Support for raw content subdomain #52
Closed
hw
wants to merge 1 commits from raw_content_subdomain_support
into master
Loading…
Reference in new issue
There is no content yet.
Delete Branch 'raw_content_subdomain_support'
Deleting a branch is permanent. It CANNOT be undone. Continue?
Support for raw content delivery on dedicated subdomain. (Needs review)
Looks good so far, but basically this whole PR acts as a pretty basic reverse-proxy right now - why don't we just do that in HAProxy or nginx instead?
if ($owner === "raw") {
$owner = strtolower(array_shift($request_url_parts));
$cors = true;
$ch = curl_init("http://localhost:3000" . $_SERVER["REQUEST_URI"]);
Does this limit in any way the accessible pages? Like can I get the source of my user account page by going to raw.codeberg.org/momar?
It recognizes permissions (hidden repos get 404 which is not the case currently).
Possibly a problem: it seems like people can get a valid CSRF token through that, as they seem to not be limited to an IP address!
I'd suggest to only map
raw.codeberg.org/{username}/{repo}/{...}
tocodeberg.org/{username}/{repo}/raw/{...}
, and only serve the response when it's200 OK
So we should strip the headers?
(just like the cookie?)
Nonono, the CSRF token is in the content of the response! We should explicitly only allow raw files from repositories (
raw.codeberg.org/username/repo/branch/main/filename.txt
), instead of any Gitea URL (likeraw.codeberg.org/user/settings
, even if cookies are stripped).never from .org I guess?
That doesn't matter - replace it with .page or whatever. IMO it should definitely only be possible to get files from repositories via the .page TLD, and make sure to never expose Gitea resources like the API, or HTML pages.
agree
Whoops, pressed the wrong button...
Oh, and I think the issue that I have fixed in #50 (even though it was caused by the original plans of this PR) isn't fixed here yet?
Alright, I found out some more issues: The
if ($owner === "raw")
block doesn't die (so the rest of the script is executed as well), and HTML would be rendered, which is probably more confusing than useful. I fixed those issues in #50.Also a question: shall this expose raw.codeberg.org or raw.codeberg.page?! because currently I think it uses the latter one.
Please see Codeberg/build-deploy-gitea#52 before merging, I think that's a blocker!
Thank you for merging #50! I guess with it containing the changes here, this PR can be closed.
Superseded by #50
Reviewers