Commit 4905a464 authored by Dominik Hebeler's avatar Dominik Hebeler

Merge branch '1004-browserverification' into 'development'

Resolve "Browserverification"

Closes #1004

See merge request !1659
parents 4548b098 17030114
......@@ -286,7 +286,7 @@ class HumanVerification extends Controller
$redis->expire($key, 30);
});
return response("", 200)->header("Content-Type", "text/css");
return response(view('layouts.resultpage.verificationCss'), 200)->header("Content-Type", "text/css");
}
public static function block(Request $request)
......
......@@ -3,9 +3,7 @@
namespace App\Http\Middleware;
use Closure;
use GrahamCampbell\Throttle\Facades\Throttle;
use Illuminate\Support\Facades\Redis;
use \App\Http\Controllers\HumanVerification;
class BrowserVerification
{
......@@ -23,12 +21,20 @@ class BrowserVerification
return $next($request);
}
// Check if throttled
$accept = Throttle::check($request, 8, 1);
if (!$accept) {
Throttle::hit($request, 8, 1);
abort(429);
$mgv = $request->input('mgv', "");
if (!empty($mgv)) {
// Verify that key is a md5 checksum
if (!preg_match("/^[a-f0-9]{32}$/", $mgv)) {
abort(404);
}
$result = boolval(Redis::connection("cache")->blpop($mgv, 5));
if ($result === true) {
return $next($request);
} else {
return redirect("/");
}
}
header('Content-type: text/html; charset=utf-8');
header('X-Accel-Buffering: no');
ini_set('zlib.output_compression', 'Off');
......@@ -42,21 +48,19 @@ class BrowserVerification
echo (view('layouts.resultpage.verificationHeader')->with('key', $key)->render());
flush();
$answer = boolval(Redis::connection("cache")->blpop($key, 5));
$answer = boolval(Redis::connection("cache")->blpop($key, 2));
if ($answer === true) {
return $next($request);
} else {
$accept = Throttle::attempt($request, 8, 1);
if (!$accept) {
abort(429);
}
# Lockout
$ids = HumanVerification::block($request);
}
$params = $request->all();
$params["mgv"] = $key;
$url = route("resultpage", $params);
return redirect()->route('captcha', ["id" => $ids[0], "uid" => $ids[1], "url" => url()->full()]);
echo (view('layouts.resultpage.unverifiedResultPage')
->with('url', $url)
->render());
}
}
......@@ -723,8 +723,8 @@ class MetaGer
if (!empty($filter->sumas->$engineName)) {
if (empty($availableFilter[$filterName])) {
$availableFilter[$filterName] = $filter;
foreach($availableFilter[$filterName]->values as $key => $value){
if($key !== "nofilter"){
foreach ($availableFilter[$filterName]->values as $key => $value) {
if ($key !== "nofilter") {
unset($availableFilter[$filterName]->values->{$key});
}
}
......@@ -749,8 +749,8 @@ class MetaGer
}
if (empty($availableFilter[$filterName])) {
$availableFilter[$filterName] = $filter;
foreach($availableFilter[$filterName]->values as $key => $value){
if($key !== "nofilter"){
foreach ($availableFilter[$filterName]->values as $key => $value) {
if ($key !== "nofilter") {
unset($availableFilter[$filterName]->values->{$key});
}
}
......@@ -928,6 +928,13 @@ class MetaGer
# Sucheingabe
$this->eingabe = trim($request->input('eingabe', ''));
$this->q = $this->eingabe;
if ($request->filled("mgv")) {
$this->framed = true;
} else {
$this->framed = false;
}
# IP
$this->ip = $this->anonymizeIp($request->ip());
......@@ -953,16 +960,18 @@ class MetaGer
# Sprüche
if (!App::isLocale("de") || (\Cookie::has($this->getFokus() . '_setting_zitate') && \Cookie::get($this->getFokus() . '_setting_zitate') === "off")) {
$this->sprueche = "off";
}else{
} else {
$this->sprueche = "on";
}
if($request->filled("zitate") && $request->input('zitate') === "on" || $request->input('zitate') === "off"){
if ($request->filled("zitate") && $request->input('zitate') === "on" || $request->input('zitate') === "off") {
$this->sprueche = $request->input('quotes');
}
$this->newtab = $request->input('newtab', 'on');
if ($this->newtab === "on") {
$this->newtab = "_blank";
} else if ($this->framed) {
$this->newtab = "_top";
} else {
$this->newtab = "_self";
}
......@@ -1020,19 +1029,19 @@ class MetaGer
$this->request = $request->replace($request->except(['verification_id', 'uid', 'verification_count']));
// Disable freshness filter if custom freshness filter isset
if($this->request->filled("ff") && $this->request->filled("f")){
if ($this->request->filled("ff") && $this->request->filled("f")) {
$this->request = $this->request->replace($this->request->except(["f"]));
}
// Remove custom time filter if either of the dates isn't set or is not a date
if($this->request->input("fc") === "on"){
if(!$this->request->filled("ff") || !$this->request->filled("ft")){
if ($this->request->input("fc") === "on") {
if (!$this->request->filled("ff") || !$this->request->filled("ft")) {
$this->request = $this->request->replace($this->request->except(["fc", "ff", "ft"]));
}else{
} else {
$ff = $this->request->input("ff");
$ft = $this->request->input("ft");
if(!preg_match("/^\d{4}-\d{2}-\d{2}$/", $ff) || !preg_match("/^\d{4}-\d{2}-\d{2}$/", $ft)){
if (!preg_match("/^\d{4}-\d{2}-\d{2}$/", $ff) || !preg_match("/^\d{4}-\d{2}-\d{2}$/", $ft)) {
$this->request = $this->request->replace($this->request->except(["fc", "ff", "ft"]));
}else{
} else {
// Now Check if there is something wrong with the dates
$from = $this->request->input("ff");
$to = $this->request->input("ft");
......@@ -1040,21 +1049,21 @@ class MetaGer
$from = Carbon::createFromFormat("Y-m-d H:i:s", $from . " 00:00:00");
$to = Carbon::createFromFormat("Y-m-d H:i:s", $to . " 00:00:00");
if($from > Carbon::now()){
if ($from > Carbon::now()) {
$from = Carbon::now();
$changed = true;
}
if($to > Carbon::now()){
if ($to > Carbon::now()) {
$to = Carbon::now();
$changed = true;
}
if($from > $to){
if ($from > $to) {
$tmp = $to;
$to = $from;
$from = $tmp;
$changed = true;
}
if($changed){
if ($changed) {
$oldParameters = $this->request->all();
$oldParameters["ff"] = $from->format("Y-m-d");
$oldParameters["ft"] = $to->format("Y-m-d");
......@@ -1062,7 +1071,7 @@ class MetaGer
}
}
}
}else if($this->request->filled("ff") || $this->request->filled("ft")){
} else if ($this->request->filled("ff") || $this->request->filled("ft")) {
$this->request = $this->request->replace($this->request->except(["fc", "ff", "ft"]));
}
......@@ -1349,7 +1358,7 @@ class MetaGer
public function nextSearchLink()
{
if (isset($this->next) && isset($this->next['engines']) && count($this->next['engines']) > 0) {
$requestData = $this->request->except(['page', 'out']);
$requestData = $this->request->except(['page', 'out', 'submit-query', 'mgv']);
if ($this->request->input('out', '') !== "results" && $this->request->input('out', '') !== '') {
$requestData["out"] = $this->request->input('out');
}
......@@ -1495,7 +1504,7 @@ class MetaGer
public function generateSearchLink($fokus, $results = true)
{
$except = ['page', 'next', 'out'];
$except = ['page', 'next', 'out', 'submit-query', 'mgv'];
# Remove every Filter
foreach ($this->sumaFile->filter->{"parameter-filter"} as $filterName => $filter) {
$except[] = $filter->{"get-parameter"};
......@@ -1509,7 +1518,7 @@ class MetaGer
public function generateEingabeLink($eingabe)
{
$except = ['page', 'next', 'out', 'eingabe'];
$except = ['page', 'next', 'out', 'eingabe', 'submit-query', 'mgv'];
$requestData = $this->request->except($except);
$requestData['eingabe'] = $eingabe;
......@@ -1528,7 +1537,7 @@ class MetaGer
public function generateSiteSearchLink($host)
{
$host = urlencode($host);
$requestData = $this->request->except(['page', 'out', 'next']);
$requestData = $this->request->except(['page', 'out', 'next', 'submit-query', 'mgv']);
$requestData['eingabe'] .= " site:$host";
$requestData['focus'] = "web";
$link = action('MetaGerSearch@search', $requestData);
......@@ -1538,7 +1547,7 @@ class MetaGer
public function generateRemovedHostLink($host)
{
$host = urlencode($host);
$requestData = $this->request->except(['page', 'out', 'next']);
$requestData = $this->request->except(['page', 'out', 'next', 'submit-query', 'mgv']);
$requestData['eingabe'] .= " -site:$host";
$link = action('MetaGerSearch@search', $requestData);
return $link;
......@@ -1547,7 +1556,7 @@ class MetaGer
public function generateRemovedDomainLink($domain)
{
$domain = urlencode($domain);
$requestData = $this->request->except(['page', 'out', 'next']);
$requestData = $this->request->except(['page', 'out', 'next', 'submit-query', 'mgv']);
$requestData['eingabe'] .= " -site:*.$domain";
$link = action('MetaGerSearch@search', $requestData);
return $link;
......@@ -1812,6 +1821,12 @@ class MetaGer
{
return $this->engines;
}
public function isFramed()
{
return $this->framed;
}
/**
* Used by JS result loader to restore MetaGer Object of previous request
*/
......
......@@ -8,9 +8,13 @@ function botProtection() {
$('.result').find('a').click(function () {
var link = $(this).attr('href');
var newtab = false;
var top = false;
if ($(this).attr('target') == '_blank') {
newtab = true;
} else if ($(this).attr('target') == "_top") {
top = true;
}
$.ajax({
url: '/img/cat.jpg',
type: 'post',
......@@ -20,8 +24,13 @@ function botProtection() {
timeout: 2000
})
.always(function () {
if (!newtab)
if (!newtab) {
if (top) {
window.top.location.href = link;
} else {
document.location.href = link;
}
}
});
if (!newtab)
return false;
......
......@@ -59,6 +59,7 @@
.result-subheadline {
width: 100%;
display: flex;
align-items: center;
line-height: 1.3;
.result-link {
.overflow-ellipsis;
......@@ -90,7 +91,8 @@
top: -2px;
}
}
span.partnershop-info {
a.partnershop-info {
display: block;
background-color: white;
color: #333;
text-shadow: none;
......@@ -100,8 +102,6 @@
margin-left: 8px;
border-radius: 4px;
font-size: .6em;
position: relative;
top: -2px;
}
}
}
......
......@@ -174,3 +174,7 @@
max-width: 760px;
height: 51px;
}
#searchForm {
margin: 0;
}
\ No newline at end of file
......@@ -3,10 +3,10 @@
<div id="research-bar-container">
<div id="research-bar">
<div id="header-logo">
<a class="screen-large" href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/") }}" tabindex="4">
<a class="screen-large" href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/") }}" @if(!empty($metager) && $metager->isFramed())target="_top" @endif tabindex="4">
<h1><img src="/img/metager.svg" alt="MetaGer" /></h1>
</a>
<a class="screen-small" href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/") }}">
<a class="screen-small" href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/") }}" @if(!empty($metager) && $metager->isFramed())target="_top" @endif>
<h1><img src="/img/metager-schloss-orange.svg" alt="MetaGer" /></h1>
</a>
</div>
......
......@@ -16,8 +16,8 @@
{{ $result->anzeigeLink }}
</a>
@if( isset($result->partnershop) && $result->partnershop === TRUE)
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/partnershops") }}" target="_blank" rel="noopener">
<span class="partnershop-info">{!! trans('result.options.4') !!}</span>
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/partnershops") }}" target="_blank" class="partnershop-info" rel="noopener">
<span>{!! trans('result.options.4') !!}</span>
</a>
@endif
</div>
......@@ -49,7 +49,7 @@
</div>
<input type="checkbox" id="result-toggle-{{$result->hash}}" class="result-toggle" style="display: none">
<div class="result-footer">
<a class="result-open" href="{{ $result->link }}" target="_self" rel="noopener">
<a class="result-open" href="{{ $result->link }}" @if($metager->isFramed())target="_top"@else target="_self"@endif rel="noopener">
{!! trans('result.options.7') !!}
</a>
<a class="result-open-newtab" href="{{ $result->link }}" target="_blank" rel="noopener">
......@@ -75,19 +75,19 @@
</li>
@if(strlen($metager->getSite()) === 0)
<li>
<a href="{{ $metager->generateSiteSearchLink($result->strippedHost) }}">
<a href="{{ $metager->generateSiteSearchLink($result->strippedHost) }}" @if($metager->isFramed())target="_top"@else target="_self"@endif>
<nobr>{!! trans('result.options.1') !!}</nobr>
</a>
</li>
@endif
<li>
<a href="{{ $metager->generateRemovedHostLink($result->strippedHost) }}">
<a href="{{ $metager->generateRemovedHostLink($result->strippedHost) }}" @if($metager->isFramed())target="_top"@else target="_self"@endif>
<nobr>{!! trans('result.options.2', ['host' => $result->strippedHost]) !!}</nobr>
</a>
</li>
@if( $result->strippedHost !== $result->strippedDomain )
<li>
<a href="{{ $metager->generateRemovedDomainLink($result->strippedDomain) }}">
<a href="{{ $metager->generateRemovedDomainLink($result->strippedDomain) }}" @if($metager->isFramed())target="_top"@else target="_self"@endif>
<nobr>{!! trans('result.options.3', ['domain' => $result->strippedDomain]) !!}</nobr>
</a>
</li>
......
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />
</head>
<body>
<iframe id="mg-framed" src="{{ $url }}" autofocus="true" onload="this.contentWindow.focus();"></iframe>
</body>
html {
height: 100%;
}
body {
margin: 0;
height: 100%;
}
iframe#mg-framed {
display: block;
width: 100%;
border: 0;
height: 100%;
height: 100vh;
}
\ No newline at end of file
<div id="options">
<div id="toggle-box">
<div id="settings">
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('settings', ["fokus" => $metager->getFokus(), "url" => url()->full()])) }}">
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), route('settings', ["fokus" => $metager->getFokus(), "url" => $metager->generateSearchLink($metager->getFokus())])) }}" @if(!empty($metager) && $metager->isFramed())target="_top" @endif>
<i class="fas fa-cogs"></i>
@if($metager->getSavedSettingCount() > 0) <span class="badge badge-primary"></span>{{ $metager->getSavedSettingCount() }}@endif
@lang('metaGer.settings')&hellip;
......@@ -17,7 +17,7 @@
@endif
@if($metager->getManualParameterFilterSet())
<div id="options-reset">
<a href="{{$metager->generateSearchLink($metager->getFokus())}}"><nobr>{{ trans('metaGer.filter.reset') }}</nobr></a>
<a href="{{$metager->generateSearchLink($metager->getFokus())}}" @if(!empty($metager) && $metager->isFramed())target="_top" @endif><nobr>{{ trans('metaGer.filter.reset') }}</nobr></a>
</div>
@endif
</div>
......
@foreach($metager->getSumaFile()->foki as $name => $fokus)
<div id="{{$name}}" @if($metager->getFokus() === $name)class="active"@endif>
<a href="@if($metager->getFokus() === $name)#@else{!!$metager->generateSearchLink($name)!!}@endif" target="_self" tabindex="0">@lang($fokus->{"display-name"})</a>
<a href="@if($metager->getFokus() === $name)#@else{!!$metager->generateSearchLink($name)!!}@endif" @if(!empty($metager) && $metager->isFramed())target="_top" @else target="_self"@endif tabindex="0">@lang($fokus->{"display-name"})</a>
</div>
@endforeach
@if (LaravelLocalization::getCurrentLocale() == "de")
<div id="maps">
<a href="https://maps.metager.de/map/{{ urlencode($metager->getQ()) }}/9.7380161,52.37119740000003,12" target="_blank">
<a href="https://maps.metager.de/map/{{ urlencode($metager->getQ()) }}/9.7380161,52.37119740000003,12" @if(!empty($metager) && $metager->isFramed())target="_top" @else target="_blank"@endif>
Maps
</a>
</div>
......
@if ($type === 'startpage' || $type === 'subpage' || $type === 'resultpage')
<footer class="{{ $id }} noprint">
<div>
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "kontakt") }}">{{ trans('sidebar.nav5') }}</a>
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "impressum") }}">{{ trans('sidebar.nav8') }}</a>
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "datenschutz") }}">{{ trans('sidebar.nav3') }}</a>
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "kontakt") }}" @if(!empty($metager) && $metager->isFramed())target="_top"@endif>{{ trans('sidebar.nav5') }}</a>
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "impressum") }}" @if(!empty($metager) && $metager->isFramed())target="_top"@endif>{{ trans('sidebar.nav8') }}</a>
<a href="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "datenschutz") }}" @if(!empty($metager) && $metager->isFramed())target="_top"@endif>{{ trans('sidebar.nav3') }}</a>
</div>
@if($type !== 'startpage')
<div>
<span class="hidden-xs">{{ trans('footer.sumaev.1') }} <a href="{{ trans('footer.sumaev.link') }}">{{ trans('footer.sumaev.2') }}</a></span>
<span class="hidden-xs">{{ trans('footer.sumaev.1') }} <a href="{{ trans('footer.sumaev.link') }}" @if(!empty($metager) && $metager->isFramed())target="_top"@endif>{{ trans('footer.sumaev.2') }}</a></span>
</div>
@endif
</footer>
......
......@@ -4,6 +4,6 @@
<a @if($metager->getPage() !== 1) href="javascript:history.back()" @endif>{{ trans('results.zurueck') }}</a>
</div>
<div id="next-search-link" @if($metager->nextSearchLink() === "#") class="disabled" @endif>
<a @if($metager->nextSearchLink() !== "#") href="{{ $metager->nextSearchLink() }}" @endif>{{ trans('results.weiter') }}</a>
<a @if($metager->nextSearchLink() !== "#") href="{{ $metager->nextSearchLink() }}" @endif @if($metager->isFramed())target="_top"@else target="_self"@endif>{{ trans('results.weiter') }}</a>
</div>
</nav>
<fieldset>
<form id="searchForm" method={{ $request }} action="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/meta/meta.ger3 ") }}" accept-charset="UTF-8">
<form id="searchForm" method={{ $request }} @if(!empty($metager) && $metager->isFramed())target="_top" @endif action="{{ LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), "/meta/meta.ger3 ") }}" accept-charset="UTF-8">
<div class="searchbar {{$class ?? ''}}">
<div class="search-input-submit">
<div id="search-key">
<a id="key-link" @if(isset($apiAuthorized) && $apiAuthorized)class="authorized" @else class="unauthorized"@endif href="{{ action('KeyController@index', ['redirUrl' => url()->full() ]) }}" data-tooltip="{{ trans ('index.key.tooltip') }}" tabindex="0">
<a id="key-link" @if(isset($apiAuthorized) && $apiAuthorized)class="authorized" @else class="unauthorized"@endif href="{{ action('KeyController@index', ['redirUrl' => !empty($metager) ? $metager->generateSearchLink($metager->getFokus()) : url()->full() ]) }}" @if(!empty($metager) && $metager->isFramed())target="_top" @endif data-tooltip="{{ trans ('index.key.tooltip') }}" tabindex="0">
<i class="fa fa-key" aria-hidden="true"></i>
</a>
</div>
......
......@@ -195,7 +195,7 @@ Route::group(
return redirect(LaravelLocalization::getLocalizedURL(LaravelLocalization::getCurrentLocale(), '/'));
});
Route::match(['get', 'post'], 'meta/meta.ger3', 'MetaGerSearch@search')->middleware('browserverification', 'humanverification', 'useragentmaster');
Route::match(['get', 'post'], 'meta/meta.ger3', 'MetaGerSearch@search')->middleware('browserverification', 'humanverification', 'useragentmaster')->name("resultpage");
Route::get('meta/loadMore', 'MetaGerSearch@loadMore');
Route::post('img/cat.jpg', 'HumanVerification@remove');
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment