mirror of
https://github.com/iv-org/invidious.git
synced 2024-10-01 01:35:38 -04:00
Fix referers
This commit is contained in:
parent
71aa4d0347
commit
3ba2a7d921
@ -131,6 +131,19 @@ before_all do |env|
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
current_page = env.request.path
|
||||
if env.request.query
|
||||
query = HTTP::Params.parse(env.request.query.not_nil!)
|
||||
|
||||
if query["referer"]?
|
||||
query["referer"] = get_referer(env, "/")
|
||||
end
|
||||
|
||||
current_page += "?#{query}"
|
||||
end
|
||||
|
||||
env.set "current_page", URI.escape(current_page)
|
||||
end
|
||||
|
||||
get "/" do |env|
|
||||
@ -411,8 +424,7 @@ end
|
||||
|
||||
# See https://github.com/rg3/youtube-dl/blob/master/youtube_dl/extractor/youtube.py#L79
|
||||
post "/login" do |env|
|
||||
referer = env.params.query["referer"]?
|
||||
referer ||= get_referer(env, "/feed/subscriptions")
|
||||
referer = get_referer(env, "/feed/subscriptions")
|
||||
|
||||
email = env.params.body["email"]?
|
||||
password = env.params.body["password"]?
|
||||
@ -506,7 +518,7 @@ post "/login" do |env|
|
||||
end
|
||||
|
||||
if !tfa_code
|
||||
next env.redirect "/login?tfa=true&type=google"
|
||||
next env.redirect "/login?tfa=true&type=google&referer=#{URI.escape(referer)}"
|
||||
end
|
||||
|
||||
tl = challenge_results[1][2]
|
||||
@ -677,7 +689,7 @@ get "/signout" do |env|
|
||||
end
|
||||
|
||||
env.request.cookies.add_response_headers(env.response.headers)
|
||||
env.redirect referer
|
||||
env.redirect URI.unescape(referer)
|
||||
end
|
||||
|
||||
get "/preferences" do |env|
|
||||
|
@ -150,10 +150,27 @@ def make_host_url(ssl, host)
|
||||
end
|
||||
|
||||
def get_referer(env, fallback = "/")
|
||||
referer = env.request.headers["referer"]?
|
||||
referer = env.params.query["referer"]?
|
||||
referer ||= env.request.headers["referer"]?
|
||||
referer ||= fallback
|
||||
|
||||
referer = URI.parse(referer).full_path
|
||||
referer = URI.parse(referer)
|
||||
|
||||
# "Unroll" nested referers
|
||||
loop do
|
||||
if referer.query
|
||||
params = HTTP::Params.parse(referer.query.not_nil!)
|
||||
if params["referer"]?
|
||||
referer = URI.parse(URI.unescape(params["referer"]))
|
||||
else
|
||||
break
|
||||
end
|
||||
else
|
||||
break
|
||||
end
|
||||
end
|
||||
|
||||
referer = referer.full_path
|
||||
|
||||
if referer == env.request.path
|
||||
referer = fallback
|
||||
|
@ -16,16 +16,16 @@
|
||||
<p class="h-box">
|
||||
<% if user %>
|
||||
<% if subscriptions.includes? ucid %>
|
||||
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= ucid %>">
|
||||
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= ucid %>&referer=<%= env.get("current_page") %>">
|
||||
<b>Unsubscribe from <%= author %></b>
|
||||
</a>
|
||||
<% else %>
|
||||
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= ucid %>">
|
||||
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= ucid %>&referer=<%= env.get("current_page") %>">
|
||||
<b>Subscribe to <%= author %></b>
|
||||
</a>
|
||||
<% end %>
|
||||
<% else %>
|
||||
<a href="/login">
|
||||
<a href="/login?referer=<%= env.get("current_page") %>">
|
||||
<b>Login to subscribe to <%= author %></b>
|
||||
</a>
|
||||
<% end %>
|
||||
|
@ -16,7 +16,7 @@
|
||||
</div>
|
||||
<hr>
|
||||
<% if account_type == "invidious" %>
|
||||
<form class="pure-form pure-form-stacked" action="/login?referer=<%= referer %>&type=invidious" method="post">
|
||||
<form class="pure-form pure-form-stacked" action="/login?referer=<%= URI.escape(referer) %>&type=invidious" method="post">
|
||||
<fieldset>
|
||||
<label for="email">User ID:</label>
|
||||
<input required class="pure-input-1" name="email" type="text" placeholder="User ID">
|
||||
@ -34,7 +34,7 @@
|
||||
</fieldset>
|
||||
</form>
|
||||
<% elsif account_type == "google" %>
|
||||
<form class="pure-form pure-form-stacked" action="/login?referer=<%= referer %>" method="post">
|
||||
<form class="pure-form pure-form-stacked" action="/login?referer=<%= URI.escape(referer) %>" method="post">
|
||||
<fieldset>
|
||||
<label for="email">Email:</label>
|
||||
<input required class="pure-input-1" name="email" type="email" placeholder="Email">
|
||||
|
@ -34,7 +34,7 @@
|
||||
<div class="pure-u-1 pure-u-md-8-24 user-field">
|
||||
<% if env.get? "user" %>
|
||||
<div class="pure-u-1-4">
|
||||
<a href="/toggle_theme" class="pure-menu-heading">
|
||||
<a href="/toggle_theme?referer=<%= env.get("current_page") %>" class="pure-menu-heading">
|
||||
<% preferences = env.get("user").as(User).preferences %>
|
||||
<% if preferences.dark_mode %>
|
||||
<i class="icon ion-ios-sunny"></i>
|
||||
@ -54,15 +54,15 @@
|
||||
</a>
|
||||
</div>
|
||||
<div class="pure-u-1-4">
|
||||
<a href="/preferences" class="pure-menu-heading">
|
||||
<a href="/preferences?referer=<%= env.get("current_page") %>" class="pure-menu-heading">
|
||||
<i class="icon ion-ios-cog"></i>
|
||||
</a>
|
||||
</div>
|
||||
<div class="pure-u-1-4">
|
||||
<a href="/signout" class="pure-menu-heading">Sign out</a>
|
||||
<a href="/signout?referer=<%= env.get("current_page") %>" class="pure-menu-heading">Sign out</a>
|
||||
</div>
|
||||
<% else %>
|
||||
<a href="/login" class="pure-menu-heading">Login</a>
|
||||
<a href="/login?referer=<%= env.get("current_page") %>" class="pure-menu-heading">Login</a>
|
||||
<% end %>
|
||||
</div>
|
||||
</div>
|
||||
|
@ -232,20 +232,20 @@ get_youtube_comments();
|
||||
<% if user %>
|
||||
<% if subscriptions.includes? video.ucid %>
|
||||
<p>
|
||||
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= video.ucid %>">
|
||||
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= video.ucid %>&referer=<%= env.get("current_page") %>">
|
||||
<b>Unsubscribe from <%= video.author %></b>
|
||||
</a>
|
||||
</p>
|
||||
<% else %>
|
||||
<p>
|
||||
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= video.ucid %>">
|
||||
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= video.ucid %>&referer=<%= env.get("current_page") %>">
|
||||
<b>Subscribe to <%= video.author %></b>
|
||||
</a>
|
||||
</p>
|
||||
<% end %>
|
||||
<% else %>
|
||||
<p>
|
||||
<a href="/login">
|
||||
<a href="/login?referer=<%= env.get("current_page") %>">
|
||||
<b>Login to subscribe to <%= video.author %></b>
|
||||
</a>
|
||||
</p>
|
||||
|
Loading…
Reference in New Issue
Block a user