2
0
mirror of https://expo.survex.com/repositories/troggle/.git synced 2024-11-21 23:01:52 +00:00

fix _edit access loophole

This commit is contained in:
Philip Sargent 2023-08-25 22:08:04 +03:00
parent f2a76da7e2
commit 93397a774f
2 changed files with 53 additions and 2 deletions

View File

@ -379,10 +379,11 @@ def editexpopage(request, path):
o = open(filepath, "r", encoding="utf8")
html = o.read()
autogeneratedmatch = re.search(
r"\<\!--\s*(.*?(Do not edit|It is auto-generated).*?)\s*--\>", html, re.DOTALL + re.IGNORECASE
r"\<\!--\s*(.*?(Do not edit|It is auto-generated|NOEDIT).*?)\s*--\>", html, re.DOTALL + re.IGNORECASE
)
if autogeneratedmatch:
return HttpResponse(autogeneratedmatch.group(1))
message = "\tThis page is either auto-generated, and so cannot be edited,\n\t\tor it is too complex to allow users to edit it safely. \n\n\t\tA safer means of updating this page is on the programmers' to-do list."
return render(request, "errors/notice.html", {"message": message})
m = re.search(r"(.*)<head([^>]*)>(.*)</head>(.*)<body([^>]*)>(.*)</body>(.*)", html, re.DOTALL + re.IGNORECASE)
if m:
filefound = True

View File

@ -0,0 +1,50 @@
{% extends 'base.html' %}
{% block title %}Troggle Notice - Generic{% endblock %}
{% block content %}
<div class='middle'>
<h2>Troggle Notice</h2>
</div>
<div class='middle3 login'>
<div class='space'></div>
<div class='align-center'>
<h3>Please don't do this.</h3>
<h4>
<font color="red">
{% if message %}
<pre>
{{message}}
</pre>
{% else %}
<p>We are terribly sorry but an unknown fault has occurred. </p>
{% endif %}
</font>
</h4>
<div class='space'><p>&nbsp;</div>
<h3>What you should do now</h3>
<p>If you think this is a mistake, please report the error by emailing the nerds at
<a href="mailto:expo-tech@lists.wookware.org">expo-tech@lists.wookware.org</a> with this information:
<ol>
<li>The message written in <font color="red">red</font> above.
<li>The previous page URL: <font color="red">
<script type="text/javascript">
document.write(document.referrer);
</script></font>
<li>Go back to this previous page <script type="text/javascript">
document.write("<a href='",document.referrer,"'>",document.referrer,"</a>");
</script>
and see if you can tell whether the bad page reference was in HTML text which had been written manually, or whether it appeared to be a programming error.
</ol>
</div>
</div>
</div>
{% endblock %}