diff --git a/files/routes/comments.py b/files/routes/comments.py index 7300bd06b2..c924cda832 100644 --- a/files/routes/comments.py +++ b/files/routes/comments.py @@ -59,9 +59,16 @@ def pusher_thread(interests, c, username): @app.get("/post///") @app.get("/h//comment/") @app.get("/h//post///") +@app.get("/logged_out/comment/") +@app.get("/logged_out/post///") +@app.get("/logged_out/h//comment/") +@app.get("/logged_out/h//post///") @auth_desired def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None): + if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}") + if v and request.path.startswith('/logged_out'): v = None + try: cid = int(cid) except: abort(404) diff --git a/files/routes/front.py b/files/routes/front.py index 78ef218f56..3730959419 100644 --- a/files/routes/front.py +++ b/files/routes/front.py @@ -161,9 +161,17 @@ def notifications(v): @app.get("/catalog") @app.get("/h/") @app.get("/s/") +@app.get("/logged_out") +@app.get("/logged_out/catalog") +@app.get("/logged_out/h/") +@app.get("/logged_out/s/") @limiter.limit("3/second;30/minute;5000/hour;10000/day") @auth_desired def front_all(v, sub=None, subdomain=None): + + if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}") + if v and request.path.startswith('/logged_out'): v = None + if sub: sub = g.db.query(Sub).filter_by(name=sub.strip().lower()).one_or_none() if (request.path.startswith('/h/') or request.path.startswith('/s/')) and not sub: abort(404) diff --git a/files/routes/posts.py b/files/routes/posts.py index 20ff591076..778224b903 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -114,9 +114,16 @@ def submit_get(v, sub=None): @app.get("/post//") @app.get("/h//post/") @app.get("/h//post//") +@app.get("/logged_out/post/") +@app.get("/logged_out/post//") +@app.get("/logged_out/h//post/") +@app.get("/logged_out/h//post//") @auth_desired def post_id(pid, anything=None, v=None, sub=None): + if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}") + if v and request.path.startswith('/logged_out'): v = None + try: pid = int(pid) except Exception as e: pass diff --git a/files/routes/static.py b/files/routes/static.py index c1e2ec155b..c7cedb4b16 100644 --- a/files/routes/static.py +++ b/files/routes/static.py @@ -16,24 +16,6 @@ def rdrama(id, title): id = ''.join(f'{x}/' for x in id) return redirect(f'/archives/drama/comments/{id}{title}.html') -@app.get('/logged_out/') -@app.get('/logged_out/') -def logged_out(old = ""): - # Remove trailing question mark from request.full_path which flask adds if there are no query parameters - redirect_url = request.full_path.replace("/logged_out", "", 1) - if redirect_url.endswith("?"): - redirect_url = redirect_url[:-1] - - # Handle cases like /logged_out?asdf by adding a slash to the beginning - if not redirect_url.startswith('/'): - redirect_url = f"/{redirect_url}" - - # Prevent redirect loop caused by visiting /logged_out/logged_out/logged_out/etc... - if redirect_url.startswith('/logged_out'): - abort(400) - - return redirect(redirect_url) - @app.get("/marseys") @auth_required @@ -75,8 +57,13 @@ def marsey_list(): @app.get('/rules') @app.get('/sidebar') +@app.get('/logged_out/rules') +@app.get('/logged_out/sidebar') @auth_desired def sidebar(v): + if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}") + if v and request.path.startswith('/logged_out'): v = None + return render_template('sidebar.html', v=v) diff --git a/files/routes/users.py b/files/routes/users.py index f96f028ef7..eeb28936d7 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -862,9 +862,12 @@ def visitors(v): @app.get("/@") +@app.get("/logged_out/@") @auth_desired def u_username(username, v=None): + if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}") + if v and request.path.startswith('/logged_out'): v = None u = get_user(username, v=v) @@ -948,9 +951,13 @@ def u_username(username, v=None): @app.get("/@/comments") +@app.get("/logged_out/@/comments") @auth_desired def u_username_comments(username, v=None): + if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}") + if v and request.path.startswith('/logged_out'): v = None + user = get_user(username, v=v) if username != user.username: return redirect(f'/@{user.username}/comments') @@ -1134,9 +1141,15 @@ def remove_follow(username, v): @app.get("/pp/") @app.get("/uid//pic") @app.get("/uid//pic/profile") +@app.get("/logged_out/pp/") +@app.get("/logged_out/uid//pic") +@app.get("/logged_out/uid//pic/profile") @limiter.exempt @auth_desired def user_profile_uid(v, id): + if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}") + if v and request.path.startswith('/logged_out'): v = None + try: id = int(id) except: try: id = int(id, 36) diff --git a/files/templates/sign_up.html b/files/templates/sign_up.html index f6d808bcb7..7871ee9d38 100644 --- a/files/templates/sign_up.html +++ b/files/templates/sign_up.html @@ -111,7 +111,7 @@ required="">
- +
{% if hcaptcha %}