diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/api/icons.rs | 2 | ||||
-rw-r--r-- | src/config.rs | 19 | ||||
-rw-r--r-- | src/error.rs | 2 | ||||
-rw-r--r-- | src/http_client.rs | 31 |
4 files changed, 26 insertions, 28 deletions
diff --git a/src/api/icons.rs b/src/api/icons.rs index f8fe059b..83f3e9e9 100644 --- a/src/api/icons.rs +++ b/src/api/icons.rs @@ -181,7 +181,7 @@ async fn get_icon(domain: &str) -> Option<(Vec<u8>, String)> { Some((icon.to_vec(), icon_type.unwrap_or("x-icon").to_string())) } Err(e) => { - // If this error comes from the custom resolver, this means this is a blacklisted domain + // If this error comes from the custom resolver, this means this is a blocked domain // or non global IP, don't save the miss file in this case to avoid leaking it if let Some(error) = CustomHttpClientError::downcast_ref(&e) { warn!("{error}"); diff --git a/src/config.rs b/src/config.rs index 7ce2a255..40071abf 100644 --- a/src/config.rs +++ b/src/config.rs @@ -148,9 +148,8 @@ macro_rules! make_config { // Copy the values from the deprecated flags to the new ones - if config.http_request_blacklist_regex.is_none() { - config.http_request_blacklist_non_global_ips = config.icon_blacklist_non_global_ips; - config.http_request_blacklist_regex = config.icon_blacklist_regex.clone(); + if config.http_request_block_regex.is_none() { + config.http_request_block_regex = config.icon_blacklist_regex.clone(); } config @@ -544,12 +543,12 @@ make_config! { /// [Deprecated] Icon blacklist non global IPs |> Use `http_request_blacklist_non_global_ips` instead icon_blacklist_non_global_ips: bool, false, def, true; - /// HTTP blacklist Regex |> Any domains or IPs that match this regex won't be fetched by the internal HTTP client. + /// Block HTTP domains/IPs by Regex |> Any domains or IPs that match this regex won't be fetched by the internal HTTP client. /// Useful to hide other servers in the local network. Check the WIKI for more details - http_request_blacklist_regex: String, true, option; - /// Blacklist non global IPs |> Enabling this will cause the internal HTTP client to refuse to connect to any non global IP address. + http_request_block_regex: String, true, option; + /// Block non global IPs |> Enabling this will cause the internal HTTP client to refuse to connect to any non global IP address. /// Useful to secure your internal environment: See https://en.wikipedia.org/wiki/Reserved_IP_addresses for a list of IPs which it will block - http_request_blacklist_non_global_ips: bool, true, def, true; + http_request_block_non_global_ips: bool, true, auto, |c| c.icon_blacklist_non_global_ips; /// Disable Two-Factor remember |> Enabling this would force the users to use a second factor to login every time. /// Note that the checkbox would still be present, but ignored. @@ -912,12 +911,12 @@ fn validate_config(cfg: &ConfigItems) -> Result<(), Error> { err!("To use email 2FA as automatic fallback, email 2fa has to be enabled!"); } - // Check if the icon blacklist regex is valid - if let Some(ref r) = cfg.http_request_blacklist_regex { + // Check if the HTTP request block regex is valid + if let Some(ref r) = cfg.http_request_block_regex { let validate_regex = regex::Regex::new(r); match validate_regex { Ok(_) => (), - Err(e) => err!(format!("`HTTP_REQUEST_BLACKLIST_REGEX` is invalid: {e:#?}")), + Err(e) => err!(format!("`HTTP_REQUEST_BLOCK_REGEX` is invalid: {e:#?}")), } } diff --git a/src/error.rs b/src/error.rs index 51d60982..b2872775 100644 --- a/src/error.rs +++ b/src/error.rs @@ -70,7 +70,7 @@ make_error! { // Used to represent err! calls Simple(String): _no_source, _api_error, - // Used in our custom http client to handle non-global IPs and blacklisted domains + // Used in our custom http client to handle non-global IPs and blocked domains CustomHttpClient(CustomHttpClientError): _has_source, _api_error, // Used for special return values, like 2FA errors diff --git a/src/http_client.rs b/src/http_client.rs index 46f28d77..b4b8012e 100644 --- a/src/http_client.rs +++ b/src/http_client.rs @@ -66,37 +66,36 @@ pub fn should_block_address(domain_or_ip: &str) -> bool { } } - should_block_address_blacklist(domain_or_ip) + should_block_address_regex(domain_or_ip) } fn should_block_ip(ip: IpAddr) -> bool { - if !CONFIG.http_request_blacklist_non_global_ips() { + if !CONFIG.http_request_block_non_global_ips() { return false; } !is_global(ip) } -fn should_block_address_blacklist(domain_or_ip: &str) -> bool { - let Some(config_blacklist) = CONFIG.http_request_blacklist_regex() else { +fn should_block_address_regex(domain_or_ip: &str) -> bool { + let Some(block_regex) = CONFIG.http_request_block_regex() else { return false; }; - // Compiled domain blacklist - static COMPILED_BLACKLIST: Mutex<Option<(String, Regex)>> = Mutex::new(None); - let mut guard = COMPILED_BLACKLIST.lock().unwrap(); + static COMPILED_REGEX: Mutex<Option<(String, Regex)>> = Mutex::new(None); + let mut guard = COMPILED_REGEX.lock().unwrap(); // If the stored regex is up to date, use it if let Some((value, regex)) = &*guard { - if value == &config_blacklist { + if value == &block_regex { return regex.is_match(domain_or_ip); } } // If we don't have a regex stored, or it's not up to date, recreate it - let regex = Regex::new(&config_blacklist).unwrap(); + let regex = Regex::new(&block_regex).unwrap(); let is_match = regex.is_match(domain_or_ip); - *guard = Some((config_blacklist, regex)); + *guard = Some((block_regex, regex)); is_match } @@ -117,8 +116,8 @@ fn should_block_host(host: Host<&str>) -> Result<(), CustomHttpClientError> { } } - if should_block_address_blacklist(&host_str) { - return Err(CustomHttpClientError::Blacklist { + if should_block_address_regex(&host_str) { + return Err(CustomHttpClientError::Blocked { domain: host_str, }); } @@ -128,7 +127,7 @@ fn should_block_host(host: Host<&str>) -> Result<(), CustomHttpClientError> { #[derive(Debug, Clone)] pub enum CustomHttpClientError { - Blacklist { + Blocked { domain: String, }, NonGlobalIp { @@ -154,9 +153,9 @@ impl CustomHttpClientError { impl fmt::Display for CustomHttpClientError { fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { match self { - Self::Blacklist { + Self::Blocked { domain, - } => write!(f, "Blacklisted domain: {domain} matched HTTP_REQUEST_BLACKLIST_REGEX"), + } => write!(f, "Blocked domain: {domain} matched HTTP_REQUEST_BLOCK_REGEX"), Self::NonGlobalIp { domain: Some(domain), ip, @@ -216,7 +215,7 @@ impl CustomDnsResolver { fn pre_resolve(name: &str) -> Result<(), CustomHttpClientError> { if should_block_address(name) { - return Err(CustomHttpClientError::Blacklist { + return Err(CustomHttpClientError::Blocked { domain: name.to_string(), }); } |