commit 320ddd1747cd584dd6cf9d7a2ff3f571827d1089 Author: agix columbeff@gmail.com Date: Thu Apr 30 10:18:46 2020 +0200
Commit for #31528 (Get rid of BridgeDB's "chatspeak")
Known chatspeak references have been removed or replaced Malicious requests are now redirected with the status code 400 --- README.rst | 12 ++++----- bridgedb/distributors/https/server.py | 11 ++++---- .../https/templates/assets/css/main.css | 4 +-- bridgedb/distributors/https/templates/bridges.html | 13 ++-------- .../distributors/https/templates/error-400.html | 30 ++++++++++++++++++++++ .../distributors/https/templates/error-500.html | 4 +-- bridgedb/test/test_https_server.py | 18 ++++++------- 7 files changed, 56 insertions(+), 36 deletions(-)
diff --git a/README.rst b/README.rst index 858562e..1b0a840 100644 --- a/README.rst +++ b/README.rst @@ -78,8 +78,8 @@ Dependencies and installation
BridgeDB requires the following OS-level dependencies:
-- python>=2.7 -- python-dev +- python>=3 +- python3-dev - `python3-dkim https://pypi.org/project/dkimpy/`__ (it contains the ``dkimverify`` binary) - build-essential - OpenSSL>=1.0.1g @@ -106,11 +106,11 @@ Deploying BridgeDB
BridgeDB should work with or without a Python virtualenv.
-- Install Python 2.7, and other OS-level dependencies. On Debian, you +- Install Python 3, and other OS-level dependencies. On Debian, you can do::
- sudo apt-get install build-essential openssl python python-dev \ - python-setuptools sqlite3 libgeoip-dev geoip-database + sudo apt-get install build-essential openssl python3 python3-dev \ + python3-setuptools sqlite3 gnupg2 libgeoip-dev geoip-database
- Install Pip 1.3.1 or later. Debian has this version, but if for some @@ -146,7 +146,7 @@ BridgeDB should work with or without a Python virtualenv. - **(virtualenv installs only)** To install, set PYTHONPATH to include the root directory of the virtualenv::
- export PYTHONPATH=$PYTHONPATH:${VIRTUAL_ENV}/lib/python2.7/site-packages + export PYTHONPATH=$PYTHONPATH:${VIRTUAL_ENV}/lib/python3.7/site-packages
- Then, proceed as usual:: diff --git a/bridgedb/distributors/https/server.py b/bridgedb/distributors/https/server.py index b2de4b1..91757e7 100644 --- a/bridgedb/distributors/https/server.py +++ b/bridgedb/distributors/https/server.py @@ -166,11 +166,9 @@ def replaceErrorPage(request, error, template_name=None, html=True):
def redirectMaliciousRequest(request): - '''Redirect the client to a "daring work of art" which "in true - post-modern form, […] tends to raise more questions than answers." - ''' - logging.debug("Redirecting %s to a daring work of art..." % getClientIP(request)) - request.write(redirectTo(base64.b64decode("aHR0cDovLzJnaXJsczFjdXAuY2Ev"), request)) + '''Setting the reponse code to 400 (Bad Request)''' + logging.debug("Setting response code to 400 for %s" % getClientIP(request)) + request.setResponseCode(400) request.finish() return request
@@ -367,7 +365,7 @@ class ErrorResource(CSPResource):
render_POST = render_GET
- +resource400 = ErrorResource('error-400.html', code=400) resource404 = ErrorResource('error-404.html', code=404) resource500 = ErrorResource('error-500.html', code=500) maintenance = ErrorResource('error-503.html', code=503) @@ -1157,6 +1155,7 @@ def addWebServer(config, distributor): root.putChild(b'info', info) root.putChild(b'maintenance', maintenance) root.putChild(b'error', resource500) + root.putChild(b'malicious', resource400) root.putChild(CSPResource.reportURI, csp)
if config.RECAPTCHA_ENABLED: diff --git a/bridgedb/distributors/https/templates/assets/css/main.css b/bridgedb/distributors/https/templates/assets/css/main.css index 72a3205..8ff1f07 100644 --- a/bridgedb/distributors/https/templates/assets/css/main.css +++ b/bridgedb/distributors/https/templates/assets/css/main.css @@ -373,11 +373,11 @@ div.bridge-lines.-webkit-scrollbar-thumb.horizontal{ align-content: left; }
-#uh-oh-spaghettios { +#error { width: 80%; margin: auto; } -.uh-oh-spaghettios~p { +.error~p { text-align: center; font-size: 115%; } diff --git a/bridgedb/distributors/https/templates/bridges.html b/bridgedb/distributors/https/templates/bridges.html index 55a9e79..1d672eb 100644 --- a/bridgedb/distributors/https/templates/bridges.html +++ b/bridgedb/distributors/https/templates/bridges.html @@ -60,11 +60,6 @@ ${bridgeline | h,trim}<br /> </p> % else: <p class="text-danger"> -## TRANSLATORS: Please translate this into some silly way to say -## "There was a problem!" in your language. For example, -## for Italian, you might translate this into "Mama mia!", -## or for French: "Sacrebleu!". :) -${_("""Uh oh, spaghettios!""")} ${_("""It seems there was an error getting your QRCode.""")} <i class="icon icon-frown"></i> </p> @@ -106,17 +101,13 @@ ${_("""This QRCode contains your bridge lines. Scan it with a QRCode """ \ </div>
% else: -<div class="bs-component" id="uh-oh-spaghettios"> +<div class="bs-component" id="error"> <div class="alert alert-dismissable alert-danger"> <p> <br /> <strong> <em class="primary"> -## TRANSLATORS: Please translate this into some silly way to say -## "There was a problem!" in your language. For example, -## for Italian, you might translate this into "Mama mia!", -## or for French: "Sacrebleu!". :) -${_("""Uh oh, spaghettios!""")} +${_("""BridgeDB encountered an error.""")} </em> </strong> <br /> diff --git a/bridgedb/distributors/https/templates/error-400.html b/bridgedb/distributors/https/templates/error-400.html new file mode 100644 index 0000000..5f12dda --- /dev/null +++ b/bridgedb/distributors/https/templates/error-400.html @@ -0,0 +1,30 @@ +## -*- coding: utf-8 -*- + +<html> + <head> + <meta charset="utf-8"> + <meta http-equiv="X-UA-Compatible" content="IE=edge"> + <title>BridgeDB - 400</title> + <meta name="viewport" content="width=device-width, initial-scale=1.0"> + <meta name="description" content="Bridge IP database"> + <meta name="author" content="The Tor Project"> + + <!-- Le styles --> + <link rel="stylesheet" href="/assets/css/main.css"> + <!--[if IE 7]> + <link rel="stylesheet" href="/assets/css/font-awesome-ie7.min.css"> + <![endif]--> + <link rel="stylesheet" href="/assets/css/error.css"> + </head> + <body> + <div class="application error error400"> + <main class="main main--error" role="main"> + <div class="road full-size"></div> + <div class="error-text"> + <h1>Bad Request</h1> + <p>Your request was not understood by the server.<a href="/">BridgeDB</a></p> + </div> + </main> + </div> + </body> +</html> diff --git a/bridgedb/distributors/https/templates/error-500.html b/bridgedb/distributors/https/templates/error-500.html index 5c56c39..e17b2f4 100644 --- a/bridgedb/distributors/https/templates/error-500.html +++ b/bridgedb/distributors/https/templates/error-500.html @@ -27,8 +27,8 @@ </div> <div class="road full-size"></div> <div class="error-text"> - <h1>Bad News Bears</h1> - <p>Something wicked totally just borked <a href="/">BridgeDB</a>… :'(</p> + <h1>Internal Error</h1> + <p>BridgeDB encountered an internal error<a href="/">BridgeDB</a></p> </div> </main> </div> diff --git a/bridgedb/test/test_https_server.py b/bridgedb/test/test_https_server.py index 54bda2e..3b159ce 100644 --- a/bridgedb/test/test_https_server.py +++ b/bridgedb/test/test_https_server.py @@ -68,15 +68,15 @@ class ReplaceErrorPageTests(unittest.TestCase): def test_replaceErrorPage(self): """``replaceErrorPage`` should return the error-500.html page.""" request = DummyRequest(['']) - exc = Exception("vegan gümmibären") + exc = Exception("Under Maintenance") errorPage = server.replaceErrorPage(request, exc) - self.assertSubstring(b"Bad News Bears", errorPage) - self.assertNotSubstring("vegan gümmibären".encode("utf-8"), errorPage) + self.assertSubstring(b"Internal Error", errorPage) + self.assertNotSubstring("Under Maintenance".encode("utf-8"), errorPage)
def test_replaceErrorPage_matches_resource500(self): """``replaceErrorPage`` should return the error-500.html page.""" request = DummyRequest(['']) - exc = Exception("vegan gümmibären") + exc = Exception("Under Maintenance") errorPage = server.replaceErrorPage(request, exc) error500Page = server.resource500.render(request) self.assertEqual(errorPage, error500Page) @@ -89,8 +89,8 @@ class ReplaceErrorPageTests(unittest.TestCase): exc = Exception("vegan gümmibären") server.resource500 = None errorPage = server.replaceErrorPage(request, exc) - self.assertNotSubstring(b"Bad News Bears", errorPage) - self.assertNotSubstring("vegan gümmibären".encode("utf-8"), errorPage) + self.assertNotSubstring(b"Bad Request", errorPage) + self.assertNotSubstring("Under Maintenance".encode("utf-8"), errorPage) self.assertSubstring(b"Sorry! Something went wrong with your request.", errorPage)
@@ -108,7 +108,7 @@ class ErrorResourceTests(unittest.TestCase): def test_resource500(self): """``server.resource500`` should display the error-500.html page.""" page = server.resource500.render(self.request) - self.assertSubstring(b'Bad News Bears', page) + self.assertSubstring(b'Internal Error', page)
def test_maintenance(self): """``server.maintenance`` should display the error-503.html page.""" @@ -549,7 +549,7 @@ class ReCaptchaProtectedResourceTests(unittest.TestCase): """Check the ``Request`` returned from ``_renderDeferred``.""" self.assertIsInstance(request, DummyRequest) html = b''.join(request.written) - self.assertSubstring(b'Uh oh, spaghettios!', html) + self.assertSubstring(b'BridgeDB encountered an error.', html)
d = task.deferLater(reactor, 0, lambda x: x, (True, self.request)) d.addCallback(self.captchaResource._renderDeferred) @@ -913,7 +913,7 @@ class BridgesResourceTests(unittest.TestCase): page = self.bridgesResource.renderAnswer(request, bridgeLines=None)
# We don't want the fancy version: - self.assertNotSubstring(b"Bad News Bears", page) + self.assertNotSubstring(b"Bad Request", page) self.assertSubstring(b"Sorry! Something went wrong with your request.", page)