From ad4e7f4762a5b462722c2d0f27f2ea158f523b39 Mon Sep 17 00:00:00 2001 From: Tiara Rodney Date: Sun, 17 Apr 2022 04:31:49 +0200 Subject: [PATCH 1/2] fix(router): add SSL exemption for Tor hidden services --- samples/httpaste.it/docker-compose.yml | 2 +- src/httpaste/__init__.py | 2 +- src/httpaste/helper/url.py | 16 +++++++++++++++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/samples/httpaste.it/docker-compose.yml b/samples/httpaste.it/docker-compose.yml index 2dc9ace..ff6124c 100644 --- a/samples/httpaste.it/docker-compose.yml +++ b/samples/httpaste.it/docker-compose.yml @@ -38,6 +38,6 @@ services: dockerfile: Dockerfile volumes: - ./tor/etc/tor/torrc:/etc/tor/torrc - - ./tor/var/lib/tor/hidden_service:./tor/var/lib/tor/hidden_service + - ./tor/var/lib/tor/hidden_service:/tor/var/lib/tor/hidden_service volumes: system-shared: diff --git a/src/httpaste/__init__.py b/src/httpaste/__init__.py index 24716b9..844f9cc 100755 --- a/src/httpaste/__init__.py +++ b/src/httpaste/__init__.py @@ -247,7 +247,7 @@ def get_flask_app(config: Config) -> FlaskApp: https_url = url_upgrade_to_https(request.url, config.server.ssl_port) - if https_url != request.url: + if https_url != request.url and not url_has_tld(request._view, 'onion'): request._view['before_request__ssl_url'] = https_url diff --git a/src/httpaste/helper/url.py b/src/httpaste/helper/url.py index cd0c800..c44c02f 100644 --- a/src/httpaste/helper/url.py +++ b/src/httpaste/helper/url.py @@ -37,4 +37,18 @@ def url_upgrade_to_https(url: str, port: Optional[int] = 443): urlcomps = urlcomps._replace(netloc=netloc) - return urlcomps.geturl() \ No newline at end of file + return urlcomps.geturl() + + +def url_has_tld(url:str, tld:str): + + urlcomps = urlparse(url) + + hostname = urlcomps.netloc.rsplit(':', 1)[0] + + hostname_levels = hostname.rsplit('.', 1) + + if len(hostname_levels) > 1 and hostname_levels[-1:][0] == tld: + return True + + return False \ No newline at end of file From 903e4370095dd4443ca5ef73187d65d8c3a70b3b Mon Sep 17 00:00:00 2001 From: Tiara Rodney Date: Sun, 17 Apr 2022 04:34:06 +0200 Subject: [PATCH 2/2] fix(router): add missing import --- src/httpaste/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/httpaste/__init__.py b/src/httpaste/__init__.py index 844f9cc..3b0bc70 100755 --- a/src/httpaste/__init__.py +++ b/src/httpaste/__init__.py @@ -152,7 +152,7 @@ from httpaste.model import Config as ModelConfig from httpaste.backend import get_backend_config from httpaste.backend import Config as BackendConfig from httpaste.helper.config import get_configparser, CONFIGPATH_ENVIRON -from httpaste.helper.url import url_upgrade_to_https +from httpaste.helper.url import url_upgrade_to_https, url_has_tld from httpaste.helper.http import ( BadRequestError, ForbiddenError,