Return 53 proxy request refused if the scheme/hostname doesnt match

2020-01-12 17:51:52 -05:00 · 2020-01-12 17:51:52 -05:00 · 1d59053436
parent e0c62dbcb6
commit 1d59053436
1 changed files with 39 additions and 10 deletions
--- a/jetforce.py
+++ b/jetforce.py
@ -161,18 +161,18 @@ class JetforceApplication:

        for route_pattern, callback in self.routes[::-1]:
            if route_pattern.match(request):
+                break
+        else:
+            callback = self.default_callback
+
        response = callback(request)
        send_status(response.status, response.meta)
-                if response.body:
        if isinstance(response.body, bytes):
            yield response.body
        elif isinstance(response.body, str):
            yield response.body.encode()
-                    else:
+        elif response.body:
            yield from response.body
-                break
-        else:
-            send_status(Status.PERMANENT_FAILURE, "Not Found")

    def route(
        self,
@ -200,6 +200,12 @@ class JetforceApplication:

        return wrap

+    def default_callback(self, request: Request) -> Response:
+        """
+        Set the error response based on the URL type.
+        """
+        return Response(Status.PERMANENT_FAILURE, "Not Found")
+

 class StaticDirectoryApplication(JetforceApplication):
    """
@ -339,6 +345,29 @@ class StaticDirectoryApplication(JetforceApplication):
        else:
            return mime or "text/plain"

+    def default_callback(self, request: Request) -> Response:
+        """
+        Since the StaticDirectoryApplication only serves gemini URLs, return
+        a proxy request refused for suspicious URLs.
+        """
+        if request.scheme != "gemini":
+            return Response(
+                Status.PROXY_REQUEST_REFUSED,
+                "This server does not allow proxy requests",
+            )
+        elif request.hostname != request.environ["HOSTNAME"]:
+            return Response(
+                Status.PROXY_REQUEST_REFUSED,
+                "This server does not allow proxy requests",
+            )
+        elif request.port and request.port != request.environ["SERVER_PORT"]:
+            return Response(
+                Status.PROXY_REQUEST_REFUSED,
+                "This server does not allow proxy requests",
+            )
+        else:
+            return Response(Status.NOT_FOUND, "Not Found")
+

 class GeminiRequestHandler:
    """