Merge branch 'master' into git-and-newdir

2024-03-31 16:07:41 +00:00 · 2024-03-31 16:07:41 +00:00 · 41ebf510cb
commit 41ebf510cb
parent d66dafc111 8c90b2d0a2
12 changed files with 44 additions and 17 deletions
--- a/.gitignore
+++ b/.gitignore
@ -37,3 +37,11 @@ zeronet.conf

 # ZeroNet log files
 log/*
+
+# Enabled plugins that disabled by default
+plugins/Bootstrapper
+plugins/DonationMessage
+plugins/Multiuser
+plugins/NoNewSites
+plugins/StemPort
+plugins/UiPassword
--- a/plugins/AnnounceLocal/AnnounceLocalPlugin.py
+++ b/plugins/AnnounceLocal/AnnounceLocalPlugin.py
@ -142,6 +142,6 @@ class FileServerPlugin(object):
 class ConfigPlugin(object):
    def createArguments(self):
        group = self.parser.add_argument_group("AnnounceLocal plugin")
-        group.add_argument('--broadcast_port', help='UDP broadcasting port for local peer discovery', default=1544, type=int, metavar='port')
+        group.add_argument('--broadcast-port', help='UDP broadcasting port for local peer discovery', default=1544, type=int, metavar='port')

        return super(ConfigPlugin, self).createArguments()
--- a/plugins/AnnounceShare/AnnounceSharePlugin.py
+++ b/plugins/AnnounceShare/AnnounceSharePlugin.py
@ -185,6 +185,6 @@ class FileServerPlugin(object):
 class ConfigPlugin(object):
    def createArguments(self):
        group = self.parser.add_argument_group("AnnounceShare plugin")
-        group.add_argument('--working_shared_trackers_limit', help='Stop discovering new shared trackers after this number of shared trackers reached', default=5, type=int, metavar='limit')
+        group.add_argument('--working-shared-trackers-limit', help='Stop discovering new shared trackers after this number of shared trackers reached', default=5, type=int, metavar='limit')

        return super(ConfigPlugin, self).createArguments()
--- a/plugins/Benchmark/BenchmarkPlugin.py
+++ b/plugins/Benchmark/BenchmarkPlugin.py
@ -413,7 +413,7 @@ class ConfigPlugin(object):
        back = super(ConfigPlugin, self).createArguments()
        if self.getCmdlineValue("test") == "benchmark":
            self.test_parser.add_argument(
-                '--num_multipler', help='Benchmark run time multipler',
+                '--num-multipler', help='Benchmark run time multipler',
                default=1.0, type=float, metavar='num'
            )
            self.test_parser.add_argument(
@ -422,7 +422,7 @@ class ConfigPlugin(object):
            )
        elif self.getCmdlineValue("test") == "portChecker":
            self.test_parser.add_argument(
-                '--func_name', help='Name of open port checker function',
+                '--func-name', help='Name of open port checker function',
                default=None, metavar='func_name'
            )
        return back
--- a/plugins/Bigfile/BigfilePlugin.py
+++ b/plugins/Bigfile/BigfilePlugin.py
@ -837,7 +837,7 @@ class SitePlugin(object):
 class ConfigPlugin(object):
    def createArguments(self):
        group = self.parser.add_argument_group("Bigfile plugin")
-        group.add_argument('--autodownload_bigfile_size_limit', help='Also download bigfiles smaller than this limit if help distribute option is checked', default=10, metavar="MB", type=int)
-        group.add_argument('--bigfile_size_limit', help='Maximum size of downloaded big files', default=False, metavar="MB", type=int)
+        group.add_argument('--autodownload-bigfile-size-limit', help='Also download bigfiles smaller than this limit if help distribute option is checked', default=10, metavar="MB", type=int)
+        group.add_argument('--bigfile-size-limit', help='Maximum size of downloaded big files', default=False, metavar="MB", type=int)

        return super(ConfigPlugin, self).createArguments()
--- a/plugins/OptionalManager/OptionalManagerPlugin.py
+++ b/plugins/OptionalManager/OptionalManagerPlugin.py
@ -247,7 +247,7 @@ class SitePlugin(object):
 class ConfigPlugin(object):
    def createArguments(self):
        group = self.parser.add_argument_group("OptionalManager plugin")
-        group.add_argument('--optional_limit', help='Limit total size of optional files', default="10%", metavar="GB or free space %")
-        group.add_argument('--optional_limit_exclude_minsize', help='Exclude files larger than this limit from optional size limit calculation', default=20, metavar="MB", type=int)
+        group.add_argument('--optional-limit', help='Limit total size of optional files', default="10%", metavar="GB or free space %")
+        group.add_argument('--optional-limit-exclude-minsize', help='Exclude files larger than this limit from optional size limit calculation', default=20, metavar="MB", type=int)

        return super(ConfigPlugin, self).createArguments()
--- a/plugins/Zeroname/SiteManagerPlugin.py
+++ b/plugins/Zeroname/SiteManagerPlugin.py
@ -62,7 +62,7 @@ class ConfigPlugin(object):
    def createArguments(self):
        group = self.parser.add_argument_group("Zeroname plugin")
        group.add_argument(
-            "--bit_resolver", help="ZeroNet site to resolve .bit domains",
+            "--bit-resolver", help="ZeroNet site to resolve .bit domains (deprecated)",
            default="1GnACKctkJrGWHTqxk9T9zXo2bLQc2PDnF", metavar="address"
        )

--- a/plugins/disabled-Multiuser/MultiuserPlugin.py
+++ b/plugins/disabled-Multiuser/MultiuserPlugin.py
@ -272,7 +272,7 @@ class UiWebsocketPlugin(object):
 class ConfigPlugin(object):
    def createArguments(self):
        group = self.parser.add_argument_group("Multiuser plugin")
-        group.add_argument('--multiuser_local', help="Enable unsafe Ui functions and write users to disk", action='store_true')
-        group.add_argument('--multiuser_no_new_sites', help="Denies adding new sites by normal users", action='store_true')
+        group.add_argument('--multiuser-local', help="Enable unsafe Ui functions and write users to disk", action='store_true')
+        group.add_argument('--multiuser-no-new-sites', help="Denies adding new sites by normal users", action='store_true')

        return super(ConfigPlugin, self).createArguments()
--- a/plugins/disabled-UiPassword/UiPasswordPlugin.py
+++ b/plugins/disabled-UiPassword/UiPasswordPlugin.py
@ -159,7 +159,7 @@ class UiRequestPlugin(object):
 class ConfigPlugin(object):
    def createArguments(self):
        group = self.parser.add_argument_group("UiPassword plugin")
-        group.add_argument('--ui_password', help='Password to access UiServer', default=None, metavar="password")
+        group.add_argument('--ui-password', help='Password to access UiServer', default=None, metavar="password")

        return super(ConfigPlugin, self).createArguments()

--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@ -100,6 +100,25 @@ class UiRequest:
    def resolveDomain(self, domain):
        return self.server.site_manager.resolveDomainCached(domain)

+    def hasCorsPermission(self, referer):
+        """Check if site from referer has CORS permission to read site in current request
+
+        NOTE: this allows embedding WITHOUT prepending "cors-" (as it has already been used
+        for a long time e.g. on ZeroBlog++ based sites) as long as read permission has been
+        granted.
+        """
+        target_path = self.env['PATH_INFO']
+        if referer is None or target_path is None:
+            return False
+        s_parts = self.parsePath(referer)
+        t_parts = self.parsePath(target_path)
+        s_address = s_parts['address']
+        t_address = t_parts['address']
+        if not s_address or not t_address:
+            return False
+        s_site = self.server.sites[s_address]
+        return f'Cors:{t_address}' in s_site.settings['permissions']
+
    def isCrossOriginRequest(self):
        """Prevent detecting sites on this 0net instance

@ -129,7 +148,7 @@ class UiRequest:
            return False

        # Deny cross site requests
-        if not self.isSameOrigin(referer, url):
+        if not self.isSameOrigin(referer, url) and not self.hasCorsPermission(referer):
            return True

        return False
@ -731,7 +750,7 @@ class UiRequest:
        if "../" in path or "./" in path:
            raise SecurityError("Invalid path")

-        match = re.match(r"/(media/)?(?P<address>[A-Za-z0-9]+[A-Za-z0-9\._-]+)(?P<inner_path>/.*|$)", path)
+        match = re.match(r"(?P<server>(http[s]{0,1}://(.*?))?)/(media/)?(?P<address>[A-Za-z0-9]+[A-Za-z0-9\._-]+)(?P<inner_path>/.*|$)", path)
        if match:
            path_parts = match.groupdict()
            addr = path_parts["address"]
--- a/src/Ui/UiServer.py
+++ b/src/Ui/UiServer.py
@ -162,7 +162,7 @@ class UiServer:
            return ui_request.route(path)
        except Exception as err:
            logging.debug(f"UiRequest @ site error: {Debug.formatException(err)}")
-            return ui_request.error500('Error while trying to server site data')
+            return ui_request.error500('Error while trying to serve site data')

    def startSiteServer(self):
        self.site_server = WSGIServer((self.ip, self.site_port), self.handleSiteRequest, log=self.log)
--- a/src/Ui/UiWebsocket.py
+++ b/src/Ui/UiWebsocket.py
@ -328,8 +328,8 @@ class UiWebsocket(object):
                'ui_ip' : config.ui_ip,
                'ui_port' : config.ui_port,
                'version' : config.version,
-                # The only place this is used is in dashboard so we shorten it for now
-                'rev' : config.commit[:8],
+                # Some legacy code relies on this being an integer, so lets return dummy one
+                'rev' : config.user_agent_rev,
                'timecorrection' : file_server.timecorrection,
                'language' : config.language,
                'debug' : config.debug,