discourse/lib/crawler_detection.rb

# frozen_string_literal: true

module CrawlerDetection
  WAYBACK_MACHINE_URL = "archive.org"

  def self.to_matcher(string, type: nil)
    escaped = string.split("|").map { |agent| Regexp.escape(agent) }.join("|")

    if type == :real && Rails.env == "test"
      # we need this bypass so we properly render views
      escaped << "|Rails Testing"
    end

    Regexp.new(escaped, Regexp::IGNORECASE)
  end

  def self.crawler?(user_agent, via_header = nil)
    if user_agent.nil? || user_agent&.include?(WAYBACK_MACHINE_URL) ||
         via_header&.include?(WAYBACK_MACHINE_URL)
      return true
    end

    # this is done to avoid regenerating regexes
    @non_crawler_matchers ||= {}
    @matchers ||= {}

    possibly_real =
      (
        @non_crawler_matchers[SiteSetting.non_crawler_user_agents] ||= to_matcher(
          SiteSetting.non_crawler_user_agents,
          type: :real,
        )
      )

    if user_agent.match?(possibly_real)
      known_bots =
        (@matchers[SiteSetting.crawler_user_agents] ||= to_matcher(SiteSetting.crawler_user_agents))
      if user_agent.match?(known_bots)
        bypass =
          (
            @matchers[SiteSetting.crawler_check_bypass_agents] ||= to_matcher(
              SiteSetting.crawler_check_bypass_agents,
            )
          )
        !user_agent.match?(bypass)
      else
        false
      end
    else
      true
    end
  end

  def self.show_browser_update?(user_agent)
    return false if SiteSetting.browser_update_user_agents.blank?

    @browser_update_matchers ||= {}
    matcher =
      @browser_update_matchers[SiteSetting.browser_update_user_agents] ||= to_matcher(
        SiteSetting.browser_update_user_agents,
      )
    user_agent.match?(matcher)
  end

  # Given a user_agent that returns true from crawler?, should its request be allowed?
  def self.allow_crawler?(user_agent)
    if SiteSetting.allowed_crawler_user_agents.blank? &&
         SiteSetting.blocked_crawler_user_agents.blank?
      return true
    end

    @allowlisted_matchers ||= {}
    @blocklisted_matchers ||= {}

    if SiteSetting.allowed_crawler_user_agents.present?
      allowlisted =
        @allowlisted_matchers[SiteSetting.allowed_crawler_user_agents] ||= to_matcher(
          SiteSetting.allowed_crawler_user_agents,
        )
      !user_agent.nil? && user_agent.match?(allowlisted)
    else
      blocklisted =
        @blocklisted_matchers[SiteSetting.blocked_crawler_user_agents] ||= to_matcher(
          SiteSetting.blocked_crawler_user_agents,
        )
      user_agent.nil? || !user_agent.match?(blocklisted)
    end
  end

  def self.is_blocked_crawler?(user_agent)
    crawler?(user_agent) && !allow_crawler?(user_agent)
  end
end
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-02 18:17:27 -04:00			`# frozen_string_literal: true`

REFACTOR: Rename `GooglebotDetection` to `CrawlerDetection` because we will likely whitelist more crawlers in the future. 2014-02-20 16:07:02 -05:00			`module CrawlerDetection`
FIX: Detect Wayback Machine using user agent (#9777) 2020-05-14 07:10:07 -04:00			`WAYBACK_MACHINE_URL = "archive.org"`
FEATURE: flexible crawler detection You can use the crawler user agents site setting to amend what user agents are considered crawlers based on a string match in the user agent Also improves performance of crawler detection slightly 2017-09-28 22:31:50 -04:00
correct specs, ensure crawler layout only applies to html 2018-01-16 00:28:11 -05:00			`def self.to_matcher(string, type: nil)`
FEATURE: flexible crawler detection You can use the crawler user agents site setting to amend what user agents are considered crawlers based on a string match in the user agent Also improves performance of crawler detection slightly 2017-09-28 22:31:50 -04:00			`escaped = string.split("\|").map { \|agent\| Regexp.escape(agent) }.join("\|")`
correct specs, ensure crawler layout only applies to html 2018-01-16 00:28:11 -05:00
			`if type == :real && Rails.env == "test"`
			`# we need this bypass so we properly render views`
			`escaped << "\|Rails Testing"`
			`end`

FEATURE: much improved and simplified crawler detection - phase one does it match 'trident\|webkit\|gecko\|chrome\|safari\|msie\|opera' yes- well it is possibly a browser - phase two does it match 'rss\|bot\|spider\|crawler\|facebook\|archive\|wayback\|ping\|monitor' probably a crawler then Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53 2018-01-15 23:41:13 -05:00			`Regexp.new(escaped, Regexp::IGNORECASE)`
FEATURE: flexible crawler detection You can use the crawler user agents site setting to amend what user agents are considered crawlers based on a string match in the user agent Also improves performance of crawler detection slightly 2017-09-28 22:31:50 -04:00			`end`
FEATURE: add 360Spider UA to allow 360 crawl Discourse sites 2015-02-14 09:24:51 -05:00
FIX: use crawler layout when saving url in Wayback Machine (#7667) 2019-06-02 22:13:32 -04:00			`def self.crawler?(user_agent, via_header = nil)`
FIX: Detect Wayback Machine using user agent (#9777) 2020-05-14 07:10:07 -04:00			`if user_agent.nil? \|\| user_agent&.include?(WAYBACK_MACHINE_URL) \|\|`
			`via_header&.include?(WAYBACK_MACHINE_URL)`
			`return true`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 07:10:19 -05:00			`end`
correct specs, ensure crawler layout only applies to html 2018-01-16 00:28:11 -05:00
FEATURE: flexible crawler detection You can use the crawler user agents site setting to amend what user agents are considered crawlers based on a string match in the user agent Also improves performance of crawler detection slightly 2017-09-28 22:31:50 -04:00			`# this is done to avoid regenerating regexes`
FEATURE: much improved and simplified crawler detection - phase one does it match 'trident\|webkit\|gecko\|chrome\|safari\|msie\|opera' yes- well it is possibly a browser - phase two does it match 'rss\|bot\|spider\|crawler\|facebook\|archive\|wayback\|ping\|monitor' probably a crawler then Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53 2018-01-15 23:41:13 -05:00			`@non_crawler_matchers \|\|= {}`
FEATURE: flexible crawler detection You can use the crawler user agents site setting to amend what user agents are considered crawlers based on a string match in the user agent Also improves performance of crawler detection slightly 2017-09-28 22:31:50 -04:00			`@matchers \|\|= {}`
FEATURE: much improved and simplified crawler detection - phase one does it match 'trident\|webkit\|gecko\|chrome\|safari\|msie\|opera' yes- well it is possibly a browser - phase two does it match 'rss\|bot\|spider\|crawler\|facebook\|archive\|wayback\|ping\|monitor' probably a crawler then Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53 2018-01-15 23:41:13 -05:00
correct specs, ensure crawler layout only applies to html 2018-01-16 00:28:11 -05:00			`possibly_real =`
			`(`
			`@non_crawler_matchers[SiteSetting.non_crawler_user_agents] \|\|= to_matcher(`
			`SiteSetting.non_crawler_user_agents,`
			`type: :real,`
			`)`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 07:10:19 -05:00			`)`
FEATURE: much improved and simplified crawler detection - phase one does it match 'trident\|webkit\|gecko\|chrome\|safari\|msie\|opera' yes- well it is possibly a browser - phase two does it match 'rss\|bot\|spider\|crawler\|facebook\|archive\|wayback\|ping\|monitor' probably a crawler then Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53 2018-01-15 23:41:13 -05:00
			`if user_agent.match?(possibly_real)`
			`known_bots =`
			`(@matchers[SiteSetting.crawler_user_agents] \|\|= to_matcher(SiteSetting.crawler_user_agents))`
FIX: cubot android devices were detected as crawlers 2018-06-20 20:56:46 -04:00			`if user_agent.match?(known_bots)`
			`bypass =`
			`(`
			`@matchers[SiteSetting.crawler_check_bypass_agents] \|\|= to_matcher(`
			`SiteSetting.crawler_check_bypass_agents,`
			`)`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 07:10:19 -05:00			`)`
FIX: cubot android devices were detected as crawlers 2018-06-20 20:56:46 -04:00			`!user_agent.match?(bypass)`
			`else`
			`false`
			`end`
FEATURE: much improved and simplified crawler detection - phase one does it match 'trident\|webkit\|gecko\|chrome\|safari\|msie\|opera' yes- well it is possibly a browser - phase two does it match 'rss\|bot\|spider\|crawler\|facebook\|archive\|wayback\|ping\|monitor' probably a crawler then Based off: https://gist.github.com/SamSaffron/6cfad7ea3e6df321ffb7a84f93720a53 2018-01-15 23:41:13 -05:00			`else`
			`true`
			`end`
Detect Googlebot from user agent and use a different layout that doesn't load javascript 2014-02-14 17:10:08 -05:00			`end`
FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-15 17:10:45 -04:00
FEATURE: Implement browser update in crawler view (#12448) browser-update script does not work correctly in some very old browsers because the contents of <noscript> is not accessible in JavaScript. For these browsers, the server can display the crawler page and add the browser update notice. Simply loading the browser-update script in the crawler view is not a solution because that means all crawlers will also see it. 2021-03-22 13:41:42 -04:00			`def self.show_browser_update?(user_agent)`
			`return false if SiteSetting.browser_update_user_agents.blank?`

			`@browser_update_matchers \|\|= {}`
			`matcher =`
			`@browser_update_matchers[SiteSetting.browser_update_user_agents] \|\|= to_matcher(`
			`SiteSetting.browser_update_user_agents,`
			`)`
			`user_agent.match?(matcher)`
			`end`

FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-15 17:10:45 -04:00			`# Given a user_agent that returns true from crawler?, should its request be allowed?`
			`def self.allow_crawler?(user_agent)`
FIX: use allowlist and blocklist terminology (#10209) This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist. 2020-07-26 20:23:54 -04:00			`if SiteSetting.allowed_crawler_user_agents.blank? &&`
			`SiteSetting.blocked_crawler_user_agents.blank?`
			`return true`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 07:10:19 -05:00			`end`
FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-15 17:10:45 -04:00
FIX: use allowlist and blocklist terminology (#10209) This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist. 2020-07-26 20:23:54 -04:00			`@allowlisted_matchers \|\|= {}`
			`@blocklisted_matchers \|\|= {}`
FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-15 17:10:45 -04:00
FIX: use allowlist and blocklist terminology (#10209) This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist. 2020-07-26 20:23:54 -04:00			`if SiteSetting.allowed_crawler_user_agents.present?`
			`allowlisted =`
			`@allowlisted_matchers[SiteSetting.allowed_crawler_user_agents] \|\|= to_matcher(`
			`SiteSetting.allowed_crawler_user_agents,`
			`)`
			`!user_agent.nil? && user_agent.match?(allowlisted)`
FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-15 17:10:45 -04:00			`else`
FIX: use allowlist and blocklist terminology (#10209) This is a PR of the renaming whitelist to allowlist and blacklist to the blocklist. 2020-07-26 20:23:54 -04:00			`blocklisted =`
			`@blocklisted_matchers[SiteSetting.blocked_crawler_user_agents] \|\|= to_matcher(`
			`SiteSetting.blocked_crawler_user_agents,`
			`)`
			`user_agent.nil? \|\| !user_agent.match?(blocklisted)`
FEATURE: control which web crawlers can access using a whitelist or blacklist 2018-03-15 17:10:45 -04:00			`end`
			`end`

			`def self.is_blocked_crawler?(user_agent)`
			`crawler?(user_agent) && !allow_crawler?(user_agent)`
			`end`
Detect Googlebot from user agent and use a different layout that doesn't load javascript 2014-02-14 17:10:08 -05:00			`end`