Refactor fetching header for difference between applet and transaction mode.

Improve locale_strings map by re json.encode. Add method to put translation jsons into txn var and read with a json_query fetch inside template files not served by a lua view e.g. maintenance page
2025-05-09 02:05:37 +00:00 · 2023-05-21 15:18:32 +10:00
parent c93ca7f16c
commit 14922d7e2f
11 changed files with 127 additions and 91 deletions
--- a/src/lua/libs/utils.lua
+++ b/src/lua/libs/utils.lua
@@ -5,6 +5,18 @@ local challenge_expiry = tonumber(os.getenv("CHALLENGE_EXPIRY"))
 local challenge_includes_ip = os.getenv("CHALLENGE_INCLUDES_IP")
 local tor_control_port_password = os.getenv("TOR_CONTROL_PORT_PASSWORD")

+-- get header from different place depending on action vs view
+function _M.get_header_from_context(context, header_name, is_applet)
+	local header_content = ""
+	if is_applet == true then
+		header_content = context.headers[header_name] or {}
+		header_content = header_content[0] or ""
+	else
+		header_content = context.sf:req_fhdr(header_name) or ""
+	end
+	return header_content
+end
+
 -- generate the challenge hash/user hash
 function _M.generate_challenge(context, salt, user_key, is_applet)

@@ -15,14 +27,7 @@ function _M.generate_challenge(context, salt, user_key, is_applet)
 	end

 	-- user agent to counter very dumb spammers
-	local user_agent = ""
-	if is_applet == true then
-		user_agent = context.headers['user-agent'] or {}
-		user_agent = user_agent[0] or ""
-	else
-		--note req_fhdr not req_hdr otherwise commas in useragent become a delimiter
-		user_agent = context.sf:req_fhdr('user-agent') or ""
-	end
+	local user_agent = _M.get_header_from_context(context, 'user-agent', is_applet)

 	local challenge_hash = sha.sha3_256(salt .. ip .. user_key .. user_agent)

--- a/src/lua/scripts/bot-check.lua
+++ b/src/lua/scripts/bot-check.lua
@@ -22,7 +22,7 @@ for file_name in io.popen('ls "'..locales_path..'"*.json'):lines() do
 	local json_object = json.decode(json_contents)
 	file:close()
 	locales_table[file_name_without_ext] = json_object
-	locales_strings[file_name_without_ext] = json_contents
+	locales_strings[file_name_without_ext] = json.encode(json_object)
 end

 -- POW
@@ -87,11 +87,10 @@ function _M.kill_tor_circuit(txn)
 	utils.send_tor_control_port(circuit_identifier)
 end

-- read first language from accept-language in applet
+-- read first language from accept-language in applet (note: does not consider q values)
 local default_lang = "en-US"
-function _M.get_first_language(applet)
-	local accept_language = applet.headers["accept-language"] or {}
-	accept_language = accept_language[0] or ""
+function _M.get_first_language(context, is_applet)
+	local accept_language = utils.get_header_from_context(context, 'accept-language', is_applet)
 	if #accept_language > 0 and #accept_language < 100 then -- length limit preventing abuse
 		for lang in accept_language:gmatch("[^,%s]+") do
 			if not lang:find(";") then
@@ -101,11 +100,10 @@ function _M.get_first_language(applet)
 	end
 end

-
 function _M.view(applet)

 	-- set the ll and ls language var based off header or default to en-US
-	local lang = _M.get_first_language(applet)
+	local lang = _M.get_first_language(applet, true)
 	local ll = locales_table[lang]
 	if ll == nil then
 		ll = locales_table[default_lang]
@@ -379,6 +377,16 @@ function _M.view(applet)

 end

+-- set lang json in var for use with json_query sf for using translations in template files without a lua view
+function _M.set_lang_json(txn)
+	local lang = _M.get_first_language(txn, false)
+	local ls = locales_strings[lang]
+	if ls == nil then
+		ls = locales_strings[default_lang]
+	end
+	txn:set_var("txn.lang_json", ls)
+end
+
 -- check if captcha is enabled, path+domain priority, then just domain, and 0 otherwise
 function _M.decide_checks_necessary(txn)
 	local host = txn.sf:hdr("Host")
--- a/src/lua/scripts/register-bot-check.lua
+++ b/src/lua/scripts/register-bot-check.lua
@@ -7,6 +7,7 @@ core.register_action("captcha-check", { 'http-req', }, bot_check.check_captcha_s
 core.register_action("pow-check", { 'http-req', }, bot_check.check_pow_status)
 core.register_action("decide-checks-necessary", { 'http-req', }, bot_check.decide_checks_necessary)
 core.register_action("kill-tor-circuit", { 'http-req', }, bot_check.kill_tor_circuit)
+core.register_action("set-lang-json", { 'http-req', }, bot_check.set_lang_json)

 local backends_map = Map.new('/etc/haproxy/map/backends.map', Map._str)
 function get_server_names(txn)
--- a/src/lua/scripts/register-servers.lua
+++ b/src/lua/scripts/register-servers.lua
@@ -38,7 +38,7 @@ function setup_servers()
 		if verify_backend_ssl ~= nil then
 			tcp:send(string.format("add server %s %s check ssl verify required ca-file ca-certificates.crt sni req.hdr(Host)\n", server_name, backend_host))
 		else
-			tcp:send(string.format("add server %s %s check ssl verify none\n", server_name, backend_host))
+			tcp:send(string.format("add server %s %s\n", server_name, backend_host))
 		end;
 		tcp:send(string.format("enable server %s\n", server_name))
 		line = handle:read("*line")