Changeset 35 in code
- Timestamp:
- Nov 22, 2016, 1:50:27 PM (9 years ago)
- File:
-
- 1 edited
-
trunk/morty.go (modified) (12 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/morty.go
r33 r35 110 110 <div id="mortyheader"> 111 111 <input type="checkbox" id="mortytoggle" autocomplete="off" /> 112 <div><p>This is a proxified and sanitized view of the page,<br />visit <a href="%s" rel="noreferrer">original site</a>.</p><p><label for="mortytoggle">hide</label></p></div>112 <div><p>This is a proxified and sanitized view of the page,<br />visit <a href="%s">original site</a>.</p><div><p><label for="mortytoggle">hide</label></p></div></div> 113 113 </div> 114 114 <style> 115 #mortyheader { position: fixed; padding: 12px 12px 12px 0; margin: 0; box-sizing: content-box; top: 15%%; left: 0; max-width: 140px; color: #444; overflow: hidden; z-index: 110000; font-size: 12px; line-height: normal; }116 #mortyheader a { color: #3498db; font-weight: bold;}117 #mortyheader p { padding: 0 0 0.7em 0; margin: 0; }118 #mortyheader > div { padding: 8px; font-size: 12px !important; font-family: sans !important; border-width: 4px 4px 4px 0; border-style: solid; border-color: #1abc9c; background: #FFF; line-height: 1em; }115 #mortyheader { position: fixed; top: 15%%; left: 0; max-width: 10em; color: #444; overflow: hidden; z-index: 110000; font-size: 0.9em; padding: 1em 1em 1em 0; margin: 0; } 116 #mortyheader a { color: #3498db; } 117 #mortyheader p { padding: 0; margin: 0; } 118 #mortyheader > div { padding: 8px; font-size: 0.9em; border-width: 4px 4px 4px 0; border-style: solid; border-color: #1abc9c; background: #FFF; line-height: 1em; } 119 119 #mortyheader label { text-align: right; cursor: pointer; display: block; color: #444; padding: 0; margin: 0; } 120 120 input[type=checkbox]#mortytoggle { display: none; } … … 134 134 135 135 if requestURI == nil { 136 p.serveMainPage(ctx, nil)136 p.serveMainPage(ctx, 200, nil) 137 137 return 138 138 } … … 140 140 if p.Key != nil { 141 141 if !verifyRequestURI(requestURI, requestHash, p.Key) { 142 p.serveMainPage(ctx, errors.New(`invalid "mortyhash" parameter`)) 142 // HTTP status code 403 : Forbidden 143 p.serveMainPage(ctx, 403, errors.New(`invalid "mortyhash" parameter`)) 143 144 return 144 145 } … … 148 149 149 150 if strings.HasSuffix(parsedURI.Host, ".onion") { 150 p.serveMainPage(ctx, errors.New("Tor urls are not supported yet")) 151 // HTTP status code 501 : Not Implemented 152 p.serveMainPage(ctx, 501, errors.New("Tor urls are not supported yet")) 151 153 return 152 154 } 153 155 154 156 if err != nil { 155 p.serveMainPage(ctx, err) 157 // HTTP status code 500 : Internal Server Error 158 p.serveMainPage(ctx, 500, err) 156 159 return 157 160 } … … 186 189 187 190 if err != nil { 188 p.serveMainPage(ctx, err) 191 if err == fasthttp.ErrTimeout { 192 // HTTP status code 504 : Gateway Time-Out 193 p.serveMainPage(ctx, 504, err) 194 } else { 195 // HTTP status code 500 : Internal Server Error 196 p.serveMainPage(ctx, 500, err) 197 } 189 198 return 190 199 } … … 212 221 213 222 if contentType == nil { 214 p.serveMainPage(ctx, errors.New("invalid content type")) 223 // HTTP status code 503 : Service Unavailable 224 p.serveMainPage(ctx, 503, errors.New("invalid content type")) 215 225 return 216 226 } 217 227 218 228 if bytes.Contains(bytes.ToLower(contentType), []byte("javascript")) { 219 p.serveMainPage(ctx, errors.New("forbidden content type")) 229 // HTTP status code 403 : Forbidden 230 p.serveMainPage(ctx, 403, errors.New("forbidden content type")) 220 231 return 221 232 } … … 229 240 responseBody, err = charmap.ISO8859_2.NewDecoder().Bytes(resp.Body()) 230 241 if err != nil { 231 p.serveMainPage(ctx, err) 242 // HTTP status code 503 : Service Unavailable 243 p.serveMainPage(ctx, 503, err) 232 244 return 233 245 } … … 295 307 startIndex = urlEnd 296 308 } else { 297 log.Println("cannot proxify css uri:", string(css[urlStart:urlEnd]))309 log.Println("cannot proxify css uri:", css[urlStart:urlEnd]) 298 310 } 299 311 } … … 492 504 if bytes.Equal(http_equiv, []byte("refresh")) && urlIndex != -1 { 493 505 contentUrl := content[urlIndex+4:] 494 // special case of <meta http-equiv="refresh" content="0; url='example.com/url.with.quote.outside'">495 if len(contentUrl)>=2 && (contentUrl[0] == byte('\'') || contentUrl[0] == byte('"')) {496 if contentUrl[0] == contentUrl[len(contentUrl)-1] {497 contentUrl=contentUrl[1:len(contentUrl)-1]498 }499 }500 // output proxify result501 506 if uri, err := rc.ProxifyURI(string(contentUrl)); err == nil { 502 507 fmt.Fprintf(out, ` http-equiv="refresh" content="%surl=%s"`, content[:urlIndex], uri) … … 524 529 fmt.Fprintf(out, " %s=\"%s\"", attrName, uri) 525 530 } else { 526 log.Println("cannot proxify uri:", string(attrValue))531 log.Println("cannot proxify uri:", attrValue) 527 532 } 528 533 case "style": … … 533 538 } 534 539 535 func mergeURIs(u1, u2 *url.URL) *url.URL{540 func mergeURIs(u1, u2 *url.URL) (*url.URL) { 536 541 return u1.ResolveReference(u2) 537 542 } … … 592 597 } 593 598 594 func (p *Proxy) serveMainPage(ctx *fasthttp.RequestCtx, err error) {599 func (p *Proxy) serveMainPage(ctx *fasthttp.RequestCtx, statusCode int, err error) { 595 600 ctx.SetContentType("text/html") 601 ctx.SetStatusCode(statusCode) 596 602 ctx.Write([]byte(`<!doctype html> 597 603 <head> 598 604 <title>MortyProxy</title> 599 <meta name="viewport" content="width=device-width, initial-scale=1 , maximum-scale=1.0, user-scalable=1" />600 605 <style> 601 html { height: 100%; } 602 body { min-height : 100%; display: flex; flex-direction:column; font-family: 'Garamond', 'Georgia', serif; text-align: center; color: #444; background: #FAFAFA; margin: 0; padding: 0; font-size: 1.1em; } 606 body { font-family: 'Garamond', 'Georgia', serif; text-align: center; color: #444; background: #FAFAFA; margin: 0; padding: 0; font-size: 1.1em; } 603 607 input { border: 1px solid #888; padding: 0.3em; color: #444; background: #FFF; font-size: 1.1em; } 604 input[placeholder] { width:80%; }605 608 a { text-decoration: none; #2980b9; } 606 609 h1, h2 { font-weight: 200; margin-bottom: 2rem; } 607 610 h1 { font-size: 3em; } 608 .container { flex:1; min-height: 100%; margin-bottom: 1em; } 609 .footer { margin: 1em; } 611 .footer { position: absolute; bottom: 2em; width: 100%; } 610 612 .footer p { font-size: 0.8em; } 613 611 614 </style> 612 615 </head> 613 616 <body> 614 <div class="container"> 615 <h1>MortyProxy</h1> 616 `)) 617 <h1>MortyProxy</h1>`)) 617 618 if err != nil { 618 ctx.SetStatusCode(404)619 619 log.Println("error:", err) 620 620 ctx.Write([]byte("<h2>Error: ")) 621 621 ctx.Write([]byte(html.EscapeString(err.Error()))) 622 622 ctx.Write([]byte("</h2>")) 623 } else {624 ctx.SetStatusCode(200)625 623 } 626 624 if p.Key == nil { 627 625 ctx.Write([]byte(` 628 629 Visit url: <input placeholder="https://url.." name="mortyurl" autofocus/>630 631 626 <form action="post"> 627 Visit url: <input placeholder="https://url.." name="mortyurl" /> 628 <input type="submit" value="go" /> 629 </form>`)) 632 630 } else { 633 631 ctx.Write([]byte(`<h3>Warning! This instance does not support direct URL opening.</h3>`)) 634 632 } 635 633 ctx.Write([]byte(` 636 </div> 637 <div class="footer"> 638 <p>Morty rewrites web pages to exclude malicious HTML tags and CSS/HTML attributes. It also replaces external resource references to prevent third-party information leaks.<br /> 639 <a href="https://github.com/asciimoo/morty">view on github</a> 640 </p> 641 </div> 634 <div class="footer"> 635 <p>Morty rewrites web pages to exclude malicious HTML tags and CSS/HTML attributes. It also replaces external resource references to prevent third-party information leaks.<br /> 636 <a href="https://github.com/asciimoo/morty">view on github</a> 637 </p> 638 </div> 642 639 </body> 643 640 </html>`))
Note:
See TracChangeset
for help on using the changeset viewer.
