Add blacklist file to reject some IPFS files

VanVan · VanVan · commit 4273b5463a3f · 2023-06-22T23:54:42.000+02:00
diff --git a/www/blacklist.txt b/www/blacklist.txt
@@ -0,0 +1 @@
+QmYkAyjWg7PzgM8kmTadBSu58ab75vHNT39bivHUiBEzdE
diff --git a/www/src/config.inc.php b/www/src/config.inc.php
@@ -31,6 +31,7 @@
 const REDIRECT_TEMPLATE = '/redirect.template.html';
 const NOTFOUND_TEMPLATE = '/notfound.template.html';
 const PROXY_LIST_FILE = 'gateway.txt';
+const BLACKLIST_LIST_FILE = 'blacklist.txt';
 const CHECK_HOST_TIMEOUT = 3;
 const IPFS_CHECK_HOST_URI = 'QmYwAPJzv5CZsnA625s3Xf2nemtYgPpHdWEz79ojWnPbdG/readme';
 const IPFS_CHECK_HOST_VERIFY_STRING = 'Welcome to IPFS';
diff --git a/www/src/ipfsProxyHTTP.class.php b/www/src/ipfsProxyHTTP.class.php
@@ -88,6 +88,9 @@ public static function loadInstance($uri) {
      */
     public function dispatch() {
         if ($this->uri) {
+            if ($this->isBlacklisted($this->uri))
+                return self::notFound();
+
             foreach(IPFS_STRING_PREFIX as $prefix)
                 if (strtolower(substr($this->uri,  0, strlen($prefix))) == $prefix) {
                     $this->ipfs_uri = substr($this->uri, strlen($prefix) + 1);
@@ -353,4 +356,27 @@ public function setSSLverifyPeer($bool) {
 	    
 	    return $this;
     }
+
+    /**
+     * Check if URL is blacklisted
+     *
+     * @param $url URL to check
+     * @return bool
+     */
+    public function isBlacklisted($url) {
+        if (!file_exists(BLACKLIST_LIST_FILE))
+            return false;
+
+        if (!is_readable(BLACKLIST_LIST_FILE))
+            self::error('Blacklist file is not readable');
+
+        $blacklists = file(BLACKLIST_LIST_FILE,  FILE_IGNORE_NEW_LINES );
+
+        foreach ($blacklists as $b)
+            if (stripos($url, $b) !== FALSE)
+                return true;
+
+
+        return false;
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+QmYkAyjWg7PzgM8kmTadBSu58ab75vHNT39bivHUiBEzdE`