1
0
Fork 1
mirror of https://gitlab.com/mangadex-pub/mangadex_at_home.git synced 2024-01-19 02:48:37 +00:00

Move referrer check to before DB access and crypto for token check

This commit is contained in:
AviKav 2020-07-05 13:06:47 -04:00
parent 27bac2ef48
commit a20c759700
No known key found for this signature in database
GPG key ID: 7BC4B96BC8A7167D

View file

@ -88,6 +88,11 @@ class ImageServer(
"/data"
} + "/$chapterHash/$fileName"
if (!request.referrerMatches(ALLOWED_REFERER_DOMAINS)) {
LOGGER.info { "Request for $sanitizedUri rejected due to non-allowed referrer ${request.header("Referer")}" }
return@then Response(Status.FORBIDDEN)
}
if (tokenized || serverSettings.forceTokens) {
val tokenArr = Base64.getUrlDecoder().decode(Path.of("token")(request))
val token = try {
@ -135,11 +140,7 @@ class ImageServer(
}
}
if (!request.referrerMatches(ALLOWED_REFERER_DOMAINS)) {
snapshot?.close()
LOGGER.info { "Request for $sanitizedUri rejected due to non-allowed referrer ${request.header("Referer")}" }
return@then Response(Status.FORBIDDEN)
} else if (snapshot != null && imageDatum != null) {
if (snapshot != null && imageDatum != null) {
request.handleCacheHit(sanitizedUri, getRc4(rc4Bytes), snapshot, imageDatum)
} else {
if (snapshot != null) {
@ -167,7 +168,6 @@ class ImageServer(
}
}
private fun Request.handleCacheHit(sanitizedUri: String, cipher: Cipher, snapshot: DiskLruCache.Snapshot, imageDatum: ImageDatum): Response {
// our files never change, so it's safe to use the browser cache
return if (this.header("If-Modified-Since") != null) {