ExternalVendorCode/tahoe-lafs
1
0
Fork 0
mirror of https://github.com/tahoe-lafs/tahoe-lafs.git synced 2025-06-11 20:11:47 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

validate capability before doing anything

Browse Source
This commit is contained in:
meejah
2019-09-05 16:07:22 -06:00
parent 119de2be8e
commit dc19e7379e
1 changed files with 13 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
src/allmydata/web/root.py
View File

@ -38,6 +38,7 @@ from allmydata.web.common import (
from allmydata.web.private import ( from allmydata.web.private import (
create_private_tree, create_private_tree,
) )
from allmydata import uri
class URIHandler(resource.Resource, object): class URIHandler(resource.Resource, object):
""" """
@ -60,26 +61,24 @@ class URIHandler(resource.Resource, object):
if uri_arg is None: if uri_arg is None:
raise WebError("GET /uri requires uri=") raise WebError("GET /uri requires uri=")
# XXX exarkun raised in #twisted that shennanigans like # shennanigans like putting "%2F" or just "/" itself, or ../
# putting "%2F" or just "/" itself, or ../ etc in the <cap> # etc in the <cap> might be a vector for weirdness so we
# might be a vector for weirdness .. so we should confirm # validate that this is a valid capability before proceeding.
# uri_arg is at least a valid cap (not necessarily cap = uri.from_string(uri_arg)
# retrievable) before redirecting or doing anything else with if isinstance(cap, uri.UnknownURI):
# it. raise WebError("Invalid capability")
# so, using URL.from_text(req.uri) isn't going to work because # so, using URL.from_text(req.uri) isn't going to work because
# it seems Nevow was creating absolute URLs including # it seems Nevow was creating absolute URLs including
# host/port whereas req.uri is absolute but lacks host/port # host/port whereas req.uri is absolute (but lacks host/port)
uri = URL.from_text(req.prePathURL().decode('utf8')) redir_uri = URL.from_text(req.prePathURL().decode('utf8'))
# using ^ prePathURL() above because that includes the scheme redir_uri = redir_uri.child(urllib.quote(uri_arg).decode('utf8'))
# / host / port but req.uri does not. # add back all the query args that AREN'T "?uri="
uri = uri.child(urllib.quote(uri_arg).decode('utf8'))
# add back all the query args that AREN'T ?uri=
for k, values in req.args.items(): for k, values in req.args.items():
if k != "uri": if k != "uri":
for v in values: for v in values:
uri = uri.add(k.decode('utf8'), v.decode('utf8')) redir_uri = redir_uri.add(k.decode('utf8'), v.decode('utf8'))
return redirectTo(uri.to_text().encode('utf8'), req) return redirectTo(redir_uri.to_text().encode('utf8'), req)
def render_PUT(self, req): def render_PUT(self, req):
""" """