Optional no ssl flag using x-insecure header

2023-01-15 22:06:31 +13:00 · 2023-01-15 22:06:31 +13:00 · 3d5927ab28
parent 8d292cc200
commit 3d5927ab28
9 changed files with 22 additions and 19 deletions
--- a/api/channels.js
+++ b/api/channels.js
@ -18,7 +18,7 @@ module.exports = [
 			if (data.error) {
 				const statusCode = data.missing ? 410 : 500
 				const subscribed = user.isSubscribed(id)
-				return render(statusCode, "pug/channel-error.pug", {settings, data, subscribed, instanceOrigin})
+				return render(statusCode, "pug/channel-error.pug", {req, settings, data, subscribed, instanceOrigin})
 			}

 			// everything is fine
@ -35,7 +35,7 @@ module.exports = [
 				})
 			}
 			const subscribed = user.isSubscribed(data.authorId)
-			return render(200, "pug/channel.pug", {settings, data, subscribed, instanceOrigin})
+			return render(200, "pug/channel.pug", {req, settings, data, subscribed, instanceOrigin})
 		}
 	}
 ]
--- a/api/filters.js
+++ b/api/filters.js
@ -55,7 +55,7 @@ module.exports = [
 				label = url.searchParams.get("label")
 			}

-			return render(200, "pug/filters.pug", {settings, categories, type, contents, label, referrer, filterMaxLength, regexpEnabledText})
+			return render(200, "pug/filters.pug", {req, settings, categories, type, contents, label, referrer, filterMaxLength, regexpEnabledText})
 		}
 	},
 	{
@ -104,7 +104,7 @@ module.exports = [
 					const user = getUser(req)
 					const categories = getCategories(user)
 					const settings = user.getSettingsOrDefaults()
-					return render(400, "pug/filters.pug", {settings, categories, type, contents, label, compileError, filterMaxLength, regexpEnabledText})
+					return render(400, "pug/filters.pug", {req, settings, categories, type, contents, label, compileError, filterMaxLength, regexpEnabledText})
 				})
 				.last(state => {
 					const {type, contents, label} = state
--- a/api/pages.js
+++ b/api/pages.js
@ -8,28 +8,28 @@ module.exports = [
 			const mobile = userAgent.toLowerCase().includes("mobile")
 			const user = getUser(req)
 			const settings = user.getSettingsOrDefaults()
-			return render(200, "pug/home.pug", {settings, mobile})
+			return render(200, "pug/home.pug", {req, settings, mobile})
 		}
 	},
 	{
 		route: "/(?:js-)?licenses", methods: ["GET"], code: async ({req}) => {
 			const user = getUser(req)
 			const settings = user.getSettingsOrDefaults()
-			return render(200, "pug/licenses.pug", {settings})
+			return render(200, "pug/licenses.pug", {req, settings})
 		}
 	},
 	{
 		route: "/cant-think", methods: ["GET"], code: async ({req}) => {
 			const user = getUser(req)
 			const settings = user.getSettingsOrDefaults()
-			return render(200, "pug/cant-think.pug", {settings})
+			return render(200, "pug/cant-think.pug", {req, settings})
 		}
 	},
 	{
 		route: "/privacy", methods: ["GET"], code: async ({req}) => {
 			const user = getUser(req)
 			const settings = user.getSettingsOrDefaults()
-			return render(200, "pug/privacy.pug", {settings})
+			return render(200, "pug/privacy.pug", {req, settings})
 		}
 	}
 ]
--- a/api/search.js
+++ b/api/search.js
@ -26,7 +26,7 @@ module.exports = [
 			const filters = user.getFilters()
 			results = converters.applyVideoFilters(results, filters).videos

-			return render(200, "pug/search.pug", {settings, url, query, results, instanceOrigin})
+			return render(200, "pug/search.pug", {req, settings, url, query, results, instanceOrigin})
 		}
 	}
 ]
--- a/api/settings.js
+++ b/api/settings.js
@ -23,7 +23,7 @@ module.exports = [
 			const user = getUser(req)
 			const settings = user.getSettings()
 			const instances = instancesList.get()
-			return render(200, "pug/settings.pug", {constants, user, settings, instances})
+			return render(200, "pug/settings.pug", {req, constants, user, settings, instances})
 		}
 	},
 	{
--- a/api/subscriptions.js
+++ b/api/subscriptions.js
@ -39,7 +39,7 @@ module.exports = [
 			}
 			const settings = user.getSettingsOrDefaults()
 			const instanceOrigin = settings.instance
-			return render(200, "pug/subscriptions.pug", {url, settings, hasSubscriptions, videos, channels, missingChannelCount, refreshed, timeToPastText, instanceOrigin})
+			return render(200, "pug/subscriptions.pug", {req, url, settings, hasSubscriptions, videos, channels, missingChannelCount, refreshed, timeToPastText, instanceOrigin})
 		}
 	}
 ]
--- a/api/takedown.js
+++ b/api/takedown.js
@ -3,8 +3,8 @@ const {render} = require("pinski/plugins")

 module.exports = [
 	{
-		route: "/takedown", methods: ["GET"], code: async () => {
-			return render(200, "pug/takedown.pug", {constants})
+		route: "/takedown", methods: ["GET"], code: async ({req}) => {
+			return render(200, "pug/takedown.pug", {req, constants})
 		}
 	}
 ]
--- a/api/video.js
+++ b/api/video.js
@ -111,7 +111,7 @@ module.exports = [
 			// Check if playback is allowed
 			const videoTakedownInfo = db.prepare("SELECT id, org, url FROM TakedownVideos WHERE id = ?").get(id)
 			if (videoTakedownInfo) {
-				return render(451, "pug/takedown-video.pug", Object.assign({settings}, videoTakedownInfo))
+				return render(451, "pug/takedown-video.pug", Object.assign({req, settings}, videoTakedownInfo))
 			}

 			// Media fragment
@ -129,7 +129,7 @@ module.exports = [
 			// Work out how to fetch the video
 			if (req.method === "GET") {
 				if (settings.local) { // skip to the local fetching page, which will then POST video data in a moment
-					return render(200, "pug/local-video.pug", {settings, id})
+					return render(200, "pug/local-video.pug", {req, settings, id})
 				}
 				var instanceOrigin = settings.instance
 				var outURL = `${instanceOrigin}/api/v1/videos/${id}`
@ -153,7 +153,7 @@ module.exports = [
 					// automatically add the entry to the videos list, so it won't be fetched again
 					const args = {id, ...channelTakedownInfo}
 					db.prepare("INSERT INTO TakedownVideos (id, org, url) VALUES (@id, @org, @url)").run(args)
-					return render(451, "pug/takedown-video.pug", Object.assign({settings}, channelTakedownInfo))
+					return render(451, "pug/takedown-video.pug", Object.assign({req, settings}, channelTakedownInfo))
 				}

 				// process stream list ordering
@ -199,7 +199,7 @@ module.exports = [
 				}

 				return render(200, "pug/video.pug", {
-					url, video, formats, subscribed, instanceOrigin, mediaFragment, autoplay, continuous,
+					req, url, video, formats, subscribed, instanceOrigin, mediaFragment, autoplay, continuous,
 					sessionWatched, sessionWatchedNext, settings
 				})

@ -225,7 +225,7 @@ module.exports = [
 				// Create appropriate formatted message
 				const message = render(0, `pug/errors/${errorType}.pug`, locals).content

-				return render(500, "pug/video.pug", {video: {videoId: id}, error: true, message, settings})
+				return render(500, "pug/video.pug", {video: {videoId: id}, error: true, message, req, settings})
 			}
 		}
 	}
--- a/pug/includes/layout.pug
+++ b/pug/includes/layout.pug
@ -26,7 +26,10 @@ html
    if showNav
      nav.main-nav
        .links
-          a(href="/").link.home CloudTube
+          if req && req.headers && "x-insecure" in req.headers
+            a(href="/").link.home CloudTube - Insecure
+          else
+            a(href="/").link.home CloudTube
          a(href="/subscriptions" title="Subscriptions").link.icon-link
            != icons.get("subscriptions")
          a(href="/settings" title="Settings").link.icon-link