]> git.mxchange.org Git - fba.git/blobdiff - fba/csrf.py
projects / fba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Continued:
[fba.git] / fba / csrf.py
diff --git a/fba/csrf.py b/fba/csrf.py
index caaed3880756e9d270e054221e7fe1bf4417de48..a7f942dc2612b0b97065ffc5aaa6110bb6581151 100644 (file)
--- a/fba/csrf.py
+++ b/fba/csrf.py
@@ -18,7 +18,6 @@ import bs4
 import reqto
 
 from fba import config
-#from fba import instances
 from fba import network
 
 def determine(domain: str, headers: dict) -> dict:
@@ -27,40 +26,35 @@ def determine(domain: str, headers: dict) -> dict:
         raise ValueError(f"Parameter domain[]='{type(domain)}' is not 'str'")
     elif domain == "":
         raise ValueError("Parameter 'domain' is empty")
+    elif domain.endswith(".tld"):
+        raise ValueError(f"domain='{domain}' is a fake domain, please don't crawl them!")
     elif not isinstance(headers, dict):
         raise ValueError(f"Parameter headers[]='{type(headers)}' is not 'dict'")
 
     # Default headers with no CSRF
     reqheaders = headers
 
-    try:
-        # Fetch / to check for meta tag indicating csrf
-        # DEBUG: print(f"DEBUG: Fetching / from domain='{domain}' for CSRF check ...")
-        response = reqto.get(
-            f"https://{domain}/",
-            headers=network.web_headers,
-            timeout=(config.get("connection_timeout"), config.get("read_timeout"))
+    # Fetch / to check for meta tag indicating csrf
+    # DEBUG: print(f"DEBUG: Fetching / from domain='{domain}' for CSRF check ...")
+    response = reqto.get(
+        f"https://{domain}/",
+        headers=network.web_headers,
+        timeout=(config.get("connection_timeout"), config.get("read_timeout"))
+    )
+
+    # DEBUG: print(f"DEBUG: response.ok='{response.ok}',response.status_code={response.status_code},response.text()={len(response.text)}")
+    if response.ok and len(response.text) > 0:
+        meta = bs4.BeautifulSoup(
+            response.text,
+            "html.parser"
         )
+        # DEBUG: print(f"DEBUG: meta[]='{type(meta)}'")
+        tag = meta.find("meta", attrs={"name": "csrf-token"})
 
-        # DEBUG: print(f"DEBUG: response.ok='{response.ok}',response.status_code={response.status_code},response.text()={len(response.text)}")
-        if response.ok and len(response.text) > 0:
-            meta = bs4.BeautifulSoup(
-                response.text,
-                "html.parser"
-            )
-            # DEBUG: print(f"DEBUG: meta[]='{type(meta)}'")
-
-            tag = meta.find("meta", attrs={"name": "csrf-token"})
-            # DEBUG: print(f"DEBUG: tag={tag}")
-
-            csrf = tag["content"]
-            # DEBUG: print(f"DEBUG: Adding CSRF token='{csrf}' for domain='{domain}'")
-
-            reqheaders = {**headers, **{"X-CSRF-Token": csrf}}
-
-    except BaseException as exception:
-        # DEBUG: print(f"DEBUG: No CSRF token found, using normal headers: domain='{domain}',exception[{type(exception)}]={exception}")
-        pass
+        # DEBUG: print(f"DEBUG: tag={tag}")
+        if tag is not None:
+            # DEBUG: print(f"DEBUG: Adding CSRF token='{tag['content']}' for domain='{domain}'")
+            reqheaders["X-CSRF-Token"] = tag["content"]
 
     # DEBUG: print(f"DEBUG: reqheaders()={len(reqheaders)} - EXIT!")
     return reqheaders
Personal clone of "fedi-block-api", if you like to use the command fetch_instances_social you need to get an API key from https://instances.social .