2018-05-18 18:41:41 +00:00
|
|
|
import logging
|
2018-05-22 22:57:34 +00:00
|
|
|
import os
|
2018-05-18 18:41:41 +00:00
|
|
|
import socket
|
|
|
|
import ipaddress
|
|
|
|
from urllib.parse import urlparse
|
|
|
|
|
2018-05-22 22:57:34 +00:00
|
|
|
from . import strtobool
|
2018-05-29 19:36:05 +00:00
|
|
|
from .errors import Error
|
2018-05-22 22:57:34 +00:00
|
|
|
|
2018-05-18 18:41:41 +00:00
|
|
|
logger = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
2018-05-29 19:36:05 +00:00
|
|
|
class InvalidURLError(Error):
|
2018-05-25 21:57:29 +00:00
|
|
|
pass
|
|
|
|
|
|
|
|
|
2018-05-22 22:57:34 +00:00
|
|
|
def is_url_valid(url: str) -> bool:
|
2018-05-18 18:41:41 +00:00
|
|
|
parsed = urlparse(url)
|
|
|
|
if parsed.scheme not in ['http', 'https']:
|
|
|
|
return False
|
|
|
|
|
2018-05-22 22:57:34 +00:00
|
|
|
# XXX in debug mode, we want to allow requests to localhost to test the federation with local instances
|
|
|
|
debug_mode = strtobool(os.getenv('MICROBLOGPUB_DEBUG', 'false'))
|
|
|
|
if debug_mode:
|
|
|
|
return True
|
|
|
|
|
2018-05-18 18:41:41 +00:00
|
|
|
if parsed.hostname in ['localhost']:
|
|
|
|
return False
|
|
|
|
|
|
|
|
try:
|
|
|
|
ip_address = socket.getaddrinfo(parsed.hostname, parsed.port or 80)[0][4][0]
|
|
|
|
except socket.gaierror:
|
|
|
|
logger.exception(f'failed to lookup url {url}')
|
|
|
|
return False
|
|
|
|
|
|
|
|
if ipaddress.ip_address(ip_address).is_private:
|
|
|
|
logger.info(f'rejecting private URL {url}')
|
|
|
|
return False
|
|
|
|
|
|
|
|
return True
|
2018-05-25 21:57:29 +00:00
|
|
|
|
|
|
|
|
|
|
|
def check_url(url: str) -> None:
|
|
|
|
if not is_url_valid(url):
|
|
|
|
raise InvalidURLError(f'"{url}" is invalid')
|
|
|
|
|
|
|
|
return None
|