Fix antiproxying (again).

Fuck it, just hardcode it. They rewrite certain parts of our markup so we can't rely on anything in the html.
2020-06-02 23:03:04 -05:00
parent bfa76abb56
commit 647556761b
4 changed files with 8 additions and 14 deletions
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@@ -272,6 +272,8 @@ module ApplicationHelper
      current_item_data_attributes = data_attributes_for(current_item, model_name, model_attributes)
    end

+    config_data_attributes = data_attributes_for(Danbooru.config, "config", [:hostname, :domain])
+
    controller_param = params[:controller].parameterize.dasherize
    action_param = params[:action].parameterize.dasherize

@@ -282,8 +284,11 @@ module ApplicationHelper
        controller: controller_param,
        action: action_param,
        layout: controller.class.send(:_layout),
+        "current-user-ip-addr": request.remote_ip,
        **current_user_data_attributes,
-        **current_item_data_attributes.to_h
+        **current_item_data_attributes.to_h,
+        **config_data_attributes,
+        "config-environment": Rails.env,
      }
    }
  end
--- a/app/javascript/src/javascripts/common.js
+++ b/app/javascript/src/javascripts/common.js
@@ -20,8 +20,8 @@ $(function() {
    e.preventDefault();
  });

-  if (Danbooru.config["enable_antiproxying?"] && !location.hostname.endsWith(Danbooru.config.domain)) {
-    location.hostname = Danbooru.config.hostname;
+  if (location.hostname.endsWith("danbooru.me")) {
+    location.hostname = "danbooru.donmai.us";
  }
 });

--- a/app/views/layouts/default.html.erb
+++ b/app/views/layouts/default.html.erb
@@ -120,7 +120,6 @@
      window.Danbooru = {};
    }

-    window.Danbooru.config = <%= [:hostname, :domain, :enable_antiproxying?].map { |opt| [opt, Danbooru.config.send(opt)] }.to_h.to_json.html_safe %>;
    window.Danbooru.notice = Danbooru.Utility.notice;
    window.Danbooru.error = Danbooru.Utility.error;
  </script>
--- a/config/danbooru_default_config.rb
+++ b/config/danbooru_default_config.rb
@@ -30,11 +30,6 @@ module Danbooru
      Socket.gethostname
    end

-    # The canonical base domain for the site, e.g. donmai.us.
-    def domain
-      hostname
-    end
-
    # Contact email address of the admin.
    def contact_email
      "webmaster@#{hostname}"
@@ -472,11 +467,6 @@ module Danbooru
    def redis_url
      "redis://localhost:6379"
    end
-
-    # Try to prevent copycat sites from proxying our site and inserting ads or phishing passwords.
-    def enable_antiproxying?
-      Rails.env.production?
-    end
  end

  class EnvironmentConfiguration