mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2025-08-17 09:02:15 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

remember url-hash during login from 403

Browse source
This commit is contained in:
ed 2024-05-05 22:37:41 +00:00
parent da091aec85
commit f8491970fd
3 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
copyparty/httpcli.py
View file

@ -2302,6 +2302,10 @@ class HttpCli(object):
def handle_login(self) -> bool: def handle_login(self) -> bool:
assert self.parser assert self.parser
pwd = self.parser.require("cppwd", 64) pwd = self.parser.require("cppwd", 64)
try:
uhash = self.parser.require("uhash", 256)
except:
uhash = ""
self.parser.drop() self.parser.drop()
self.out_headerlist = [ self.out_headerlist = [
@ -2314,6 +2318,11 @@ class HttpCli(object):
dst += self.ourlq() dst += self.ourlq()
uhash = uhash.lstrip("#")
if uhash not in ("", "-"):
dst += "&" if "?" in dst else "?"
dst += "_=1#" + html_escape(uhash, True, True)
msg = self.get_pwd_cookie(pwd) msg = self.get_pwd_cookie(pwd)
html = self.j2s("msg", h1=msg, h2='<a href="' + dst + '">ack</a>', redir=dst) html = self.j2s("msg", h1=msg, h2='<a href="' + dst + '">ack</a>', redir=dst)
self.reply(html.encode("utf-8")) self.reply(html.encode("utf-8"))
@ -4876,8 +4885,11 @@ class HttpCli(object):
ogh["og:title"] = title ogh["og:title"] = title
zs = '\t<meta property="%s" content="%s">' oghs = [
oghs = [zs % (k, html_escape(str(v))) for k, v in ogh.items()] '\t<meta property="%s" content="%s">'
% (k, html_escape(str(v), True, True))
for k, v in ogh.items()
]
zs = self.html_head + "\n%s\n" % ("\n".join(oghs),) zs = self.html_head + "\n%s\n" % ("\n".join(oghs),)
self.html_head = zs.replace("\n\n", "\n") self.html_head = zs.replace("\n\n", "\n")

1
copyparty/web/splash.html
View file

@ -95,6 +95,7 @@
<form method="post" enctype="multipart/form-data" action="{{ r }}/{{ qvpath }}"> <form method="post" enctype="multipart/form-data" action="{{ r }}/{{ qvpath }}">
<input type="hidden" name="act" value="login" /> <input type="hidden" name="act" value="login" />
<input type="password" name="cppwd" placeholder=" password" /> <input type="password" name="cppwd" placeholder=" password" />
<input type="hidden" name="uhash" id="uhash" value="x" />
<input type="submit" value="Login" /> <input type="submit" value="Login" />
{% if ahttps %} {% if ahttps %}
<a id="w" href="{{ ahttps }}">switch to https</a> <a id="w" href="{{ ahttps }}">switch to https</a>

2
copyparty/web/splash.js
View file

@ -66,3 +66,5 @@ if (!ebi('c') && o.offsetTop + o.offsetHeight < window.innerHeight)
o = ebi('u'); o = ebi('u');
if (o && /[0-9]+$/.exec(o.innerHTML)) if (o && /[0-9]+$/.exec(o.innerHTML))
o.innerHTML = shumantime(o.innerHTML); o.innerHTML = shumantime(o.innerHTML);
ebi('uhash').value = '' + location.hash;