Git-Mirrors/onionshare
1
0
Fork 0
mirror of https://github.com/onionshare/onionshare.git synced 2025-02-26 01:11:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

Create new slug each time onionshare server is started (#247). This required making removing check_slug_candidate as a decorator and calling it inside functions that needed it instead.

Browse Source
This commit is contained in:
Micah Lee 2016-02-12 11:56:35 -08:00
parent e199946a8d
commit b2bda8294a
1 changed files with 22 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
onionshare/web.py
View File

@ -87,7 +87,11 @@ def add_request(request_type, path, data=None):
}) })
slug = helpers.random_string(16) slug = None
def generate_slug():
global slug
slug = helpers.random_string(16)
download_count = 0 download_count = 0
stay_open = False stay_open = False
@ -131,23 +135,20 @@ def debug_mode():
log_handler.setLevel(logging.WARNING) log_handler.setLevel(logging.WARNING)
app.logger.addHandler(log_handler) app.logger.addHandler(log_handler)
def check_slug_candidate(slug): def check_slug_candidate(slug_candidate, slug_compare = None):
def slug_dec(f): global slug
@wraps(f) if not slug_compare:
def slug_wrapper(slug_candidate, *args, **kwargs): slug_compare = slug
if not helpers.constant_time_compare(slug.encode('ascii'),slug_candidate.encode('ascii')): if not helpers.constant_time_compare(slug_compare.encode('ascii'), slug_candidate.encode('ascii')):
abort(404) abort(404)
return f(*args, **kwargs)
return slug_wrapper
return slug_dec
@app.route("/<slug_candidate>") @app.route("/<slug_candidate>")
@check_slug_candidate(slug) def index(slug_candidate):
def index():
""" """
Render the template for the onionshare landing page. Render the template for the onionshare landing page.
""" """
check_slug_candidate(slug_candidate)
add_request(REQUEST_LOAD, request.path) add_request(REQUEST_LOAD, request.path)
return render_template_string( return render_template_string(
open(helpers.get_html_path('index.html')).read(), open(helpers.get_html_path('index.html')).read(),
@ -160,11 +161,12 @@ def index():
@app.route("/<slug_candidate>/download") @app.route("/<slug_candidate>/download")
@check_slug_candidate(slug) def download(slug_candidate):
def download():
""" """
Download the zip file. Download the zip file.
""" """
check_slug_candidate(slug_candidate)
global download_count global download_count
# each download has a unique id # each download has a unique id
@ -251,11 +253,12 @@ shutdown_slug = helpers.random_string(16)
@app.route("/<slug_candidate>/shutdown") @app.route("/<slug_candidate>/shutdown")
@check_slug_candidate(shutdown_slug) def shutdown(slug_candidate):
def shutdown():
""" """
Stop the flask web server. Stop the flask web server.
""" """
check_slug_candidate(slug_candidate, shutdown_slug)
# shutdown the flask service # shutdown the flask service
func = request.environ.get('werkzeug.server.shutdown') func = request.environ.get('werkzeug.server.shutdown')
if func is None: if func is None:
@ -269,6 +272,8 @@ def start(port, stay_open=False, transparent_torification=False):
""" """
Start the flask web server. Start the flask web server.
""" """
generate_slug()
set_stay_open(stay_open) set_stay_open(stay_open)
set_transparent_torification(transparent_torification) set_transparent_torification(transparent_torification)
app.run(port=port, threaded=True) app.run(port=port, threaded=True)