def GET_tb(self, link):
'''/tb/$id36, show a given link with the toolbar
If the user doesn't have the toolbar enabled, redirect to comments
page.
'''
from r2.lib.media import thumbnail_url
if not link:
return self.abort404()
elif link.is_self:
return self.redirect(link.url)
elif not (c.user_is_loggedin and c.user.pref_frame):
return self.redirect(link.make_permalink_slow(force_domain=True))
# if the domain is shame-banned, bail out.
if is_shamed_domain(link.url)[0]:
self.abort404()
if not link.subreddit_slow.can_view(c.user):
self.abort403()
if link.has_thumbnail:
thumbnail = thumbnail_url(link)
else:
thumbnail = None
res = Frame(
title=link.title,
url=match_current_reddit_subdomain(link.url),
thumbnail=thumbnail,
fullname=link._fullname,
)
return spaceCompress(res.render())
def GET_tb(self, link):
'''/tb/$id36, show a given link with the toolbar
If the user doesn't have the toolbar enabled, redirect to comments
page.
'''
from r2.lib.media import thumbnail_url
if not link:
return self.abort404()
elif not link.subreddit_slow.can_view(c.user):
# don't disclose the subreddit/title of a post via the redirect url
self.abort403()
elif link.is_self:
return self.redirect(link.url)
elif not (c.user_is_loggedin and c.user.pref_frame):
return self.redirect(link.make_permalink_slow(force_domain=True))
# if the domain is shame-banned, bail out.
if is_shamed_domain(link.url)[0]:
self.abort404()
if link.has_thumbnail:
thumbnail = thumbnail_url(link)
else:
thumbnail = None
res = Frame(
title=link.title,
url=match_current_reddit_subdomain(link.url),
thumbnail=thumbnail,
fullname=link._fullname,
)
return spaceCompress(res.render())
def GET_s(self, urloid):
"""/s/http://..., show a given URL with the toolbar. if it's
submitted, redirect to /tb/$id36"""
force_html()
path = demangle_url(request.fullpath)
if not path:
# it was malformed
self.abort404()
# if the domain is shame-banned, bail out.
if is_shamed_domain(path)[0]:
self.abort404()
listing = hot_links_by_url_listing(path, sr=c.site, num=1)
link = listing.things[0] if listing.things else None
if link:
# we were able to find it, let's send them to the
# toolbar (if enabled) or comments (if not)
return self.redirect(add_sr("/tb/" + link._id36))
else:
# It hasn't been submitted yet. Give them a chance to
qs = utils.query_string({"url": path})
return self.redirect(add_sr("/submit" + qs))
def GET_s(self, urloid):
"""/s/http://..., show a given URL with the toolbar. if it's
submitted, redirect to /tb/$id36"""
force_html()
path = demangle_url(request.fullpath)
if not path:
# it was malformed
self.abort404()
# if the domain is shame-banned, bail out.
if is_shamed_domain(path)[0]:
self.abort404()
listing = hot_links_by_url_listing(path, sr=c.site, num=1)
link = listing.things[0] if listing.things else None
if link:
# we were able to find it, let's send them to the
# toolbar (if enabled) or comments (if not)
return self.redirect(add_sr("/tb/" + link._id36))
else:
# It hasn't been submitted yet. Give them a chance to
qs = utils.query_string({"url": path})
return self.redirect(add_sr("/submit" + qs))
def GET_tb(self, link):
from r2.lib.media import thumbnail_url
"/tb/$id36, show a given link with the toolbar"
if not link:
return self.abort404()
elif link.is_self:
return self.redirect(link.url)
# if the domain is shame-banned, bail out.
if is_shamed_domain(link.url, request.ip)[0]:
self.abort404()
if not link.subreddit_slow.can_view(c.user):
self.abort403()
if link.has_thumbnail:
thumbnail = thumbnail_url(link)
else:
thumbnail = None
res = Frame(title = link.title,
url = link.url,
thumbnail = thumbnail,
fullname = link._fullname)
return spaceCompress(res.render())
def GET_tb(self, link):
from r2.lib.media import thumbnail_url
"/tb/$id36, show a given link with the toolbar"
if not link:
return self.abort404()
elif link.is_self:
return self.redirect(link.url)
# if the domain is shame-banned, bail out.
if is_shamed_domain(link.url, request.ip)[0]:
self.abort404()
if not link.subreddit_slow.can_view(c.user):
self.abort403()
if link.has_thumbnail:
thumbnail = thumbnail_url(link)
else:
thumbnail = None
res = Frame(title=link.title,
url=link.url,
thumbnail=thumbnail,
fullname=link._fullname)
return spaceCompress(res.render())
def GET_s(self, rest):
"""/s/http://..., show a given URL with the toolbar. if it's
submitted, redirect to /tb/$id36"""
force_html()
path = demangle_url(request.fullpath)
if not path:
# it was malformed
self.abort404()
# if the domain is shame-banned, bail out.
if is_shamed_domain(path)[0]:
self.abort404()
listing = hot_links_by_url_listing(path, sr=c.site, num=1)
link = listing.things[0] if listing.things else None
if c.cname and not c.authorized_cname:
# In this case, we make some bad guesses caused by the
# cname frame on unauthorised cnames.
# 1. User types http://foo.com/http://myurl?cheese=brie
# (where foo.com is an unauthorised cname)
# 2. We generate a frame that points to
# http://www.reddit.com/r/foo/http://myurl?cnameframe=0.12345&cheese=brie
# 3. Because we accept everything after the /r/foo/, and
# we've now parsed, modified, and reconstituted that
# URL to add cnameframe, we really can't make any good
# assumptions about what we've done to a potentially
# already broken URL, and we can't assume that we've
# rebuilt it in the way that it was originally
# submitted (if it was)
# We could try to work around this with more guesses (by
# having demangle_url try to remove that param, hoping
# that it's not already a malformed URL, and that we
# haven't re-ordered the GET params, removed
# double-slashes, etc), but for now, we'll just refuse to
# do this operation
return self.abort404()
if link:
# we were able to find it, let's send them to the
# link-id-based URL so that their URL is reusable
return self.redirect(add_sr("/tb/" + link._id36))
title = utils.domain(path)
res = Frame(
title=title,
url=match_current_reddit_subdomain(path),
)
# we don't want clients to think that this URL is actually a
# valid URL for search-indexing or the like
request.environ['usable_error_content'] = spaceCompress(res.render())
abort(404)
def GET_s(self, rest):
"""/s/http://..., show a given URL with the toolbar. if it's
submitted, redirect to /tb/$id36"""
force_html()
path = demangle_url(request.fullpath)
if not path:
# it was malformed
self.abort404()
# if the domain is shame-banned, bail out.
if is_shamed_domain(path)[0]:
self.abort404()
link = utils.link_from_url(path, multiple=False)
if c.cname and not c.authorized_cname:
# In this case, we make some bad guesses caused by the
# cname frame on unauthorised cnames.
# 1. User types http://foo.com/http://myurl?cheese=brie
# (where foo.com is an unauthorised cname)
# 2. We generate a frame that points to
# http://www.reddit.com/r/foo/http://myurl?cnameframe=0.12345&cheese=brie
# 3. Because we accept everything after the /r/foo/, and
# we've now parsed, modified, and reconstituted that
# URL to add cnameframe, we really can't make any good
# assumptions about what we've done to a potentially
# already broken URL, and we can't assume that we've
# rebuilt it in the way that it was originally
# submitted (if it was)
# We could try to work around this with more guesses (by
# having demangle_url try to remove that param, hoping
# that it's not already a malformed URL, and that we
# haven't re-ordered the GET params, removed
# double-slashes, etc), but for now, we'll just refuse to
# do this operation
return self.abort404()
if link:
# we were able to find it, let's send them to the
# link-id-based URL so that their URL is reusable
return self.redirect(add_sr("/tb/" + link._id36))
title = utils.domain(path)
res = Frame(
title=title,
url=match_current_reddit_subdomain(path),
)
# we don't want clients to think that this URL is actually a
# valid URL for search-indexing or the like
request.environ['usable_error_content'] = spaceCompress(res.render())
abort(404)
def GET_s(self, urloid):
"""/s/http://..., show a given URL with the toolbar. if it's
submitted, redirect to /tb/$id36"""
force_html()
path = demangle_url(request.fullpath)
if not path:
# it was malformed
self.abort404()
# if the domain is shame-banned, bail out.
if is_shamed_domain(path)[0]:
self.abort404()
listing = hot_links_by_url_listing(path, sr=c.site, num=1)
link = listing.things[0] if listing.things else None
if c.cname and not c.authorized_cname:
# In this case, we make some bad guesses caused by the
# cname frame on unauthorised cnames.
# 1. User types http://foo.com/http://myurl?cheese=brie
# (where foo.com is an unauthorised cname)
# 2. We generate a frame that points to
# http://www.reddit.com/r/foo/http://myurl?cnameframe=0.12345&cheese=brie
# 3. Because we accept everything after the /r/foo/, and
# we've now parsed, modified, and reconstituted that
# URL to add cnameframe, we really can't make any good
# assumptions about what we've done to a potentially
# already broken URL, and we can't assume that we've
# rebuilt it in the way that it was originally
# submitted (if it was)
# We could try to work around this with more guesses (by
# having demangle_url try to remove that param, hoping
# that it's not already a malformed URL, and that we
# haven't re-ordered the GET params, removed
# double-slashes, etc), but for now, we'll just refuse to
# do this operation
return self.abort404()
if link:
# we were able to find it, let's send them to the
# toolbar (if enabled) or comments (if not)
return self.redirect(add_sr("/tb/" + link._id36))
else:
# It hasn't been submitted yet. Give them a chance to
qs = utils.query_string({"url": path})
return self.redirect(add_sr("/submit?" + qs))
def GET_tb(self, link):
'''/tb/$id36, show a given link with the toolbar
If the user doesn't have the toolbar enabled, redirect to comments
page.
'''
from r2.lib.media import thumbnail_url
redirect_url = None
query_params = dict(request.GET)
if not link:
return self.abort404()
elif not link.subreddit_slow.can_view(c.user):
# don't disclose the subreddit/title of a post via the redirect url
self.abort403()
elif link.is_self:
redirect_url = link.url
elif not (c.user_is_loggedin and c.user.uses_toolbar):
redirect_url = link.make_permalink_slow(force_domain=True)
if redirect_url:
if query_params:
url = UrlParser(redirect_url)
url.update_query(**query_params)
redirect_url = url.unparse()
return self.redirect(redirect_url)
# if the domain is shame-banned, bail out.
if is_shamed_domain(link.url)[0]:
self.abort404()
if link.has_thumbnail:
thumbnail = thumbnail_url(link)
else:
thumbnail = None
res = Frame(
title=link.title,
url=match_current_reddit_subdomain(link.url),
thumbnail=thumbnail,
fullname=link._fullname,
)
return spaceCompress(res.render())
