forked from midou/invidious
Fix referers
This commit is contained in:
parent
71aa4d0347
commit
3ba2a7d921
@ -131,6 +131,19 @@ before_all do |env|
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
current_page = env.request.path
|
||||||
|
if env.request.query
|
||||||
|
query = HTTP::Params.parse(env.request.query.not_nil!)
|
||||||
|
|
||||||
|
if query["referer"]?
|
||||||
|
query["referer"] = get_referer(env, "/")
|
||||||
|
end
|
||||||
|
|
||||||
|
current_page += "?#{query}"
|
||||||
|
end
|
||||||
|
|
||||||
|
env.set "current_page", URI.escape(current_page)
|
||||||
end
|
end
|
||||||
|
|
||||||
get "/" do |env|
|
get "/" do |env|
|
||||||
@ -411,8 +424,7 @@ end
|
|||||||
|
|
||||||
# See https://github.com/rg3/youtube-dl/blob/master/youtube_dl/extractor/youtube.py#L79
|
# See https://github.com/rg3/youtube-dl/blob/master/youtube_dl/extractor/youtube.py#L79
|
||||||
post "/login" do |env|
|
post "/login" do |env|
|
||||||
referer = env.params.query["referer"]?
|
referer = get_referer(env, "/feed/subscriptions")
|
||||||
referer ||= get_referer(env, "/feed/subscriptions")
|
|
||||||
|
|
||||||
email = env.params.body["email"]?
|
email = env.params.body["email"]?
|
||||||
password = env.params.body["password"]?
|
password = env.params.body["password"]?
|
||||||
@ -506,7 +518,7 @@ post "/login" do |env|
|
|||||||
end
|
end
|
||||||
|
|
||||||
if !tfa_code
|
if !tfa_code
|
||||||
next env.redirect "/login?tfa=true&type=google"
|
next env.redirect "/login?tfa=true&type=google&referer=#{URI.escape(referer)}"
|
||||||
end
|
end
|
||||||
|
|
||||||
tl = challenge_results[1][2]
|
tl = challenge_results[1][2]
|
||||||
@ -677,7 +689,7 @@ get "/signout" do |env|
|
|||||||
end
|
end
|
||||||
|
|
||||||
env.request.cookies.add_response_headers(env.response.headers)
|
env.request.cookies.add_response_headers(env.response.headers)
|
||||||
env.redirect referer
|
env.redirect URI.unescape(referer)
|
||||||
end
|
end
|
||||||
|
|
||||||
get "/preferences" do |env|
|
get "/preferences" do |env|
|
||||||
|
@ -150,10 +150,27 @@ def make_host_url(ssl, host)
|
|||||||
end
|
end
|
||||||
|
|
||||||
def get_referer(env, fallback = "/")
|
def get_referer(env, fallback = "/")
|
||||||
referer = env.request.headers["referer"]?
|
referer = env.params.query["referer"]?
|
||||||
|
referer ||= env.request.headers["referer"]?
|
||||||
referer ||= fallback
|
referer ||= fallback
|
||||||
|
|
||||||
referer = URI.parse(referer).full_path
|
referer = URI.parse(referer)
|
||||||
|
|
||||||
|
# "Unroll" nested referers
|
||||||
|
loop do
|
||||||
|
if referer.query
|
||||||
|
params = HTTP::Params.parse(referer.query.not_nil!)
|
||||||
|
if params["referer"]?
|
||||||
|
referer = URI.parse(URI.unescape(params["referer"]))
|
||||||
|
else
|
||||||
|
break
|
||||||
|
end
|
||||||
|
else
|
||||||
|
break
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
referer = referer.full_path
|
||||||
|
|
||||||
if referer == env.request.path
|
if referer == env.request.path
|
||||||
referer = fallback
|
referer = fallback
|
||||||
|
@ -16,16 +16,16 @@
|
|||||||
<p class="h-box">
|
<p class="h-box">
|
||||||
<% if user %>
|
<% if user %>
|
||||||
<% if subscriptions.includes? ucid %>
|
<% if subscriptions.includes? ucid %>
|
||||||
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= ucid %>">
|
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= ucid %>&referer=<%= env.get("current_page") %>">
|
||||||
<b>Unsubscribe from <%= author %></b>
|
<b>Unsubscribe from <%= author %></b>
|
||||||
</a>
|
</a>
|
||||||
<% else %>
|
<% else %>
|
||||||
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= ucid %>">
|
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= ucid %>&referer=<%= env.get("current_page") %>">
|
||||||
<b>Subscribe to <%= author %></b>
|
<b>Subscribe to <%= author %></b>
|
||||||
</a>
|
</a>
|
||||||
<% end %>
|
<% end %>
|
||||||
<% else %>
|
<% else %>
|
||||||
<a href="/login">
|
<a href="/login?referer=<%= env.get("current_page") %>">
|
||||||
<b>Login to subscribe to <%= author %></b>
|
<b>Login to subscribe to <%= author %></b>
|
||||||
</a>
|
</a>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
@ -16,7 +16,7 @@
|
|||||||
</div>
|
</div>
|
||||||
<hr>
|
<hr>
|
||||||
<% if account_type == "invidious" %>
|
<% if account_type == "invidious" %>
|
||||||
<form class="pure-form pure-form-stacked" action="/login?referer=<%= referer %>&type=invidious" method="post">
|
<form class="pure-form pure-form-stacked" action="/login?referer=<%= URI.escape(referer) %>&type=invidious" method="post">
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<label for="email">User ID:</label>
|
<label for="email">User ID:</label>
|
||||||
<input required class="pure-input-1" name="email" type="text" placeholder="User ID">
|
<input required class="pure-input-1" name="email" type="text" placeholder="User ID">
|
||||||
@ -34,7 +34,7 @@
|
|||||||
</fieldset>
|
</fieldset>
|
||||||
</form>
|
</form>
|
||||||
<% elsif account_type == "google" %>
|
<% elsif account_type == "google" %>
|
||||||
<form class="pure-form pure-form-stacked" action="/login?referer=<%= referer %>" method="post">
|
<form class="pure-form pure-form-stacked" action="/login?referer=<%= URI.escape(referer) %>" method="post">
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<label for="email">Email:</label>
|
<label for="email">Email:</label>
|
||||||
<input required class="pure-input-1" name="email" type="email" placeholder="Email">
|
<input required class="pure-input-1" name="email" type="email" placeholder="Email">
|
||||||
|
@ -34,7 +34,7 @@
|
|||||||
<div class="pure-u-1 pure-u-md-8-24 user-field">
|
<div class="pure-u-1 pure-u-md-8-24 user-field">
|
||||||
<% if env.get? "user" %>
|
<% if env.get? "user" %>
|
||||||
<div class="pure-u-1-4">
|
<div class="pure-u-1-4">
|
||||||
<a href="/toggle_theme" class="pure-menu-heading">
|
<a href="/toggle_theme?referer=<%= env.get("current_page") %>" class="pure-menu-heading">
|
||||||
<% preferences = env.get("user").as(User).preferences %>
|
<% preferences = env.get("user").as(User).preferences %>
|
||||||
<% if preferences.dark_mode %>
|
<% if preferences.dark_mode %>
|
||||||
<i class="icon ion-ios-sunny"></i>
|
<i class="icon ion-ios-sunny"></i>
|
||||||
@ -54,15 +54,15 @@
|
|||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="pure-u-1-4">
|
<div class="pure-u-1-4">
|
||||||
<a href="/preferences" class="pure-menu-heading">
|
<a href="/preferences?referer=<%= env.get("current_page") %>" class="pure-menu-heading">
|
||||||
<i class="icon ion-ios-cog"></i>
|
<i class="icon ion-ios-cog"></i>
|
||||||
</a>
|
</a>
|
||||||
</div>
|
</div>
|
||||||
<div class="pure-u-1-4">
|
<div class="pure-u-1-4">
|
||||||
<a href="/signout" class="pure-menu-heading">Sign out</a>
|
<a href="/signout?referer=<%= env.get("current_page") %>" class="pure-menu-heading">Sign out</a>
|
||||||
</div>
|
</div>
|
||||||
<% else %>
|
<% else %>
|
||||||
<a href="/login" class="pure-menu-heading">Login</a>
|
<a href="/login?referer=<%= env.get("current_page") %>" class="pure-menu-heading">Login</a>
|
||||||
<% end %>
|
<% end %>
|
||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
|
@ -232,20 +232,20 @@ get_youtube_comments();
|
|||||||
<% if user %>
|
<% if user %>
|
||||||
<% if subscriptions.includes? video.ucid %>
|
<% if subscriptions.includes? video.ucid %>
|
||||||
<p>
|
<p>
|
||||||
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= video.ucid %>">
|
<a href="/subscription_ajax?action_remove_subscriptions=1&c=<%= video.ucid %>&referer=<%= env.get("current_page") %>">
|
||||||
<b>Unsubscribe from <%= video.author %></b>
|
<b>Unsubscribe from <%= video.author %></b>
|
||||||
</a>
|
</a>
|
||||||
</p>
|
</p>
|
||||||
<% else %>
|
<% else %>
|
||||||
<p>
|
<p>
|
||||||
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= video.ucid %>">
|
<a href="/subscription_ajax?action_create_subscription_to_channel=1&c=<%= video.ucid %>&referer=<%= env.get("current_page") %>">
|
||||||
<b>Subscribe to <%= video.author %></b>
|
<b>Subscribe to <%= video.author %></b>
|
||||||
</a>
|
</a>
|
||||||
</p>
|
</p>
|
||||||
<% end %>
|
<% end %>
|
||||||
<% else %>
|
<% else %>
|
||||||
<p>
|
<p>
|
||||||
<a href="/login">
|
<a href="/login?referer=<%= env.get("current_page") %>">
|
||||||
<b>Login to subscribe to <%= video.author %></b>
|
<b>Login to subscribe to <%= video.author %></b>
|
||||||
</a>
|
</a>
|
||||||
</p>
|
</p>
|
||||||
|
Loading…
Reference in New Issue
Block a user