[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [bridgedb/master] Commit for #31528 (Get rid of BridgeDB's "chatspeak")
commit 320ddd1747cd584dd6cf9d7a2ff3f571827d1089
Author: agix <columbeff@xxxxxxxxx>
Date: Thu Apr 30 10:18:46 2020 +0200
Commit for #31528 (Get rid of BridgeDB's "chatspeak")
Known chatspeak references have been removed or replaced
Malicious requests are now redirected with the status code 400
---
README.rst | 12 ++++-----
bridgedb/distributors/https/server.py | 11 ++++----
.../https/templates/assets/css/main.css | 4 +--
bridgedb/distributors/https/templates/bridges.html | 13 ++--------
.../distributors/https/templates/error-400.html | 30 ++++++++++++++++++++++
.../distributors/https/templates/error-500.html | 4 +--
bridgedb/test/test_https_server.py | 18 ++++++-------
7 files changed, 56 insertions(+), 36 deletions(-)
diff --git a/README.rst b/README.rst
index 858562e..1b0a840 100644
--- a/README.rst
+++ b/README.rst
@@ -78,8 +78,8 @@ Dependencies and installation
BridgeDB requires the following OS-level dependencies:
-- python>=2.7
-- python-dev
+- python>=3
+- python3-dev
- `python3-dkim <https://pypi.org/project/dkimpy/>`__ (it contains the ``dkimverify`` binary)
- build-essential
- OpenSSL>=1.0.1g
@@ -106,11 +106,11 @@ Deploying BridgeDB
BridgeDB should work with or without a Python virtualenv.
-- Install Python 2.7, and other OS-level dependencies. On Debian, you
+- Install Python 3, and other OS-level dependencies. On Debian, you
can do::
- sudo apt-get install build-essential openssl python python-dev \
- python-setuptools sqlite3 libgeoip-dev geoip-database
+ sudo apt-get install build-essential openssl python3 python3-dev \
+ python3-setuptools sqlite3 gnupg2 libgeoip-dev geoip-database
- Install Pip 1.3.1 or later. Debian has this version, but if for some
@@ -146,7 +146,7 @@ BridgeDB should work with or without a Python virtualenv.
- **(virtualenv installs only)** To install, set PYTHONPATH to include the
root directory of the virtualenv::
- export PYTHONPATH=$PYTHONPATH:${VIRTUAL_ENV}/lib/python2.7/site-packages
+ export PYTHONPATH=$PYTHONPATH:${VIRTUAL_ENV}/lib/python3.7/site-packages
- Then, proceed as usual::
diff --git a/bridgedb/distributors/https/server.py b/bridgedb/distributors/https/server.py
index b2de4b1..91757e7 100644
--- a/bridgedb/distributors/https/server.py
+++ b/bridgedb/distributors/https/server.py
@@ -166,11 +166,9 @@ def replaceErrorPage(request, error, template_name=None, html=True):
def redirectMaliciousRequest(request):
- '''Redirect the client to a "daring work of art" which "in true
- post-modern form, [â?¦] tends to raise more questions than answers."
- '''
- logging.debug("Redirecting %s to a daring work of art..." % getClientIP(request))
- request.write(redirectTo(base64.b64decode("aHR0cDovLzJnaXJsczFjdXAuY2Ev"), request))
+ '''Setting the reponse code to 400 (Bad Request)'''
+ logging.debug("Setting response code to 400 for %s" % getClientIP(request))
+ request.setResponseCode(400)
request.finish()
return request
@@ -367,7 +365,7 @@ class ErrorResource(CSPResource):
render_POST = render_GET
-
+resource400 = ErrorResource('error-400.html', code=400)
resource404 = ErrorResource('error-404.html', code=404)
resource500 = ErrorResource('error-500.html', code=500)
maintenance = ErrorResource('error-503.html', code=503)
@@ -1157,6 +1155,7 @@ def addWebServer(config, distributor):
root.putChild(b'info', info)
root.putChild(b'maintenance', maintenance)
root.putChild(b'error', resource500)
+ root.putChild(b'malicious', resource400)
root.putChild(CSPResource.reportURI, csp)
if config.RECAPTCHA_ENABLED:
diff --git a/bridgedb/distributors/https/templates/assets/css/main.css b/bridgedb/distributors/https/templates/assets/css/main.css
index 72a3205..8ff1f07 100644
--- a/bridgedb/distributors/https/templates/assets/css/main.css
+++ b/bridgedb/distributors/https/templates/assets/css/main.css
@@ -373,11 +373,11 @@ div.bridge-lines.-webkit-scrollbar-thumb.horizontal{
align-content: left;
}
-#uh-oh-spaghettios {
+#error {
width: 80%;
margin: auto;
}
-.uh-oh-spaghettios~p {
+.error~p {
text-align: center;
font-size: 115%;
}
diff --git a/bridgedb/distributors/https/templates/bridges.html b/bridgedb/distributors/https/templates/bridges.html
index 55a9e79..1d672eb 100644
--- a/bridgedb/distributors/https/templates/bridges.html
+++ b/bridgedb/distributors/https/templates/bridges.html
@@ -60,11 +60,6 @@ ${bridgeline | h,trim}<br />
</p>
% else:
<p class="text-danger">
-## TRANSLATORS: Please translate this into some silly way to say
-## "There was a problem!" in your language. For example,
-## for Italian, you might translate this into "Mama mia!",
-## or for French: "Sacrebleu!". :)
-${_("""Uh oh, spaghettios!""")}
${_("""It seems there was an error getting your QRCode.""")}
<i class="icon icon-frown"></i>
</p>
@@ -106,17 +101,13 @@ ${_("""This QRCode contains your bridge lines. Scan it with a QRCode """ \
</div>
% else:
-<div class="bs-component" id="uh-oh-spaghettios">
+<div class="bs-component" id="error">
<div class="alert alert-dismissable alert-danger">
<p>
<br />
<strong>
<em class="primary">
-## TRANSLATORS: Please translate this into some silly way to say
-## "There was a problem!" in your language. For example,
-## for Italian, you might translate this into "Mama mia!",
-## or for French: "Sacrebleu!". :)
-${_("""Uh oh, spaghettios!""")}
+${_("""BridgeDB encountered an error.""")}
</em>
</strong>
<br />
diff --git a/bridgedb/distributors/https/templates/error-400.html b/bridgedb/distributors/https/templates/error-400.html
new file mode 100644
index 0000000..5f12dda
--- /dev/null
+++ b/bridgedb/distributors/https/templates/error-400.html
@@ -0,0 +1,30 @@
+## -*- coding: utf-8 -*-
+
+<html>
+ <head>
+ <meta charset="utf-8">
+ <meta http-equiv="X-UA-Compatible" content="IE=edge">
+ <title>BridgeDB - 400</title>
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <meta name="description" content="Bridge IP database">
+ <meta name="author" content="The Tor Project">
+
+ <!-- Le styles -->
+ <link rel="stylesheet" href="/assets/css/main.css">
+ <!--[if IE 7]>
+ <link rel="stylesheet" href="/assets/css/font-awesome-ie7.min.css">
+ <![endif]-->
+ <link rel="stylesheet" href="/assets/css/error.css">
+ </head>
+ <body>
+ <div class="application error error400">
+ <main class="main main--error" role="main">
+ <div class="road full-size"></div>
+ <div class="error-text">
+ <h1>Bad Request</h1>
+ <p>Your request was not understood by the server.<a href="/">BridgeDB</a></p>
+ </div>
+ </main>
+ </div>
+ </body>
+</html>
diff --git a/bridgedb/distributors/https/templates/error-500.html b/bridgedb/distributors/https/templates/error-500.html
index 5c56c39..e17b2f4 100644
--- a/bridgedb/distributors/https/templates/error-500.html
+++ b/bridgedb/distributors/https/templates/error-500.html
@@ -27,8 +27,8 @@
</div>
<div class="road full-size"></div>
<div class="error-text">
- <h1>Bad News Bears</h1>
- <p>Something wicked totally just borked <a href="/">BridgeDB</a>â?¦ :'(</p>
+ <h1>Internal Error</h1>
+ <p>BridgeDB encountered an internal error<a href="/">BridgeDB</a></p>
</div>
</main>
</div>
diff --git a/bridgedb/test/test_https_server.py b/bridgedb/test/test_https_server.py
index 54bda2e..3b159ce 100644
--- a/bridgedb/test/test_https_server.py
+++ b/bridgedb/test/test_https_server.py
@@ -68,15 +68,15 @@ class ReplaceErrorPageTests(unittest.TestCase):
def test_replaceErrorPage(self):
"""``replaceErrorPage`` should return the error-500.html page."""
request = DummyRequest([''])
- exc = Exception("vegan gümmibären")
+ exc = Exception("Under Maintenance")
errorPage = server.replaceErrorPage(request, exc)
- self.assertSubstring(b"Bad News Bears", errorPage)
- self.assertNotSubstring("vegan gümmibären".encode("utf-8"), errorPage)
+ self.assertSubstring(b"Internal Error", errorPage)
+ self.assertNotSubstring("Under Maintenance".encode("utf-8"), errorPage)
def test_replaceErrorPage_matches_resource500(self):
"""``replaceErrorPage`` should return the error-500.html page."""
request = DummyRequest([''])
- exc = Exception("vegan gümmibären")
+ exc = Exception("Under Maintenance")
errorPage = server.replaceErrorPage(request, exc)
error500Page = server.resource500.render(request)
self.assertEqual(errorPage, error500Page)
@@ -89,8 +89,8 @@ class ReplaceErrorPageTests(unittest.TestCase):
exc = Exception("vegan gümmibären")
server.resource500 = None
errorPage = server.replaceErrorPage(request, exc)
- self.assertNotSubstring(b"Bad News Bears", errorPage)
- self.assertNotSubstring("vegan gümmibären".encode("utf-8"), errorPage)
+ self.assertNotSubstring(b"Bad Request", errorPage)
+ self.assertNotSubstring("Under Maintenance".encode("utf-8"), errorPage)
self.assertSubstring(b"Sorry! Something went wrong with your request.",
errorPage)
@@ -108,7 +108,7 @@ class ErrorResourceTests(unittest.TestCase):
def test_resource500(self):
"""``server.resource500`` should display the error-500.html page."""
page = server.resource500.render(self.request)
- self.assertSubstring(b'Bad News Bears', page)
+ self.assertSubstring(b'Internal Error', page)
def test_maintenance(self):
"""``server.maintenance`` should display the error-503.html page."""
@@ -549,7 +549,7 @@ class ReCaptchaProtectedResourceTests(unittest.TestCase):
"""Check the ``Request`` returned from ``_renderDeferred``."""
self.assertIsInstance(request, DummyRequest)
html = b''.join(request.written)
- self.assertSubstring(b'Uh oh, spaghettios!', html)
+ self.assertSubstring(b'BridgeDB encountered an error.', html)
d = task.deferLater(reactor, 0, lambda x: x, (True, self.request))
d.addCallback(self.captchaResource._renderDeferred)
@@ -913,7 +913,7 @@ class BridgesResourceTests(unittest.TestCase):
page = self.bridgesResource.renderAnswer(request, bridgeLines=None)
# We don't want the fancy version:
- self.assertNotSubstring(b"Bad News Bears", page)
+ self.assertNotSubstring(b"Bad Request", page)
self.assertSubstring(b"Sorry! Something went wrong with your request.",
page)
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits