fix(router): add SSL exemption for Tor hidden services

2022-04-17 04:31:49 +02:00 · 2022-04-17 04:31:49 +02:00 · ad4e7f4762
commit ad4e7f4762
parent 90fa8cd7b8
3 changed files with 17 additions and 3 deletions
--- a/samples/httpaste.it/docker-compose.yml
+++ b/samples/httpaste.it/docker-compose.yml
@ -38,6 +38,6 @@ services:
            dockerfile: Dockerfile
        volumes:
            - ./tor/etc/tor/torrc:/etc/tor/torrc
-            - ./tor/var/lib/tor/hidden_service:./tor/var/lib/tor/hidden_service
+            - ./tor/var/lib/tor/hidden_service:/tor/var/lib/tor/hidden_service
 volumes:
    system-shared:
--- a/src/httpaste/init.py
+++ b/src/httpaste/init.py
@ -247,7 +247,7 @@ def get_flask_app(config: Config) -> FlaskApp:

            https_url = url_upgrade_to_https(request.url, config.server.ssl_port)

-            if https_url != request.url:
+            if https_url != request.url and not url_has_tld(request._view, 'onion'):

                request._view['before_request__ssl_url'] = https_url

--- a/src/httpaste/helper/url.py
+++ b/src/httpaste/helper/url.py
@ -38,3 +38,17 @@ def url_upgrade_to_https(url: str, port: Optional[int] = 443):
        urlcomps = urlcomps._replace(netloc=netloc)

    return urlcomps.geturl()
+
+
+def url_has_tld(url:str, tld:str):
+
+    urlcomps = urlparse(url)
+
+    hostname = urlcomps.netloc.rsplit(':', 1)[0]
+
+    hostname_levels = hostname.rsplit('.', 1)
+
+    if len(hostname_levels) > 1 and hostname_levels[-1:][0] == tld:
+        return True
+
+    return False