From f37ab4ee5dfead113f4fcb915771649dab3206c5 Mon Sep 17 00:00:00 2001
From: caryoscelus <caryoscelus@gmx.com>
Date: Thu, 7 Dec 2023 09:56:01 +0000
Subject: [PATCH] Continuing previous commit: --ui_site_port

---
 src/Config.py       |  3 +++
 src/Ui/UiRequest.py | 22 +++++++++++++++++-----
 src/Ui/UiServer.py  |  3 ++-
 3 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/src/Config.py b/src/Config.py
index 1dba0007..e9cd03a2 100644
--- a/src/Config.py
+++ b/src/Config.py
@@ -230,6 +230,7 @@ class Config(object):
         self.parser.add_argument('--language', help='Web interface language', default=language, metavar='language')
         self.parser.add_argument('--ui_ip', help='Web interface bind address', default="127.0.0.1", metavar='ip')
         self.parser.add_argument('--ui_port', help='Web interface bind port', default=43110, type=int, metavar='port')
+        self.parser.add_argument('--ui_site_port', help='Port for serving site content, defaults to ui_port+1', default=None, metavar='port')
         self.parser.add_argument('--ui_restrict', help='Restrict web access', default=False, metavar='ip', nargs='*')
         self.parser.add_argument('--ui_host', help='Allow access using this hosts', metavar='host', nargs='*')
         self.parser.add_argument('--ui_trans_proxy', help='Allow access using a transparent proxy', action='store_true')
@@ -430,6 +431,8 @@ class Config(object):
                 self.arguments = {}
         else:
             self.arguments = self.parser.parse_args(argv[1:])
+        if self.arguments.ui_site_port is None:
+            self.arguments.ui_site_port = self.arguments.ui_port + 1
 
     # Parse config file
     def parseConfig(self, argv):
diff --git a/src/Ui/UiRequest.py b/src/Ui/UiRequest.py
index ced55a00..17e63c9b 100644
--- a/src/Ui/UiRequest.py
+++ b/src/Ui/UiRequest.py
@@ -147,12 +147,11 @@ class UiRequest:
         is_iframe = self.env.get('HTTP_SEC_FETCH_DEST') == 'iframe'
 
         if is_navigate and not is_iframe and self.is_data_request:
-            # remove port from host
-            host = ':'.join(self.env['HTTP_HOST'].split(':')[:-1])
+            host = self.getHostWithoutPort()
             path_info = self.env['PATH_INFO']
             query_string = self.env['QUERY_STRING']
             protocol = self.env['wsgi.url_scheme']
-            return self.actionRedirect(f'{protocol}://{host}:43110{path_info}?{query_string}')
+            return self.actionRedirect(f'{protocol}://{host}:{config.ui_port}{path_info}?{query_string}')
 
         if self.isCrossOriginRequest():
             # we are still exposed by answering on port
@@ -360,7 +359,14 @@ class UiRequest:
         if noscript:
             headers["Content-Security-Policy"] = "default-src 'none'; sandbox allow-top-navigation allow-forms; img-src *; font-src * data:; media-src *; style-src * 'unsafe-inline';"
         elif script_nonce:
-            headers["Content-Security-Policy"] = f"default-src 'none'; script-src 'nonce-{script_nonce}'; img-src 'self' blob: data:; style-src 'self' blob: 'unsafe-inline'; connect-src *; frame-src 'self' blob: http://127.0.0.1:43111"
+            host = self.getHostWithoutPort()
+            port = int(self.env['SERVER_PORT'])
+            if port == config.ui_port:
+                other_port = config.ui_site_port
+            else:
+                other_port = config.ui_port
+            site_server = f'{host}:{other_port}'
+            headers["Content-Security-Policy"] = f"default-src 'none'; script-src 'nonce-{script_nonce}'; img-src 'self' blob: data:; style-src 'self' blob: 'unsafe-inline'; connect-src *; frame-src {site_server}"
 
         if allow_ajax:
             headers["Access-Control-Allow-Origin"] = "null"
@@ -518,6 +524,9 @@ class UiRequest:
             server_url = ""
         return server_url
 
+    def getHostWithoutPort(self):
+        return ':'.join(self.env['HTTP_HOST'].split(':')[:-1])
+
     def processQueryString(self, site, query_string):
         match = re.search("zeronet_peers=(.*?)(&|$)", query_string)
         if match:
@@ -629,9 +638,12 @@ class UiRequest:
             repl.update(html_chars)
             return s.translate(repl)
 
+        scheme = self.env['wsgi.url_scheme']
+        host = self.getHostWithoutPort()
+
         return self.render(
             "src/Ui/template/wrapper.html",
-            site_file_server='http://127.0.0.1:43111',
+            site_file_server=f'{scheme}://{host}:{config.ui_site_port}',
             server_url=server_url,
             inner_path=inner_path,
             file_url=xescape(file_url),
diff --git a/src/Ui/UiServer.py b/src/Ui/UiServer.py
index 24fd04d7..27727d4c 100644
--- a/src/Ui/UiServer.py
+++ b/src/Ui/UiServer.py
@@ -55,6 +55,7 @@ class UiServer:
     def __init__(self):
         self.ip = config.ui_ip
         self.port = config.ui_port
+        self.site_port = config.ui_site_port
         self.running = False
         if self.ip == "*":
             self.ip = "0.0.0.0"  # Bind all
@@ -164,7 +165,7 @@ class UiServer:
             return ui_request.error500('Error while trying to server site data')
 
     def startSiteServer(self):
-        self.site_server = WSGIServer((self.ip, 43111), self.handleSiteRequest, log=self.log)
+        self.site_server = WSGIServer((self.ip, self.site_port), self.handleSiteRequest, log=self.log)
         self.site_server.serve_forever()
 
     def stop(self):