From a08c1e20e34164f61e749739930fb9ae3d45e6db Mon Sep 17 00:00:00 2001 From: =?utf8?q?Roland=20H=C3=A4der?= Date: Fri, 8 Dec 2023 05:44:15 +0100 Subject: [PATCH] Continued: - more checks against blacklist --- fba/helpers/cookies.py | 3 +-- fba/helpers/domain.py | 4 +++- fba/http/csrf.py | 5 ++++- fba/http/federation.py | 6 +++--- fba/models/error_log.py | 5 ++++- fba/networks/friendica.py | 6 +++--- fba/networks/lemmy.py | 2 ++ fba/networks/misskey.py | 2 ++ fba/networks/peertube.py | 2 ++ fba/utils.py | 7 +++---- 10 files changed, 27 insertions(+), 15 deletions(-) diff --git a/fba/helpers/cookies.py b/fba/helpers/cookies.py index 15f4fc7..b23e644 100644 --- a/fba/helpers/cookies.py +++ b/fba/helpers/cookies.py @@ -44,8 +44,7 @@ def get_all(domain: str) -> dict: if blacklist.is_blacklisted(domain): raise ValueError(f"domain='{domain}' is blacklisted but function was invoked") - - if domain not in _cookies: + elif domain not in _cookies: return dict() logger.debug("_cookies[%s]()=%d - EXIT!", domain, len(_cookies[domain])) diff --git a/fba/helpers/domain.py b/fba/helpers/domain.py index 5f5e15a..4141258 100644 --- a/fba/helpers/domain.py +++ b/fba/helpers/domain.py @@ -70,7 +70,9 @@ def is_in_url(domain: str, url: str) -> bool: logger.debug("domain='%s',url='%s' - CALLED!", domain, url) raise_on(domain) - if not isinstance(url, str): + if blacklist.is_blacklisted(domain): + raise ValueError(f"domain='{domain}' is blacklisted but function was invoked") + elif not isinstance(url, str): raise ValueError(f"Parameter url[]='{type(url)}' is not of type 'str'") elif url == "": raise ValueError("Parameter 'url' is empty") diff --git a/fba/http/csrf.py b/fba/http/csrf.py index 9f349e7..b84d5aa 100644 --- a/fba/http/csrf.py +++ b/fba/http/csrf.py @@ -20,6 +20,7 @@ import bs4 import reqto import requests +from fba.helpers import blacklist from fba.helpers import config from fba.helpers import cookies from fba.helpers import domain as domain_helper @@ -35,7 +36,9 @@ def determine(domain: str, headers: dict) -> dict: logger.debug("domain='%s',headers()=%d - CALLED!", domain, len(headers)) domain_helper.raise_on(domain) - if not isinstance(headers, dict): + if blacklist.is_blacklisted(domain): + raise Exception(f"domain='{domain}' is blacklisted but function is invoked.") + elif not isinstance(headers, dict): raise ValueError(f"Parameter headers[]='{type(headers)}' is not of type 'dict'") # Default headers with no CSRF diff --git a/fba/http/federation.py b/fba/http/federation.py index 2cb50f4..e0bd1ae 100644 --- a/fba/http/federation.py +++ b/fba/http/federation.py @@ -567,10 +567,10 @@ def fetch_blocks(domain: str) -> list: logger.debug("domain='%s' - CALLED!", domain) domain_helper.raise_on(domain) - if not instances.is_registered(domain): - raise Exception(f"domain='{domain}' is not registered but function is invoked.") - elif blacklist.is_blacklisted(domain): + if blacklist.is_blacklisted(domain): raise Exception(f"domain='{domain}' is blacklisted but function was invoked") + elif not instances.is_registered(domain): + raise Exception(f"domain='{domain}' is not registered but function is invoked.") # Init block list blocklist = list() diff --git a/fba/models/error_log.py b/fba/models/error_log.py index 3e6e35b..35e0933 100644 --- a/fba/models/error_log.py +++ b/fba/models/error_log.py @@ -19,6 +19,7 @@ import time from fba import database +from fba.helpers import blacklist from fba.helpers import config from fba.helpers import domain as domain_helper @@ -29,7 +30,9 @@ def add(domain: str, error: dict): logger.debug("domain='%s',error[]='%s' - CALLED!", domain, type(error)) domain_helper.raise_on(domain) - if config.get("write_error_log").lower() != "true": + if blacklist.is_blacklisted(domain): + raise ValueError(f"domain='{domain}' is blacklisted but function was invoked") + elif config.get("write_error_log").lower() != "true": logger.debug("Writing to error_log is disabled in configuruation file - EXIT!") return diff --git a/fba/networks/friendica.py b/fba/networks/friendica.py index d370818..f723c71 100644 --- a/fba/networks/friendica.py +++ b/fba/networks/friendica.py @@ -35,10 +35,10 @@ def fetch_blocks(domain: str) -> list: logger.debug("domain='%s' - CALLED!", domain) domain_helper.raise_on(domain) - if not instances.is_registered(domain): - raise Exception(f"domain='{domain}' is not registered but function is invoked.") - elif blacklist.is_blacklisted(domain): + if blacklist.is_blacklisted(domain): raise Exception(f"domain='{domain}' is blacklisted but function is invoked.") + elif not instances.is_registered(domain): + raise Exception(f"domain='{domain}' is not registered but function is invoked.") blocklist = list() block_tag = None diff --git a/fba/networks/lemmy.py b/fba/networks/lemmy.py index 8c6e336..d216cf8 100644 --- a/fba/networks/lemmy.py +++ b/fba/networks/lemmy.py @@ -74,6 +74,8 @@ def fetch_peers(domain: str, origin: str) -> list: if blacklist.is_blacklisted(domain): raise Exception(f"domain='{domain}' is blacklisted but function is invoked.") + elif not instances.is_registered(domain): + raise Exception(f"domain='{domain}' is not registered but function is invoked.") peers = list() diff --git a/fba/networks/misskey.py b/fba/networks/misskey.py index e544d3a..6100504 100644 --- a/fba/networks/misskey.py +++ b/fba/networks/misskey.py @@ -37,6 +37,8 @@ def fetch_peers(domain: str) -> list: if blacklist.is_blacklisted(domain): raise Exception(f"domain='{domain}' is blacklisted but function is invoked.") + elif not instances.is_registered(domain): + raise Exception(f"domain='{domain}' is not registered but function is invoked.") logger.debug("domain='%s' is misskey, sending API POST request ...", domain) peers = list() diff --git a/fba/networks/peertube.py b/fba/networks/peertube.py index 61c9e39..caf3865 100644 --- a/fba/networks/peertube.py +++ b/fba/networks/peertube.py @@ -34,6 +34,8 @@ def fetch_peers(domain: str) -> list: if blacklist.is_blacklisted(domain): raise Exception(f"domain='{domain}' is blacklisted but function is invoked.") + elif not instances.is_registered(domain): + raise Exception(f"domain='{domain}' is not registered but function is invoked.") # Init variables peers = list() diff --git a/fba/utils.py b/fba/utils.py index 8244a78..562abde 100644 --- a/fba/utils.py +++ b/fba/utils.py @@ -21,6 +21,7 @@ from urllib.parse import urlparse import bs4 import requests +from fba.helpers import blacklist from fba.helpers import config from fba.helpers import domain as domain_helper from fba.helpers import tidyup @@ -123,10 +124,8 @@ def deobfuscate(domain: str, blocker: str, domain_hash: str = None) -> str: logger.debug("domain='%s',blocker='%s',domain_hash='%s' - CALLED!", domain, blocker, domain_hash) domain_helper.raise_on(blocker) - if not isinstance(domain, str): - raise ValueError(f"Parameter domain[]='{type(domain)}' is not of type 'str'") - elif domain == "": - raise ValueError("Parameter domain is empty") + if blacklist.is_blacklisted(domain): + raise ValueError(f"domain='{domain}' is blacklisted but function was invoked") elif not isinstance(domain_hash, str) and domain_hash is not None: raise ValueError(f"Parameter domain_hash[]='{type(domain_hash)}' is not of type 'str'") -- 2.39.5