core: Move default bridges to whitelist.default.txt

Default bridges are currently statically defined in index.php, which
is not the right place if we want to keep responsibilities separated.

This commit introduces a new file whitelist.default.txt that holds
the default bridges and which is loaded automatically, if whitelist.txt
doesn't exist.

Due to this it is also no longer necessary to have write permission
for the root directory.

References #1001
This commit is contained in:
logmanoriginal 2019-06-06 20:53:44 +02:00
parent b0a780acda
commit d4e867f240
5 changed files with 32 additions and 34 deletions

View file

@ -29,27 +29,8 @@ define('USER_AGENT',
ini_set('user_agent', USER_AGENT); ini_set('user_agent', USER_AGENT);
// default whitelist
$whitelist_default = array(
'BandcampBridge',
'CryptomeBridge',
'DansTonChatBridge',
'DuckDuckGoBridge',
'FacebookBridge',
'FlickrBridge',
'GoogleSearchBridge',
'IdenticaBridge',
'InstagramBridge',
'OpenClassroomsBridge',
'PinterestBridge',
'ScmbBridge',
'TwitterBridge',
'WikipediaBridge',
'YoutubeBridge');
try { try {
Bridge::setWhitelist($whitelist_default);
$actionFac = new \ActionFactory(); $actionFac = new \ActionFactory();
$actionFac->setWorkingDir(PATH_LIB_ACTIONS); $actionFac->setWorkingDir(PATH_LIB_ACTIONS);

View file

@ -192,7 +192,8 @@ class Bridge {
/** /**
* Returns the whitelist. * Returns the whitelist.
* *
* On first call this function reads the whitelist from {@see WHITELIST}. * On first call this function reads the whitelist from {@see WHITELIST} if
* the file exists, {@see WHITELIST_DEFAULT} otherwise.
* * Each line in the file specifies one bridge on the whitelist. * * Each line in the file specifies one bridge on the whitelist.
* * An empty file disables all bridges. * * An empty file disables all bridges.
* * If the file only only contains `*`, all bridges are whitelisted. * * If the file only only contains `*`, all bridges are whitelisted.
@ -210,19 +211,21 @@ class Bridge {
if($firstCall) { if($firstCall) {
// Create initial whitelist or load from disk if(file_exists(WHITELIST)) {
if (!file_exists(WHITELIST) && !empty(self::$whitelist)) {
file_put_contents(WHITELIST, implode("\n", self::$whitelist));
} elseif(file_exists(WHITELIST)) {
$contents = trim(file_get_contents(WHITELIST)); $contents = trim(file_get_contents(WHITELIST));
} elseif(file_exists(WHITELIST_DEFAULT)) {
$contents = trim(file_get_contents(WHITELIST_DEFAULT));
} else {
$contents = '';
}
if($contents === '*') { // Whitelist all bridges if($contents === '*') { // Whitelist all bridges
self::$whitelist = self::getBridgeNames(); self::$whitelist = self::getBridgeNames();
} else { } else {
self::$whitelist = array_map('self::sanitizeBridgeName', explode("\n", $contents)); //self::$whitelist = array_map('self::sanitizeBridgeName', explode("\n", $contents));
foreach(explode("\n", $contents) as $bridgeName) {
self::$whitelist[] = self::sanitizeBridgeName($bridgeName);
} }
} }
} }

View file

@ -106,10 +106,6 @@ final class Configuration {
if(!is_writable(PATH_CACHE)) if(!is_writable(PATH_CACHE))
die('RSS-Bridge does not have write permissions for ' . PATH_CACHE . '!'); die('RSS-Bridge does not have write permissions for ' . PATH_CACHE . '!');
// Check whitelist file permissions
if(!file_exists(WHITELIST) && !is_writable(dirname(WHITELIST)))
die('RSS-Bridge does not have write permissions for ' . WHITELIST . '!');
} }
/** /**

View file

@ -38,6 +38,9 @@ define('PATH_CACHE', __DIR__ . '/../cache/');
/** Path to the whitelist file */ /** Path to the whitelist file */
define('WHITELIST', __DIR__ . '/../whitelist.txt'); define('WHITELIST', __DIR__ . '/../whitelist.txt');
/** Path to the default whitelist file */
define('WHITELIST_DEFAULT', __DIR__ . '/../whitelist.default.txt');
/** URL to the RSS-Bridge repository */ /** URL to the RSS-Bridge repository */
define('REPOSITORY', 'https://github.com/RSS-Bridge/rss-bridge/'); define('REPOSITORY', 'https://github.com/RSS-Bridge/rss-bridge/');

15
whitelist.default.txt Normal file
View file

@ -0,0 +1,15 @@
Bandcamp
Cryptome
DansTonChat
DuckDuckGo
Facebook
Flickr
GoogleSearch
Identica
Instagram
OpenClassrooms
Pinterest
Scmb
Twitter
Wikipedia
Youtube