mirror of
https://git.mills.io/saltyim/saltyim.git
synced 2024-06-27 09:18:22 +00:00
Add sub-command for checking CORS on discovery endpoints (check_cors), fail lookup if CORS check fails (#63)
Co-authored-by: James Mills <prologic@shortcircuit.net.au> Reviewed-on: https://git.mills.io/saltyim/saltyim/pulls/63
This commit is contained in:
parent
323f09ff5c
commit
4c88a24c87
@ -82,6 +82,26 @@ stream () {
|
||||
printf ">"
|
||||
}
|
||||
|
||||
check_cors() {
|
||||
if [ $# -lt 1 ]; then
|
||||
printf "check_cors takes 1 arugment %d given\n" "$#"
|
||||
printf "Try %s check_cors uri\n" "$(basename "$0")"
|
||||
return 1
|
||||
fi
|
||||
|
||||
uri="$1"
|
||||
|
||||
if [ "$(curl -v -o - -X GET "$uri" 2>&1 | grep -c -i -E 'access-control-allow-(headers|origin)')" -lt 2 ]; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
if [ "$(curl -v -o - -X OPTIONS "$uri" 2>&1 | grep -c -i -E 'access-control-allow-(headers|origin)')" -lt 2 ]; then
|
||||
return 1
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
||||
|
||||
lookup () {
|
||||
if [ $# -lt 1 ]; then
|
||||
printf "lookup takes 1 arugment %d given\n" "$#"
|
||||
@ -97,6 +117,8 @@ lookup () {
|
||||
discovery_host="$(dig +short SRV _salty._tcp."$domain" | cut -f 4 -d' ')"
|
||||
if [ -z "$discovery_host" ]; then
|
||||
discovery_host="$domain"
|
||||
else
|
||||
discovery_host="$(printf "%s" "$discovery_host" | sed -e 's/\.$//')"
|
||||
fi
|
||||
|
||||
info=$(mktemp /tmp/salty.XXXXXX)
|
||||
@ -105,6 +127,16 @@ lookup () {
|
||||
rm "$info"
|
||||
echo "error: lookup failed"
|
||||
return 1
|
||||
else
|
||||
if ! check_cors "https://$discovery_host/.well-known/salty/${nick}.json"; then
|
||||
echo "error: lookup will fail for mobile users due to lack of CORS headers"
|
||||
return 1
|
||||
fi
|
||||
fi
|
||||
else
|
||||
if ! check_cors "https://$discovery_host/.well-known/salty/${hash}.json"; then
|
||||
echo "error: lookup will fail for mobile users due to lack of CORS headers"
|
||||
return 1
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -281,6 +313,7 @@ show_help() {
|
||||
printf " help -- Display this help message\n"
|
||||
printf " chat -- Chat with a user by nick@domain\n"
|
||||
printf " lookup -- Lookup a user by nick@domain\n"
|
||||
printf " check-cors -- Perform a CORS check on a uri\n"
|
||||
printf " make-user -- Generate a new user key pair\n"
|
||||
printf " read -- Reads your messages\n"
|
||||
printf " send -- Sends a message to nick@domain\n"
|
||||
@ -318,6 +351,9 @@ case $CMD in
|
||||
lookup)
|
||||
lookup "$@"
|
||||
;;
|
||||
check-cors)
|
||||
check_cors "@"
|
||||
;;
|
||||
make-user)
|
||||
make_user "$@"
|
||||
;;
|
||||
|
Loading…
Reference in New Issue
Block a user