mirror of https://github.com/perkeep/perkeep.git
Send HTML in the blobserver unauthorized responses. Easier to demo.
This commit is contained in:
Brad Fitzpatrick
parent
873cb075d8
commit
19d0934558
|
|
@ -42,6 +42,11 @@ func createGetHandler(fetcher blobref.Fetcher) func(http.ResponseWriter, *http.R
|
||||||
const fetchFailureDelayNs = 200e6 // 200 ms
|
const fetchFailureDelayNs = 200e6 // 200 ms
|
||||||
const maxJsonSize = 64 * 1024 // should be enough for everyone
|
const maxJsonSize = 64 * 1024 // should be enough for everyone
|
||||||
|
|
||||||
|
func sendUnauthorized(conn http.ResponseWriter) {
|
||||||
|
conn.WriteHeader(http.StatusUnauthorized)
|
||||||
|
fmt.Fprintf(conn, "<h1>Unauthorized</h1>")
|
||||||
|
}
|
||||||
|
|
||||||
func handleGet(conn http.ResponseWriter, req *http.Request, fetcher blobref.Fetcher) {
|
func handleGet(conn http.ResponseWriter, req *http.Request, fetcher blobref.Fetcher) {
|
||||||
isOwner := auth.IsAuthorized(req)
|
isOwner := auth.IsAuthorized(req)
|
||||||
|
|
||||||
|
|
@ -86,31 +91,31 @@ func handleGet(conn http.ResponseWriter, req *http.Request, fetcher blobref.Fetc
|
||||||
file, size, err := fetcher.Fetch(br)
|
file, size, err := fetcher.Fetch(br)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Fetch chain 0 of %s failed: %v", br.String(), err)
|
log.Printf("Fetch chain 0 of %s failed: %v", br.String(), err)
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
defer file.Close()
|
defer file.Close()
|
||||||
if size > maxJsonSize {
|
if size > maxJsonSize {
|
||||||
log.Printf("Fetch chain 0 of %s too large", br.String())
|
log.Printf("Fetch chain 0 of %s too large", br.String())
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
jd := json.NewDecoder(file)
|
jd := json.NewDecoder(file)
|
||||||
m := make(map[string]interface{})
|
m := make(map[string]interface{})
|
||||||
if err := jd.Decode(&m); err != nil {
|
if err := jd.Decode(&m); err != nil {
|
||||||
log.Printf("Fetch chain 0 of %s wasn't JSON: %v", br.String(), err)
|
log.Printf("Fetch chain 0 of %s wasn't JSON: %v", br.String(), err)
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if m["camliType"].(string) != "share" {
|
if m["camliType"].(string) != "share" {
|
||||||
log.Printf("Fetch chain 0 of %s wasn't a share", br.String())
|
log.Printf("Fetch chain 0 of %s wasn't a share", br.String())
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
if len(fetchChain) > 1 && fetchChain[1].String() != m["target"].(string) {
|
if len(fetchChain) > 1 && fetchChain[1].String() != m["target"].(string) {
|
||||||
log.Printf("Fetch chain 0->1 (%s -> %q) unauthorized, expected hop to %q",
|
log.Printf("Fetch chain 0->1 (%s -> %q) unauthorized, expected hop to %q",
|
||||||
br.String(), fetchChain[1].String(), m["target"])
|
br.String(), fetchChain[1].String(), m["target"])
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
case len(fetchChain) - 1:
|
case len(fetchChain) - 1:
|
||||||
|
|
@ -121,7 +126,7 @@ func handleGet(conn http.ResponseWriter, req *http.Request, fetcher blobref.Fetc
|
||||||
file, _, err := fetcher.Fetch(br)
|
file, _, err := fetcher.Fetch(br)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Fetch chain %d of %s failed: %v", i, br.String(), err)
|
log.Printf("Fetch chain %d of %s failed: %v", i, br.String(), err)
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
defer file.Close()
|
defer file.Close()
|
||||||
|
|
@ -129,14 +134,14 @@ func handleGet(conn http.ResponseWriter, req *http.Request, fetcher blobref.Fetc
|
||||||
slurpBytes, err := ioutil.ReadAll(lr)
|
slurpBytes, err := ioutil.ReadAll(lr)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Fetch chain %d of %s failed in slurp: %v", i, br.String(), err)
|
log.Printf("Fetch chain %d of %s failed in slurp: %v", i, br.String(), err)
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
saught := fetchChain[i+1].String()
|
saught := fetchChain[i+1].String()
|
||||||
if bytes.IndexAny(slurpBytes, saught) == -1 {
|
if bytes.IndexAny(slurpBytes, saught) == -1 {
|
||||||
log.Printf("Fetch chain %d of %s failed; no reference to %s",
|
log.Printf("Fetch chain %d of %s failed; no reference to %s",
|
||||||
i, br.String(), saught)
|
i, br.String(), saught)
|
||||||
conn.WriteHeader(http.StatusUnauthorized)
|
sendUnauthorized(conn)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue