discourse/lib/final_destination.rb

require "socket"
require "ipaddr"
require 'excon'
require 'rate_limiter'

# Determine the final endpoint for a Web URI, following redirects
class FinalDestination

  attr_reader :status
  attr_reader :cookie

  def initialize(url, opts = nil)
    @url = url
    @uri =
      begin
        URI(escape_url) if @url
      rescue URI::InvalidURIError
      end

    @opts = opts || {}
    @opts[:max_redirects] ||= 5
    @opts[:lookup_ip] ||= lambda do |host|
      begin
        IPSocket::getaddress(host)
      rescue SocketError
        nil
      end
    end
    @ignored = [Discourse.base_url_no_prefix] + (@opts[:ignore_redirects] || [])
    @limit = @opts[:max_redirects]
    @status = :ready
    @cookie = nil
  end

  def self.connection_timeout
    20
  end

  def redirected?
    @limit < @opts[:max_redirects]
  end

  def request_headers
    result = {
      "User-Agent" => "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36",
      "Accept" => "text/html",
      "Host" => @uri.hostname
    }

    result['cookie'] = @cookie if @cookie

    result
  end

  def small_get(headers)
    Net::HTTP.start(@uri.host, @uri.port, use_ssl: @uri.is_a?(URI::HTTPS)) do |http|
      http.open_timeout = FinalDestination.connection_timeout
      http.read_timeout = FinalDestination.connection_timeout

      request = Net::HTTP::Get.new(@uri.request_uri, headers)
      http.request(request) do |response|
        return response
      end
    end
  end

  def resolve
    if @limit < 0
      @status = :too_many_redirects
      return nil
    end

    @ignored.each do |host|
      if hostname_matches?(host)
        @status = :resolved
        return @uri
      end
    end

    return nil unless validate_uri
    headers = request_headers
    response = Excon.head(
      @uri.to_s,
      read_timeout: FinalDestination.connection_timeout,
      headers: headers
    )

    location = nil
    case response.status
    when 200
      @status = :resolved
      return @uri
    when 405, 409, 501
      get_response = small_get(headers)

      if get_response.code.to_i == 200
        @status = :resolved
        return @uri
      end

      if cookie_val = get_response.get_fields('set-cookie')
        @cookie = cookie_val.join
      end

      if location_val = get_response.get_fields('location')
        location = location_val.join
      end
    else
      response.headers.each do |k, v|
        case k.downcase
        when 'set-cookie' then @cookie = v
        when 'location' then location = v
        end
      end
    end

    if location
      location = "#{@uri.scheme}://#{@uri.host}#{location}" if location[0] == "/"
      @uri = URI(location) rescue nil
      @limit -= 1
      return resolve
    end

    nil
  end

  def validate_uri
    validate_uri_format && is_dest_valid?
  end

  def validate_uri_format
    return false unless @uri
    return false unless ['https', 'http'].include?(@uri.scheme)
    return false if @uri.scheme == 'http' && @uri.port != 80
    return false if @uri.scheme == 'https' && @uri.port != 443

    # Disallow IP based crawling
    (IPAddr.new(@uri.hostname) rescue nil).nil?
  end

  def hostname_matches?(url)
    @uri && url.present? && @uri.hostname == (URI(url) rescue nil)&.hostname
  end

  def is_dest_valid?

    return false unless @uri && @uri.host

    # Whitelisted hosts
    return true if hostname_matches?(SiteSetting.s3_cdn_url) ||
      hostname_matches?(GlobalSetting.try(:cdn_url)) ||
      hostname_matches?(Discourse.base_url_no_prefix)

    if SiteSetting.whitelist_internal_hosts.present?
      SiteSetting.whitelist_internal_hosts.split('|').each do |h|
        return true if @uri.hostname.downcase == h.downcase
      end
    end

    address_s = @opts[:lookup_ip].call(@uri.hostname)
    return false unless address_s

    address = IPAddr.new(address_s)

    if private_ranges.any? { |r| r === address }
      @status = :invalid_address
      return false
    end

    # Rate limit how often this IP can be crawled
    unless @opts[:skip_rate_limit]
      RateLimiter.new(nil, "crawl-destination-ip:#{address_s}", 100, 1.hour).performed!
    end

    true
  rescue RateLimiter::LimitExceeded
    false
  end

  def escape_url
    URI.escape(CGI.unescapeHTML(@url), Regexp.new("[^#{URI::PATTERN::UNRESERVED}#{URI::PATTERN::RESERVED}#]"))
  end

  def private_ranges
    FinalDestination.standard_private_ranges +
      SiteSetting.blacklist_ip_blocks.split('|').map { |r| IPAddr.new(r) rescue nil }.compact
  end

  def self.standard_private_ranges
    @private_ranges ||= [
      IPAddr.new('127.0.0.1'),
      IPAddr.new('172.16.0.0/12'),
      IPAddr.new('192.168.0.0/16'),
      IPAddr.new('10.0.0.0/8'),
      IPAddr.new('fc00::/7')
    ]
  end

  def self.lookup_ip(host)
    IPSocket::getaddress(host)
  end

end
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`require "socket"`
			`require "ipaddr"`
			`require 'excon'`
FEATURE: Rate limit how often we'll crawl a destination IP 2017-05-23 15:03:04 -04:00			`require 'rate_limiter'`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00
			`# Determine the final endpoint for a Web URI, following redirects`
			`class FinalDestination`

			`attr_reader :status`
FIX: If HEAD is not supported, try GET. Also set cookies 2017-06-06 13:53:49 -04:00			`attr_reader :cookie`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`def initialize(url, opts = nil)`
extract url escaping to a dedicated class method and improved tests 2017-07-29 12:42:04 -04:00			`@url = url`
Specify the error that we want to ignore instead of rescuing all errors. 2017-07-17 20:50:06 -04:00			`@uri =`
			`begin`
extract url escaping to a dedicated class method and improved tests 2017-07-29 12:42:04 -04:00			`URI(escape_url) if @url`
Specify the error that we want to ignore instead of rescuing all errors. 2017-07-17 20:50:06 -04:00			`rescue URI::InvalidURIError`
			`end`

Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`@opts = opts \|\| {}`
			`@opts[:max_redirects] \|\|= 5`
			`@opts[:lookup_ip] \|\|= lambda do \|host\|`
			`begin`
			`IPSocket::getaddress(host)`
			`rescue SocketError`
			`nil`
			`end`
			`end`
FIX: Support for skipping redirects on certain domains (like steam) 2017-06-26 15:38:23 -04:00			`@ignored = [Discourse.base_url_no_prefix] + (@opts[:ignore_redirects] \|\| [])`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`@limit = @opts[:max_redirects]`
			`@status = :ready`
FIX: If HEAD is not supported, try GET. Also set cookies 2017-06-06 13:53:49 -04:00			`@cookie = nil`
			`end`

			`def self.connection_timeout`
			`20`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`end`

			`def redirected?`
			`@limit < @opts[:max_redirects]`
			`end`

			`def request_headers`
FIX: If HEAD is not supported, try GET. Also set cookies 2017-06-06 13:53:49 -04:00			`result = {`
			`"User-Agent" => "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36",`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`"Accept" => "text/html",`
FIX: If HEAD is not supported, try GET. Also set cookies 2017-06-06 13:53:49 -04:00			`"Host" => @uri.hostname`
			`}`

			`result['cookie'] = @cookie if @cookie`

			`result`
			`end`

			`def small_get(headers)`
			`Net::HTTP.start(@uri.host, @uri.port, use_ssl: @uri.is_a?(URI::HTTPS)) do \|http\|`
			`http.open_timeout = FinalDestination.connection_timeout`
			`http.read_timeout = FinalDestination.connection_timeout`

			`request = Net::HTTP::Get.new(@uri.request_uri, headers)`
			`http.request(request) do \|response\|`
			`return response`
			`end`
			`end`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`end`

			`def resolve`
			`if @limit < 0`
			`@status = :too_many_redirects`
			`return nil`
			`end`

FIX: Support for skipping redirects on certain domains (like steam) 2017-06-26 15:38:23 -04:00			`@ignored.each do \|host\|`
			`if hostname_matches?(host)`
			`@status = :resolved`
			`return @uri`
			`end`
FIX: Always allow the host the forum is hosted on 2017-06-12 13:22:29 -04:00			`end`

Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`return nil unless validate_uri`
			`headers = request_headers`
FIX: If HEAD is not supported, try GET. Also set cookies 2017-06-06 13:53:49 -04:00			`response = Excon.head(`
			`@uri.to_s,`
			`read_timeout: FinalDestination.connection_timeout,`
			`headers: headers`
			`)`

			`location = nil`
			`case response.status`
			`when 200`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`@status = :resolved`
			`return @uri`
FIX: Try a GET for error code 409 too -- (Medium posts) 2017-06-15 15:09:59 -04:00			`when 405, 409, 501`
FIX: If HEAD is not supported, try GET. Also set cookies 2017-06-06 13:53:49 -04:00			`get_response = small_get(headers)`

			`if get_response.code.to_i == 200`
			`@status = :resolved`
			`return @uri`
			`end`

			`if cookie_val = get_response.get_fields('set-cookie')`
			`@cookie = cookie_val.join`
			`end`

			`if location_val = get_response.get_fields('location')`
			`location = location_val.join`
			`end`
			`else`
			`response.headers.each do \|k, v\|`
			`case k.downcase`
			`when 'set-cookie' then @cookie = v`
			`when 'location' then location = v`
			`end`
			`end`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`end`

			`if location`
			`location = "#{@uri.scheme}://#{@uri.host}#{location}" if location[0] == "/"`
			`@uri = URI(location) rescue nil`
			`@limit -= 1`
			`return resolve`
			`end`

			`nil`
			`end`

			`def validate_uri`
FIX: Use same code path for downloading images 2017-05-23 13:31:20 -04:00			`validate_uri_format && is_dest_valid?`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`end`

			`def validate_uri_format`
			`return false unless @uri`
			`return false unless ['https', 'http'].include?(@uri.scheme)`
SECURITY: Never crawl by IP 2017-05-23 13:07:18 -04:00			`return false if @uri.scheme == 'http' && @uri.port != 80`
			`return false if @uri.scheme == 'https' && @uri.port != 443`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00
SECURITY: Never crawl by IP 2017-05-23 13:07:18 -04:00			`# Disallow IP based crawling`
			`(IPAddr.new(@uri.hostname) rescue nil).nil?`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`end`

FIX: Always allow the host the forum is hosted on 2017-06-12 13:22:29 -04:00			`def hostname_matches?(url)`
			`@uri && url.present? && @uri.hostname == (URI(url) rescue nil)&.hostname`
			`end`
FIX: Always allow downloads from CDN 2017-05-23 16:32:54 -04:00
FIX: Always allow the host the forum is hosted on 2017-06-12 13:22:29 -04:00			`def is_dest_valid?`
FIX: Always allow downloads from CDN 2017-05-23 16:32:54 -04:00
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`return false unless @uri && @uri.host`

FIX: Always allow the host the forum is hosted on 2017-06-12 13:22:29 -04:00			`# Whitelisted hosts`
			`return true if hostname_matches?(SiteSetting.s3_cdn_url) \|\|`
			`hostname_matches?(GlobalSetting.try(:cdn_url)) \|\|`
			`hostname_matches?(Discourse.base_url_no_prefix)`

FEATURE: Whitelist hosts for internal crawling 2017-06-13 12:59:54 -04:00			`if SiteSetting.whitelist_internal_hosts.present?`
			`SiteSetting.whitelist_internal_hosts.split('\|').each do \|h\|`
			`return true if @uri.hostname.downcase == h.downcase`
			`end`
			`end`

Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`address_s = @opts[:lookup_ip].call(@uri.hostname)`
			`return false unless address_s`

			`address = IPAddr.new(address_s)`

Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`if private_ranges.any? { \|r\| r === address }`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`@status = :invalid_address`
			`return false`
			`end`

FEATURE: Rate limit how often we'll crawl a destination IP 2017-05-23 15:03:04 -04:00			`# Rate limit how often this IP can be crawled`
FIX: Don't rate limit gravatar downloads 2017-05-24 13:46:57 -04:00			`unless @opts[:skip_rate_limit]`
			`RateLimiter.new(nil, "crawl-destination-ip:#{address_s}", 100, 1.hour).performed!`
			`end`
FEATURE: Rate limit how often we'll crawl a destination IP 2017-05-23 15:03:04 -04:00
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`true`
FEATURE: Rate limit how often we'll crawl a destination IP 2017-05-23 15:03:04 -04:00			`rescue RateLimiter::LimitExceeded`
			`false`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`end`

extract url escaping to a dedicated class method and improved tests 2017-07-29 12:42:04 -04:00			`def escape_url`
			`URI.escape(CGI.unescapeHTML(@url), Regexp.new("[^#{URI::PATTERN::UNRESERVED}#{URI::PATTERN::RESERVED}#]"))`
			`end`

FEATURE: A site setting to prevent crawling on private IP blocks 2017-05-23 11:51:23 -04:00			`def private_ranges`
			`FinalDestination.standard_private_ranges +`
Add rubocop to our build. (#5004) 2017-07-27 21:20:09 -04:00			`SiteSetting.blacklist_ip_blocks.split('\|').map { \|r\| IPAddr.new(r) rescue nil }.compact`
FEATURE: A site setting to prevent crawling on private IP blocks 2017-05-23 11:51:23 -04:00			`end`

			`def self.standard_private_ranges`
Helper to find the final destination for a URL 2017-05-22 12:23:04 -04:00			`@private_ranges \|\|= [`
			`IPAddr.new('127.0.0.1'),`
			`IPAddr.new('172.16.0.0/12'),`
			`IPAddr.new('192.168.0.0/16'),`
			`IPAddr.new('10.0.0.0/8'),`
			`IPAddr.new('fc00::/7')`
			`]`
			`end`

			`def self.lookup_ip(host)`
			`IPSocket::getaddress(host)`
			`end`

			`end`