Validation: Do not allow direct links to pages with ?view=

If such a direct link is detected, it will be redirected to the same
page without the ?view= parameter. This should make it impossible to
link directly to spoilers and sexual content, as enabled by
23fb02e36defa7660ee871dd9e650906b0d2d616.

(Though that direct linking is still possible by linking to revision
pages and other administrative things, but I'm thinking of applying
a similar approach to those)

1 files changed, 23 insertions, 1 deletions

diff --git a/lib/VNWeb/Validation.pm b/lib/VNWeb/Validation.pm
index d65b5a9a..2546c0e3 100644
--- a/lib/VNWeb/Validation.pm
+++ b/lib/VNWeb/Validation.pm
@@ -1,7 +1,7 @@
 package VNWeb::Validation;
 
 use v5.26;
-use TUWF;
+use TUWF 'uri_escape';
 use PWLookup;
 use VNDB::Types;
 use VNDB::Config;
@@ -227,4 +227,26 @@ sub viewset {
     $s{spoilers}.($s{traits_sexual}?'s':'S')
 }
 
+
+# The ?view= parameter may only be applied when the link originates from VNDB
+# itself. We don't want people linking directly to spoilers or sexual content.
+# If we do get such a request, redirect to the same page without the ?view=
+# parameter.
+#
+# This makes use of a cookie with SameSite=Strict rather than the Referer
+# header, as the latter is much less reliable nowadays. Though the cookie
+# approach is unfortunately a bit uglier.
+TUWF::hook before => sub {
+    my $samesite = tuwf->reqCookie('samesite');
+    if(!$samesite) {
+        tuwf->resCookie(samesite => 1, httponly => 1, samesite => 'Strict');
+        if(tuwf->reqGet('view')) {
+            warn "Outside link with ?view= parameter. Referer: ".(tuwf->reqHeader('Referer')||'-')."\n";
+            my $qs = join '&', map { my $k=$_; my @l=tuwf->reqGets($k); map uri_escape($k).'='.uri_escape($_), @l } grep $_ ne 'view', tuwf->reqGets();
+            tuwf->resRedirect(tuwf->reqPath().($qs?"?$qs":''), 'temp');
+            tuwf->done;
+        }
+    }
+};
+
 1;