Make vm-ping more resilient, closes #289

This commit is contained in:
Disassembler 2018-10-28 08:00:14 +01:00
parent 6b38073372
commit 0a32d9ed9d
Signed by: Disassembler
GPG Key ID: 524BD33A0EE29499
3 changed files with 10 additions and 6 deletions

View File

@ -67,7 +67,7 @@ def resolve_ip(domain, type):
def ping_url(url): def ping_url(url):
try: try:
return requests.post('https://tools.dasm.cz/vm-ping.php', data = {'url': url}, timeout=5).text == 'vm-pong' return requests.get('https://tools.dasm.cz/vm-ping.php', params = {'url': url}, timeout=5).text == 'vm-pong'
except requests.exceptions.Timeout: except requests.exceptions.Timeout:
raise raise
except: except:

View File

@ -163,7 +163,7 @@ class WSGIApp(object):
try: try:
domain = request.form['domain'] domain = request.form['domain']
port = request.form['port'] port = request.form['port']
self.vmmgr.update_host(domain, port, False) self.vmmgr.update_host(domain, port)
server_name = request.environ['HTTP_X_FORWARDED_SERVER_NAME'] server_name = request.environ['HTTP_X_FORWARDED_SERVER_NAME']
url = '{}/setup-host'.format(tools.compile_url(server_name, port)) url = '{}/setup-host'.format(tools.compile_url(server_name, port))
response = self.render_json({'ok': request.session.lang.host_updated(url, url)}) response = self.render_json({'ok': request.session.lang.host_updated(url, url)})

View File

@ -1,14 +1,18 @@
<?php <?php
$url = (string)filter_input(INPUT_POST, 'url'); // Extract URL from 'url' GET field
$url = (string)filter_input(INPUT_GET, 'url');
if (empty($url)) { if (empty($url)) {
exit; exit;
} }
if(substr($url, -1) == '/') { // Strip endpoint to scheme://host:port/vm-ping to prevent abuse
$url = substr($url, 0, -1); $url = parse_url($url);
if (!$url) {
exit;
} }
$url .= '/vm-ping'; $url = $url['scheme'].'://'.$url['host'].(!empty($url['port']) ? ':'.$url['port'] : '').'/vm-ping';
// Ping the remote endpoint
$ch = curl_init($url); $ch = curl_init($url);
curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => FALSE, CURLOPT_SSL_VERIFYHOST => FALSE, CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_TIMEOUT => 4]); curl_setopt_array($ch, [CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HEADER => FALSE, CURLOPT_SSL_VERIFYHOST => FALSE, CURLOPT_SSL_VERIFYPEER => FALSE, CURLOPT_TIMEOUT => 4]);
$content = curl_exec($ch); $content = curl_exec($ch);