-
Notifications
You must be signed in to change notification settings - Fork 75
/
www.go
88 lines (76 loc) · 2.99 KB
/
www.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
// Copyright (c) 2017-2020 The Decred developers
// Use of this source code is governed by an ISC
// license that can be found in the LICENSE file.
package legacy
import (
"encoding/hex"
"encoding/json"
"net/http"
"github.com/decred/politeia/politeiad/api/v1/mime"
v1 "github.com/decred/politeia/politeiawww/api/www/v1"
"github.com/decred/politeia/util"
"github.com/gorilla/csrf"
)
// version is an HTTP GET to determine the lowest API route version that this
// backend supports. Additionally it is used to obtain a CSRF token.
func (p *Politeiawww) handleVersion(w http.ResponseWriter, r *http.Request) {
log.Tracef("handleVersion")
versionReply := v1.VersionReply{
Version: v1.PoliteiaWWWAPIVersion,
Route: v1.PoliteiaWWWAPIRoute,
BuildVersion: p.cfg.Version,
PubKey: hex.EncodeToString(p.cfg.Identity.Key[:]),
TestNet: p.cfg.TestNet,
Mode: p.cfg.Mode,
}
_, err := p.sessions.GetSessionUser(w, r)
if err == nil {
versionReply.ActiveUserSession = true
}
vr, err := json.Marshal(versionReply)
if err != nil {
RespondWithError(w, r, 0, "handleVersion: Marshal %v", err)
return
}
w.Header().Set("Strict-Transport-Security",
"max-age=63072000; includeSubDomains")
w.Header().Set("X-Content-Type-Options", "nosniff")
w.Header().Set("Referrer-Policy", "same-origin")
w.Header().Set("X-Frame-Options", "DENY")
w.Header().Set("X-XSS-Protection", "1; mode=block")
w.Header().Set("Content-Type", "application/json; charset=utf-8")
w.Header().Set(v1.CsrfToken, csrf.Token(r))
w.WriteHeader(http.StatusOK)
w.Write(vr)
}
func (p *Politeiawww) handlePolicy(w http.ResponseWriter, r *http.Request) {
// Get the policy command.
log.Tracef("handlePolicy")
reply := &v1.PolicyReply{
MinPasswordLength: v1.PolicyMinPasswordLength,
MinUsernameLength: v1.PolicyMinUsernameLength,
MaxUsernameLength: v1.PolicyMaxUsernameLength,
UsernameSupportedChars: v1.PolicyUsernameSupportedChars,
ProposalListPageSize: v1.ProposalListPageSize,
UserListPageSize: v1.UserListPageSize,
MaxImages: v1.PolicyMaxImages,
MaxImageSize: v1.PolicyMaxImageSize,
MaxMDs: v1.PolicyMaxMDs,
MaxMDSize: v1.PolicyMaxMDSize,
PaywallEnabled: p.paywallIsEnabled(),
ValidMIMETypes: mime.ValidMimeTypes(),
MinProposalNameLength: v1.PolicyMinProposalNameLength,
MaxProposalNameLength: v1.PolicyMaxProposalNameLength,
ProposalNameSupportedChars: v1.PolicyProposalNameSupportedChars,
MaxCommentLength: v1.PolicyMaxCommentLength,
TokenPrefixLength: v1.TokenPrefixLength,
BuildInformation: []string{p.cfg.Version},
IndexFilename: v1.PolicyIndexFilename,
MinLinkByPeriod: 0,
MaxLinkByPeriod: 0,
MinVoteDuration: 0,
MaxVoteDuration: 0,
PaywallConfirmations: p.cfg.MinConfirmationsRequired,
}
util.RespondWithJSON(w, http.StatusOK, reply)
}