https 对 wr 的处理

zhima1234 · zhima1234 · commit a30ae40e4a92 · 2017-08-28T14:31:58.000+08:00
diff --git a/src/http/controller/account.go b/src/http/controller/account.go
@@ -121,7 +121,7 @@ func (self AccountController) Register(ctx echo.Context) error {
 				</div>`),
 		}
 
-		isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"))
+		isHttps := CheckIsHttps(ctx)
 		// 需要检验邮箱的正确性
 		go logic.DefaultEmail.SendActivateMail(email, uuid, isHttps)
 
@@ -137,7 +137,7 @@ func (self AccountController) Register(ctx echo.Context) error {
 
 // SendActivateEmail 发送注册激活邮件
 func (self AccountController) SendActivateEmail(ctx echo.Context) error {
-	isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"))
+	isHttps := CheckIsHttps(ctx)
 
 	uuid := ctx.FormValue("uuid")
 	if uuid != "" {
@@ -271,7 +271,7 @@ func (self AccountController) Edit(ctx echo.Context) error {
 
 	email := ctx.FormValue("email")
 	if me.Email != email {
-		isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"))
+		isHttps := CheckIsHttps(ctx)
 		go logic.DefaultEmail.SendActivateMail(email, RegActivateCode.GenUUID(email), isHttps)
 	}
 
@@ -345,7 +345,7 @@ func (AccountController) ForgetPasswd(ctx echo.Context) error {
 			emailUrl = "http://mail." + email[pos+1:]
 		}
 
-		isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"))
+		isHttps := CheckIsHttps(ctx)
 		data["success"] = template.HTML(`一封包含了重设密码链接的邮件已经发送到您的注册邮箱，按照邮件中的提示，即可重设您的密码。<a href="` + emailUrl + `" target="_blank">立即前往邮箱</a>`)
 		go logic.DefaultEmail.SendResetpwdMail(email, uuid, isHttps)
 	} else {
diff --git a/src/http/controller/app/user.go b/src/http/controller/app/user.go
@@ -11,7 +11,6 @@ import (
 	"model"
 
 	"github.com/labstack/echo"
-	"github.com/polaris1119/goutils"
 
 	. "http"
 	. "http/internal/helper"
@@ -91,7 +90,7 @@ func (UserController) Modify(ctx echo.Context) error {
 
 	email := ctx.FormValue("email")
 	if me.Email != email {
-		isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"))
+		isHttps := checkIsHttps(ctx)
 		go logic.DefaultEmail.SendActivateMail(email, RegActivateCode.GenUUID(email), isHttps)
 	}
 
diff --git a/src/http/controller/comment.go b/src/http/controller/comment.go
@@ -13,6 +13,8 @@ import (
 	"net/http"
 	"strconv"
 
+	. "http"
+
 	"github.com/labstack/echo"
 	"github.com/polaris1119/goutils"
 	"github.com/polaris1119/slices"
@@ -29,7 +31,7 @@ func (self CommentController) RegisterRoute(g *echo.Group) {
 // AtUsers 评论或回复 @ 某人 suggest
 func (CommentController) AtUsers(ctx echo.Context) error {
 	term := ctx.QueryParam("term")
-	isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"), false)
+	isHttps := CheckIsHttps(ctx)
 	users := logic.DefaultUser.GetUserMentions(term, 10, isHttps)
 	return ctx.JSON(http.StatusOK, users)
 }
diff --git a/src/http/controller/image.go b/src/http/controller/image.go
@@ -67,7 +67,7 @@ func (self ImageController) QuickUpload(ctx echo.Context) error {
 	}
 
 	cdnDomain := global.App.CDNHttp
-	if goutils.MustBool(ctx.Request().Header().Get("X-Https")) {
+	if CheckIsHttps(ctx) {
 		cdnDomain = global.App.CDNHttps
 	}
 
@@ -128,7 +128,7 @@ func (ImageController) Upload(ctx echo.Context) error {
 	}
 
 	cdnDomain := global.App.CDNHttp
-	if goutils.MustBool(ctx.Request().Header().Get("X-Https")) {
+	if CheckIsHttps(ctx) {
 		cdnDomain = global.App.CDNHttps
 	}
 	if !strings.HasSuffix(cdnDomain, "/") {
@@ -157,7 +157,7 @@ func (ImageController) Transfer(ctx echo.Context) error {
 	}
 
 	cdnDomain := global.App.CDNHttp
-	if goutils.MustBool(ctx.Request().Header().Get("X-Https")) {
+	if CheckIsHttps(ctx) {
 		cdnDomain = global.App.CDNHttps
 	}
 	if !strings.HasSuffix(cdnDomain, "/") {
diff --git a/src/http/controller/index.go b/src/http/controller/index.go
@@ -108,41 +108,53 @@ func (IndexController) WrapUrl(ctx echo.Context) error {
 		return ctx.Redirect(http.StatusSeeOther, "/")
 	}
 
-	if pUrl, err := url.Parse(tUrl); err != nil {
+	// 本站
+	if strings.Contains(tUrl, logic.WebsiteSetting.Domain) {
 		return ctx.Redirect(http.StatusSeeOther, tUrl)
+	}
+
+	if strings.Contains(tUrl, "?") {
+		tUrl += "&"
 	} else {
-		if !pUrl.IsAbs() {
-			return ctx.Redirect(http.StatusSeeOther, tUrl)
-		}
+		tUrl += "?"
+	}
+	tUrl += "hmsr=studygolang.com&utm_medium=studygolang.com&utm_source=studygolang.com"
+
+	if CheckIsHttps(ctx) {
+		return ctx.Redirect(http.StatusSeeOther, tUrl)
+	}
 
-		// 本站
-		if strings.Contains(pUrl.Host, logic.WebsiteSetting.Domain) {
+	var (
+		pUrl *url.URL
+		err  error
+	)
+
+	if pUrl, err = url.Parse(tUrl); err != nil {
+		return ctx.Redirect(http.StatusSeeOther, tUrl)
+	}
+
+	iframeDeny := config.ConfigFile.MustValue("crawl", "iframe_deny")
+	// 检测是否禁止了 iframe 加载
+	// 看是否在黑名单中
+	for _, denyHost := range strings.Split(iframeDeny, ",") {
+		if strings.Contains(pUrl.Host, denyHost) {
 			return ctx.Redirect(http.StatusSeeOther, tUrl)
 		}
+	}
 
-		iframeDeny := config.ConfigFile.MustValue("crawl", "iframe_deny")
-		// 检测是否禁止了 iframe 加载
-		// 看是否在黑名单中
-		for _, denyHost := range strings.Split(iframeDeny, ",") {
-			if strings.Contains(pUrl.Host, denyHost) {
-				return ctx.Redirect(http.StatusSeeOther, tUrl)
-			}
+	// 检测会比较慢，进行异步检测，记录下来，以后分析再加黑名单
+	go func() {
+		resp, err := http.Head(tUrl)
+		if err != nil {
+			logger.Errorln("[iframe] head url:", tUrl, "error:", err)
+			return
 		}
-
-		// 检测会比较慢，进行异步检测，记录下来，以后分析再加黑名单
-		go func() {
-			resp, err := http.Head(tUrl)
-			if err != nil {
-				logger.Errorln("[iframe] head url:", tUrl, "error:", err)
-				return
-			}
-			defer resp.Body.Close()
-			if resp.Header.Get("X-Frame-Options") != "" {
-				logger.Errorln("[iframe] deny:", tUrl)
-				return
-			}
-		}()
-	}
+		defer resp.Body.Close()
+		if resp.Header.Get("X-Frame-Options") != "" {
+			logger.Errorln("[iframe] deny:", tUrl)
+			return
+		}
+	}()
 
 	return render(ctx, "wr.html", map[string]interface{}{"url": tUrl})
 }
diff --git a/src/http/http.go b/src/http/http.go
@@ -305,11 +305,7 @@ func executeTpl(ctx echo.Context, tpl *template.Template, data map[string]interf
 	global.App.SetUptime()
 	global.App.SetCopyright()
 
-	isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"))
-	if logic.WebsiteSetting.OnlyHttps {
-		isHttps = true
-	}
-
+	isHttps := CheckIsHttps(ctx)
 	cdnDomain := global.App.CDNHttp
 	if isHttps {
 		cdnDomain = global.App.CDNHttps
@@ -335,6 +331,15 @@ func executeTpl(ctx echo.Context, tpl *template.Template, data map[string]interf
 	return ctx.HTML(http.StatusOK, buf.String())
 }
 
+func CheckIsHttps(ctx echo.Context) bool {
+	isHttps := goutils.MustBool(ctx.Request().Header().Get("X-Https"))
+	if logic.WebsiteSetting.OnlyHttps {
+		isHttps = true
+	}
+
+	return isHttps
+}
+
 ///////////////////////////////// APP 相关 //////////////////////////////
 
 const (

Original file line number	Diff line number	Diff line change
`@@ -67,7 +67,7 @@ func (self ImageController) QuickUpload(ctx echo.Context) error {`
`67`	`67`	`}`
`68`	`68`
`69`	`69`	`cdnDomain := global.App.CDNHttp`
`70`		`- if goutils.MustBool(ctx.Request().Header().Get("X-Https")) {`
	`70`	`+ if CheckIsHttps(ctx) {`
`71`	`71`	`cdnDomain = global.App.CDNHttps`
`72`	`72`	`}`
`73`	`73`
`@@ -128,7 +128,7 @@ func (ImageController) Upload(ctx echo.Context) error {`
`128`	`128`	`}`
`129`	`129`
`130`	`130`	`cdnDomain := global.App.CDNHttp`
`131`		`- if goutils.MustBool(ctx.Request().Header().Get("X-Https")) {`
	`131`	`+ if CheckIsHttps(ctx) {`
`132`	`132`	`cdnDomain = global.App.CDNHttps`
`133`	`133`	`}`
`134`	`134`	`if !strings.HasSuffix(cdnDomain, "/") {`
`@@ -157,7 +157,7 @@ func (ImageController) Transfer(ctx echo.Context) error {`
`157`	`157`	`}`
`158`	`158`
`159`	`159`	`cdnDomain := global.App.CDNHttp`
`160`		`- if goutils.MustBool(ctx.Request().Header().Get("X-Https")) {`
	`160`	`+ if CheckIsHttps(ctx) {`
`161`	`161`	`cdnDomain = global.App.CDNHttps`
`162`	`162`	`}`
`163`	`163`	`if !strings.HasSuffix(cdnDomain, "/") {`