Improve error for instances with authorized fetch enabled

When authorized fetch mode is enabled on mastodon
https://docs.joinmastodon.org/admin/config/#authorized_fetch, mastodon
will signatures for endpoints which are used for
activitypub or an authenticated user for internal endpoints.
Since custom emojis is internal, it cannot be accessed without a
logged-in user.
This improves the error to make it more clear.
This commit is contained in:
Renato "Lond" Cerqueira 2021-01-02 10:25:31 +01:00
parent cbb3e6ea41
commit 60dc595b4a
2 changed files with 15 additions and 2 deletions

View File

@ -22,6 +22,8 @@ from flask import Flask, redirect, render_template, request, url_for
app = Flask(__name__)
class ForbiddenEndpointError(Exception):
pass
@app.route('/<domain>')
def emojo(domain):
@ -36,14 +38,20 @@ def emojo(domain):
try:
url = urllib.parse.urlunsplit(('https', domain, '/api/v1/custom_emojis', '', ''))
response = requests.get(url)
if response.status_code == 401:
raise ForbiddenEndpointError
if show_all:
emojo = sorted(requests.get(url).json(), key=operator.itemgetter('shortcode'))
emojo = sorted(response.json(), key=operator.itemgetter('shortcode'))
else:
emojo = sorted(filter(lambda x: x.get('visible_in_picker', True), requests.get(url).json()),
emojo = sorted(filter(lambda x: x.get('visible_in_picker', True), response.json()),
key=operator.itemgetter('shortcode'))
return render_template('emojo.html', domain=domain, emojo=emojo, show_animated=show_animated)
except requests.exceptions.RequestException as e:
return render_template('oh_no.html', domain=domain)
except ForbiddenEndpointError:
return render_template('forbidden.html', domain=domain)
@app.route('/favicon.ico')

5
templates/forbidden.html Normal file
View File

@ -0,0 +1,5 @@
{% extends "base.html" %}
{% block title %}Custom emoji list for {{ domain }}{% endblock title %}
{% block body %}
<p><b>{{ domain }}</b> doesn't allow access to the <code>v1/custom_emojis</code> endpoint. :(</p>
{% endblock body %}