github
/
gixy
mirror of https://github.com/yandex/gixy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[origins] Deny evil.com domain, must resolve issue #1

pull/2/head
Andrew Krasichkov 2017-04-04 00:07:48 +03:00
parent 3885d13f8b
commit bdd53ac972
5 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
gixy/plugins/origins.py
View File

@ -32,7 +32,7 @@ class origins(Plugin):
domains = '[^/.]*\.[^/]{2,7}' domains = '[^/.]*\.[^/]{2,7}'
scheme = 'https{http}'.format(http=('?' if not self.config.get('https_only') else '')) scheme = 'https{http}'.format(http=('?' if not self.config.get('https_only') else ''))
regex = r'^{scheme}://(?:[^/.]*\.){{0,10}}(?:{domains})(?::\d*)?(?:/|\?|$)'.format( regex = r'^{scheme}://(?:[^/.]*\.){{0,10}}(?P<domain>{domains})(?::\d*)?(?:/|\?|$)'.format(
scheme=scheme, scheme=scheme,
domains=domains domains=domains
) )
@ -60,7 +60,8 @@ class origins(Plugin):
elif not value.endswith('/'): elif not value.endswith('/'):
value += '.evil.com' value += '.evil.com'
if not self.valid_re.match(value): valid = self.valid_re.match(value)
if not valid or valid.group('domain') == 'evil.com':
invalid_referers.add(value) invalid_referers.add(value)
if invalid_referers: if invalid_referers:

3
tests/plugins/simply/origins/structure_dot.conf Normal file
View File

@ -0,0 +1,3 @@
if ($http_referer !~ "^https://example.com/"){
add_header X-Frame-Options SAMEORIGIN;
}

3
tests/plugins/simply/origins/structure_fp.conf Normal file
View File

@ -0,0 +1,3 @@
if ($http_referer !~ "^https://example\.com/"){
add_header X-Frame-Options SAMEORIGIN;
}

3
tests/plugins/simply/origins/structure_prefix.conf Normal file
View File

@ -0,0 +1,3 @@
if ($http_referer !~ "https://example\.com/"){
add_header X-Frame-Options SAMEORIGIN;
}

3
tests/plugins/simply/origins/structure_suffix.conf Normal file
View File

@ -0,0 +1,3 @@
if ($http_referer !~ "^https://example\.com"){
add_header X-Frame-Options SAMEORIGIN;
}