- Endchan Magrathea

odilitime
1/23/2017 22:46:00 No. 5631 [Reply] report
 >>/5630/
Good research. Yes, that's an antispam measure, so it has benefits. 

I've found the section in the lynxchan code that causes this. Maybe we can find compromise but StephenLynx needs to explain the anti-spam side better.


exports.checkReferer = function(req) {

  if (!req.headers.referer) {
    return false;
  }

  var parsedReferer = url.parse(req.headers.referer);

  var finalReferer = parsedReferer.hostname;
  finalReferer += (parsedReferer.port ? ':' + parsedReferer.port : '');

  return finalReferer === req.headers.host;

};

exports.getAuthenticatedPost = function(req, res, getParameters, callback,
    optionalAuth, exceptionalMimes) {

  if (!exports.checkReferer(req)) {
    exports.redirectToLogin(res);
    return;
  }

  if (getParameters) {

    exports.getPostData(req, res, function(auth, parameters) {

      accountOps.validate(auth, function validated(error, newAuth, userData) {
        if (error && !optionalAuth) {
          exports.redirectToLogin(res);
        } else {
          callback(newAuth, userData, parameters);
        }

      });
    }, exceptionalMimes);
  } else {

    accountOps.validate(exports.getCookies(req), function validated(error,
        newAuth, userData) {

      if (error && !optionalAuth) {
        exports.redirectToLogin(res);
      } else {
        callback(newAuth, userData);
      }
    });
  }

};