_allowed("/loki/v3/lsrpc?foo=bar"));
|
||||
|
||||
}
|
||||
|
||||
BOOST_AUTO_TEST_SUITE_END()
|
Loading…
Reference in a new issue