From ad4e7f4762a5b462722c2d0f27f2ea158f523b39 Mon Sep 17 00:00:00 2001 From: Tiara Rodney Date: Sun, 17 Apr 2022 04:31:49 +0200 Subject: [PATCH] fix(router): add SSL exemption for Tor hidden services --- samples/httpaste.it/docker-compose.yml | 2 +- src/httpaste/__init__.py | 2 +- src/httpaste/helper/url.py | 16 +++++++++++++++- 3 files changed, 17 insertions(+), 3 deletions(-) diff --git a/samples/httpaste.it/docker-compose.yml b/samples/httpaste.it/docker-compose.yml index 2dc9ace..ff6124c 100644 --- a/samples/httpaste.it/docker-compose.yml +++ b/samples/httpaste.it/docker-compose.yml @@ -38,6 +38,6 @@ services: dockerfile: Dockerfile volumes: - ./tor/etc/tor/torrc:/etc/tor/torrc - - ./tor/var/lib/tor/hidden_service:./tor/var/lib/tor/hidden_service + - ./tor/var/lib/tor/hidden_service:/tor/var/lib/tor/hidden_service volumes: system-shared: diff --git a/src/httpaste/__init__.py b/src/httpaste/__init__.py index 24716b9..844f9cc 100755 --- a/src/httpaste/__init__.py +++ b/src/httpaste/__init__.py @@ -247,7 +247,7 @@ def get_flask_app(config: Config) -> FlaskApp: https_url = url_upgrade_to_https(request.url, config.server.ssl_port) - if https_url != request.url: + if https_url != request.url and not url_has_tld(request._view, 'onion'): request._view['before_request__ssl_url'] = https_url diff --git a/src/httpaste/helper/url.py b/src/httpaste/helper/url.py index cd0c800..c44c02f 100644 --- a/src/httpaste/helper/url.py +++ b/src/httpaste/helper/url.py @@ -37,4 +37,18 @@ def url_upgrade_to_https(url: str, port: Optional[int] = 443): urlcomps = urlcomps._replace(netloc=netloc) - return urlcomps.geturl() \ No newline at end of file + return urlcomps.geturl() + + +def url_has_tld(url:str, tld:str): + + urlcomps = urlparse(url) + + hostname = urlcomps.netloc.rsplit(':', 1)[0] + + hostname_levels = hostname.rsplit('.', 1) + + if len(hostname_levels) > 1 and hostname_levels[-1:][0] == tld: + return True + + return False \ No newline at end of file