webmention.pl 7.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228
  1. # Copyright (C) 2004 Brock Wilcox <awwaiid@thelackthereof.org>
  2. # Copyright (C) 2019 Alex Schroeder <alex@gnu.org>
  3. #
  4. # This program is free software; you can redistribute it and/or modify
  5. # it under the terms of the GNU General Public License as published by
  6. # the Free Software Foundation; either version 3 of the License, or
  7. # (at your option) any later version.
  8. #
  9. # This program is distributed in the hope that it will be useful,
  10. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  11. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  12. # GNU General Public License for more details.
  13. #
  14. # You should have received a copy of the GNU General Public License
  15. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  16. use strict;
  17. use v5.10;
  18. use LWP::UserAgent;
  19. use Modern::Perl;
  20. use XML::LibXML;
  21. AddModuleDescription('webmention.pl', 'Webmention Server Extension');
  22. # Specification: https://www.w3.org/TR/webmention/
  23. our ($CommentsPrefix, $q, $HtmlHeaders, %Action, $QuestionaskerSecretKey,
  24. @MyInitVariables, %IndexHash, $BannedContent, $UsePathInfo, $HomePage,
  25. $Message, @MyAdminCode, $FullUrlPattern);
  26. push(@MyInitVariables, \&WebmentionServerAddLink, \&WebmentionAddAction);
  27. # Add webmentions metadata to our pages
  28. sub WebmentionServerAddLink {
  29. $Message .= T('Webmention module requires $CommentsPrefix to be set') unless $CommentsPrefix;
  30. # only allow linking to reasonable pages: no URL parameters!
  31. my @params = $q->param;
  32. return unless GetParam('action', 'browse') eq 'browse';
  33. return if GetParam('revision');
  34. my $id = GetId() || $HomePage;
  35. return if $id =~ /^$CommentsPrefix/;
  36. my $link = '<link rel="webmention" type="application/wiki" href="'
  37. . ScriptUrl('webmention/' . UrlEncode($id)) . '" />';
  38. $HtmlHeaders .= $link unless $HtmlHeaders =~ /rel="webmention"/;
  39. }
  40. sub WebmentionAddAction {
  41. SetParam('action', 'webmention') if $q->path_info =~ m|/webmention\b|;
  42. }
  43. # Process incoming webmentions
  44. $Action{webmention} = \&DoWebmentionServer;
  45. sub DoWebmentionServer {
  46. my $id = FreeToNormal(shift);
  47. # some sanity checks for the request
  48. if ($q->request_method() ne 'POST') {
  49. ReportError(T('Webmention requires a POST request'), '400 BAD REQUEST');
  50. }
  51. if ($q->content_type() ne 'application/x-www-form-urlencoded') {
  52. ReportError(T('Webmention requires x-www-form-urlencoded requests'), '400 BAD REQUEST');
  53. }
  54. # some sanity checks for the target page name
  55. if (not $id) {
  56. ReportError(T('Webmention must mention a specific page'), '400 BAD REQUEST');
  57. }
  58. my $error = ValidId($id);
  59. if ($error) {
  60. ReportError(T('Webmention must mention a valid page'), '400 BAD REQUEST');
  61. }
  62. # check the IP number for bans
  63. my $rule = UserIsBanned();
  64. if ($rule) {
  65. ReportError(Ts('Your IP number is blocked: %s', $rule), '403 FORBIDDEN');
  66. }
  67. # check that the target page exists
  68. AllPagesList();
  69. if (not $IndexHash{$id}) {
  70. ReportError(T('Webmention must mention an existing page'), '404 NOT FOUND');
  71. }
  72. # verify parameters
  73. my $source = GetParam('source', undef) or ReportError(T('Webmention must mention source'), '400 BAD REQUEST');
  74. my $target = GetParam('target', undef) or ReportError(T('Webmention must mention target'), '400 BAD REQUEST');
  75. # verify that the source isn't banned
  76. $rule = BannedContent($source);
  77. if ($rule) {
  78. ReportError(Ts('The URL is blocked: %s', $rule), '403 FORBIDDEN');
  79. }
  80. # verify that the webmention is legit
  81. my $ua = LWP::UserAgent->new(agent => 'Oddmuse Webmention Server/0.1');
  82. my $response = $ua->get($source);
  83. if (not $response->is_success) {
  84. ReportError(Tss('Webmention source cannot be verified: %1 returns %2 %3',
  85. $source, $response->code, $response->message), '400 BAD REQUEST');
  86. }
  87. my $self = ScriptUrl(UrlEncode($id));
  88. if ($response->decoded_content !~ /$self/) {
  89. ReportError(Ts('Webmention source does not link to %s', $self), '400 BAD REQUEST');
  90. }
  91. $id = $CommentsPrefix . $id;
  92. if (GetPageContent($id) =~ /$source/) {
  93. ReportError(Ts('Webmention for %s already exists', $source), '400 BAD REQUEST');
  94. }
  95. # try to determine a name and a link
  96. my ($username, $homepage);
  97. my $parser = XML::LibXML->new(recover => 2);
  98. my $dom = $parser->load_html(string => $response->decoded_content);
  99. my @nodes = $dom->findnodes('//*[@rel="author"]');
  100. if (@nodes) {
  101. my $node = shift @nodes;
  102. $username = $node->textContent;
  103. $homepage = $node->getAttribute('href');
  104. }
  105. # post a comment without redirect at the end
  106. SetParam('aftertext', 'Webmention: ' . $source);
  107. SetParam('summary', 'Webmention');
  108. SetParam('username', $username || T('Anonymous'));
  109. SetParam('homepage', $homepage);
  110. SetParam($QuestionaskerSecretKey, 1) if $QuestionaskerSecretKey;
  111. local *ReBrowsePage = sub {};
  112. DoPost($id);
  113. # response
  114. print GetHeader('', T('Webmention OK!'));
  115. print $q->start_div({-class=>'content webmention'}),
  116. $q->p(GetPageLink($BannedContent)),
  117. $q->end_div;
  118. PrintFooter();
  119. }
  120. # Allow user to webmention other sites
  121. push(@MyAdminCode, \&WebmentionMenu);
  122. sub WebmentionMenu {
  123. my ($id, $menuref, $restref) = @_;
  124. if ($id) {
  125. push(@$menuref, ScriptLink('action=webmentions;id=' . $id, T('Add webmentions'), 'webmentions'));
  126. }
  127. }
  128. $Action{webmentions} = \&DoWebmentionMenu;
  129. sub DoWebmentionMenu {
  130. my $id = GetId();
  131. ValidIdOrDie($id);
  132. print GetHeader('', Ts('Webmentioning others from %s', NormalToFree($id)), '');
  133. my $text = GetPageContent($id);
  134. my @urls = $text =~ /$FullUrlPattern/g;
  135. if (@urls) {
  136. print GetFormStart();
  137. print GetHiddenValue('action', 'webmentioning');
  138. print GetHiddenValue('from', UrlEncode($id));
  139. print '<p>';
  140. print $q->checkbox_group('to', \@urls, undef, 'true');
  141. print '</p>';
  142. print $q->submit('go', T('Webmention!'));
  143. } else {
  144. print $q->p(T('No links found.'));
  145. }
  146. PrintFooter();
  147. }
  148. $Action{webmentioning} = \&DoWebmention;
  149. sub DoWebmention {
  150. my $id = GetParam('from');
  151. ValidIdOrDie($id);
  152. my $from = ScriptUrl($id);
  153. my @to = $q->multi_param('to');
  154. ReportError('Missing target') unless @to;
  155. print GetHeader('', Ts('Webmentioning somebody from %s', NormalToFree($id)), '');
  156. for my $to (@to) {
  157. Webmention($from, $to);
  158. }
  159. PrintFooter();
  160. }
  161. sub Webmention {
  162. my ($from, $to) = @_;
  163. ReportError('Target must be an URL', '400 BAD REQUEST', 0, $q->p($to)) unless $to =~ /$FullUrlPattern/;
  164. my $ua = LWP::UserAgent->new(agent => "Oddmuse Webmention Client/0.1");
  165. print $q->p(Ts('Contacting %s', $to));
  166. my $response = $ua->get($to);
  167. if (!$response->is_success) {
  168. print $q->p(Ts('Target reports an error: %s', $response->status_line));
  169. return;
  170. }
  171. print $q->p("Parsing response");
  172. my $data = $response->decoded_content;
  173. my $parser = XML::LibXML->new(recover => 2);
  174. my $dom = $parser->load_html(string => $data);
  175. my $webmention = $dom->findvalue('//link[@rel="webmention"]/@href');
  176. if (!$webmention) {
  177. print $q->p(T('No Webmention URL found'));
  178. return;
  179. }
  180. print $q->p("Webmention URL is $webmention");
  181. $response = $ua->post($webmention, { source => $from, target => $to });
  182. my $message = $response->code . " " . $response->message;
  183. if ($response->is_success) {
  184. print $q->p(Ts("Success: %s", $message));
  185. } else {
  186. print $q->p(Ts("Failure: %s", $message));
  187. $dom = $parser->load_html(string => $response->decoded_content());
  188. for my $node ($dom->getElementsByTagName('script')) { $node->parentNode->removeChild($node) };
  189. for my $node ($dom->getElementsByTagName('style')) { $node->parentNode->removeChild($node) };
  190. print $q->p($dom->textContent);
  191. }
  192. }