encrypt original path in download links and move apikey to parameters

2025-01-02 13:16:16 +00:00 · 2017-08-11 15:14:40 +02:00 · 2017-08-11 15:14:40 +02:00 · 289c5cd24f
commit 289c5cd24f
parent 84a45737d3
4 changed files with 21 additions and 11 deletions
--- a/src/Jackett/Controllers/BlackholeController.cs
+++ b/src/Jackett/Controllers/BlackholeController.cs
@ -23,16 +23,18 @@ namespace Jackett.Controllers
        private Logger logger;
        private IIndexerManagerService indexerService;
        IServerService serverService;
+        IProtectionService protectionService;

-        public BlackholeController(IIndexerManagerService i, Logger l, IServerService s)
+        public BlackholeController(IIndexerManagerService i, Logger l, IServerService s, IProtectionService ps)
        {
            logger = l;
            indexerService = i;
            serverService = s;
+            protectionService = ps;
        }

        [HttpGet]
-        public async Task<IHttpActionResult> Blackhole(string indexerID, string path, string apikey, string file)
+        public async Task<IHttpActionResult> Blackhole(string indexerID, string path, string jackett_apikey, string file)
        {

            var jsonReply = new JObject();
@ -45,10 +47,12 @@ namespace Jackett.Controllers
                    throw new Exception("This indexer is not configured.");
                }

-                if (serverService.Config.APIKey != apikey)
+                if (serverService.Config.APIKey != jackett_apikey)
                    throw new Exception("Incorrect API key");

-                var remoteFile = new Uri(Encoding.UTF8.GetString(HttpServerUtility.UrlTokenDecode(path)), UriKind.RelativeOrAbsolute);
+                path = Encoding.UTF8.GetString(HttpServerUtility.UrlTokenDecode(path));
+                path = protectionService.UnProtect(path);
+                var remoteFile = new Uri(path, UriKind.RelativeOrAbsolute);
                var downloadBytes = await indexer.Download(remoteFile);

                if (string.IsNullOrWhiteSpace(Engine.Server.Config.BlackholeDir))
--- a/src/Jackett/Controllers/DownloadController.cs
+++ b/src/Jackett/Controllers/DownloadController.cs
@ -22,16 +22,18 @@ namespace Jackett.Controllers
        Logger logger;
        IIndexerManagerService indexerService;
        IServerService serverService;
+        IProtectionService protectionService;

-        public DownloadController(IIndexerManagerService i, Logger l, IServerService s)
+        public DownloadController(IIndexerManagerService i, Logger l, IServerService s, IProtectionService ps)
        {
            logger = l;
            indexerService = i;
            serverService = s;
+            protectionService = ps;
        }

        [HttpGet]
-        public async Task<HttpResponseMessage> Download(string indexerID, string path, string apikey, string file)
+        public async Task<HttpResponseMessage> Download(string indexerID, string path, string jackett_apikey, string file)
        {
            try
            {
@ -44,8 +46,9 @@ namespace Jackett.Controllers
                }

                path = Encoding.UTF8.GetString(HttpServerUtility.UrlTokenDecode(path));
+                path = protectionService.UnProtect(path);

-                if (serverService.Config.APIKey != apikey)
+                if (serverService.Config.APIKey != jackett_apikey)
                    return new HttpResponseMessage(HttpStatusCode.Unauthorized);

                var target = new Uri(path, UriKind.RelativeOrAbsolute);
--- a/src/Jackett/Services/ServerService.cs
+++ b/src/Jackett/Services/ServerService.cs
@ -46,6 +46,7 @@ namespace Jackett.Services
        private IWebClient client;
        private IUpdateService updater;
        private List<string> _notices = new List<string>();
+        IProtectionService protectionService;

        public ServerService(IIndexerManagerService i, IProcessService p, ISerializeService s, IConfigurationService c, Logger l, IWebClient w, IUpdateService u, IProtectionService protectionService)
        {
@ -56,6 +57,7 @@ namespace Jackett.Services
            logger = l;
            client = w;
            updater = u;
+            this.protectionService = protectionService;

            LoadConfig();
            // "TEMPORARY" HACK
@ -80,9 +82,10 @@ namespace Jackett.Services
            if (link == null || (link.IsAbsoluteUri && link.Scheme == "magnet"))
                return link;

-            var encodedLink = HttpServerUtility.UrlTokenEncode(Encoding.UTF8.GetBytes(link.ToString()));
+            var encryptedLink = protectionService.Protect(link.ToString());
+            var encodedLink = HttpServerUtility.UrlTokenEncode(Encoding.UTF8.GetBytes(encryptedLink));
            string urlEncodedFile = WebUtility.UrlEncode(file);
-            var proxyLink = string.Format("{0}{1}/{2}/{3}?path={4}&file={5}", serverUrl, action, indexerId, config.APIKey, encodedLink, urlEncodedFile);
+            var proxyLink = string.Format("{0}{1}/{2}/?jackett_apikey={3}&path={4}&file={5}", serverUrl, action, indexerId, config.APIKey, encodedLink, urlEncodedFile);
            return new Uri(proxyLink);
        }

--- a/src/Jackett/Startup.cs
+++ b/src/Jackett/Startup.cs
@ -210,13 +210,13 @@ namespace Jackett

            config.Routes.MapHttpRoute(
                name: "download",
-                routeTemplate: "dl/{indexerID}/{apiKey}",
+                routeTemplate: "dl/{indexerID}",
                defaults: new { controller = "Download", action = "Download" }
            );

            config.Routes.MapHttpRoute(
              name: "blackhole",
-              routeTemplate: "bh/{indexerID}/{apikey}",
+              routeTemplate: "bh/{indexerID}",
              defaults: new { controller = "Blackhole", action = "Blackhole" }
            );