PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

Merge pull request #1852 from freeacetone/openssl 

HTTPProxy message stream correcting and comments
pull/1854/head
orignal 2 years ago committed by GitHub
parent
bc888167a7 b290ee1aa0
commit
7196db09d6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 7 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      contrib/i2pd.conf
  2. 6
      libi2pd_client/HTTPProxy.cpp

4
contrib/i2pd.conf
Unescape View File

@ -122,6 +122,8 @@ port = 7070
## Path to web console, default "/" ## Path to web console, default "/"
# webroot = / # webroot = /
## Uncomment following lines to enable Web Console authentication ## Uncomment following lines to enable Web Console authentication
## You should not use Web Console via public networks without additional encryption.
## HTTP authentication is not encryption layer!
# auth = true # auth = true
# user = i2pd # user = i2pd
# pass = changeme # pass = changeme
@ -139,6 +141,8 @@ port = 4444
## Optional keys file for proxy local destination ## Optional keys file for proxy local destination
# keys = http-proxy-keys.dat # keys = http-proxy-keys.dat
## Enable address helper for adding .i2p domains with "jump URLs" (default: true) ## Enable address helper for adding .i2p domains with "jump URLs" (default: true)
## You should disable this feature if your i2pd HTTP Proxy is public,
## because anyone could spoof the short domain via addresshelper and forward other users to phishing links
# addresshelper = true # addresshelper = true
## Address of a proxy server inside I2P, which is used to visit regular Internet ## Address of a proxy server inside I2P, which is used to visit regular Internet
# outproxy = http://false.i2p # outproxy = http://false.i2p

6
libi2pd_client/HTTPProxy.cpp
Unescape View File

@ -333,7 +333,6 @@ namespace proxy {
} }
else if (!i2p::client::context.GetAddressBook ().FindAddress (m_RequestURL.host) || m_Confirm) else if (!i2p::client::context.GetAddressBook ().FindAddress (m_RequestURL.host) || m_Confirm)
{ {
// Referer check to prevent forced overwriting by link with "&update=true" from harmful URL
const std::string referer_raw = m_ClientRequest.GetHeader("Referer"); const std::string referer_raw = m_ClientRequest.GetHeader("Referer");
i2p::http::URL referer_url; i2p::http::URL referer_url;
if (!referer_raw.empty ()) if (!referer_raw.empty ())
@ -342,6 +341,7 @@ namespace proxy {
} }
if (m_RequestURL.host != referer_url.host) if (m_RequestURL.host != referer_url.host)
{ {
// Attempt to forced overwriting by link with "&update=true" from harmful URL
if (m_Confirm) if (m_Confirm)
{ {
LogPrint (eLogWarning, "HTTPProxy: Address update from addresshelper rejected for ", m_RequestURL.host, " (referer is ", m_RequestURL.host.empty() ? "empty" : "harmful", ")"); LogPrint (eLogWarning, "HTTPProxy: Address update from addresshelper rejected for ", m_RequestURL.host, " (referer is ", m_RequestURL.host.empty() ? "empty" : "harmful", ")");
@ -354,13 +354,13 @@ namespace proxy {
ss << jump << "&update=true\">" << tr("Continue") << "</a>."; ss << jump << "&update=true\">" << tr("Continue") << "</a>.";
GenericProxyInfo(tr("Addresshelper forced update rejected"), ss.str()); GenericProxyInfo(tr("Addresshelper forced update rejected"), ss.str());
} }
// Preventing unauthorized additions to the address book
else else
{ {
LogPrint (eLogDebug, "HTTPProxy: Adding address from addresshelper for ", m_RequestURL.host, " (generate refer-base page)"); LogPrint (eLogDebug, "HTTPProxy: Adding address from addresshelper for ", m_RequestURL.host, " (generate refer-base page)");
std::string full_url = m_RequestURL.to_string(); std::string full_url = m_RequestURL.to_string();
std::stringstream ss; std::stringstream ss;
ss << tr("To add host") << " <b>" << m_RequestURL.host << "</b> " << tr("in router's addressbook") << ", "; ss << tr("To add host" /*... in router's addressbook, click here */ ) << " <b>" << m_RequestURL.host << "</b> " << tr( /* To add host SOMESHORT.i2p ... */ "in router's addressbook, click here") << ":";
ss << tr("click here") << ":";
ss << " <a href=\"" << full_url << (full_url.find('?') != std::string::npos ? "&i2paddresshelper=" : "?i2paddresshelper="); ss << " <a href=\"" << full_url << (full_url.find('?') != std::string::npos ? "&i2paddresshelper=" : "?i2paddresshelper=");
ss << jump << "\">" << tr("Continue") << "</a>."; ss << jump << "\">" << tr("Continue") << "</a>.";
GenericProxyInfo(tr("Addresshelper request"), ss.str()); GenericProxyInfo(tr("Addresshelper request"), ss.str());

Write Preview
Loading…
Cancel
Save