]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/blogspam.pm
Avoid mixed content when cgiurl is https but url is not
[git.ikiwiki.info.git] / IkiWiki / Plugin / blogspam.pm
index 4005e9f2a149aa534b2c7596ed5b9512f524a63d..e48ed729f5439f148e7f70e0d228990cbbe2a0f2 100644 (file)
@@ -4,11 +4,13 @@ package IkiWiki::Plugin::blogspam;
 use warnings;
 use strict;
 use IkiWiki 3.00;
+use Encode;
 
 my $defaulturl='http://test.blogspam.net:8888/';
 
 sub import {
        hook(type => "getsetup", id => "blogspam",  call => \&getsetup);
+       hook(type => "checkconfig", id => "blogspam", call => \&checkconfig);
        hook(type => "checkcontent", id => "blogspam", call => \&checkcontent);
 }
 
@@ -17,6 +19,7 @@ sub getsetup () {
                plugin => {
                        safe => 1,
                        rebuild => 0,
+                       section => "auth",
                },
                blogspam_pagespec => {
                        type => 'pagespec',
@@ -43,30 +46,41 @@ sub getsetup () {
                },
 }
 
-sub checkcontent (@) {
-       my %params=@_;
-
+sub checkconfig () {
+       # This is done at checkconfig time because printing an error
+       # if the module is missing when a spam is posted would not
+       # let the admin know about the problem.
        eval q{
                use RPC::XML;
                use RPC::XML::Client;
+               $RPC::XML::ENCODING = 'utf-8';
        };
-       if ($@) {
-               warn($@);
-               return undef;
-       }
+       error $@ if $@;
+}
+
+sub checkcontent (@) {
+       my %params=@_;
+       my $session=$params{session};
        
-       if (exists $config{blogspam_pagespec}) {
-               return undef
-                       if ! pagespec_match($params{page}, $config{blogspam_pagespec},
-                               location => $params{page});
+       my $spec='!admin()';
+       if (exists $config{blogspam_pagespec} &&
+           length $config{blogspam_pagespec}) {
+               $spec.=" and (".$config{blogspam_pagespec}.")";
        }
 
+       my $user=$session->param("name");
+       return undef unless pagespec_match($params{page}, $spec,
+               (defined $user ? (user => $user) : ()),
+               (defined $session->remote_addr() ? (ip => $session->remote_addr()) : ()),
+               location => $params{page});
+
        my $url=$defaulturl;
-       $url = $params{blogspam_server} if exists $params{blogspam_server};
+       $url = $config{blogspam_server} if exists $config{blogspam_server};
+
        my $client = RPC::XML::Client->new($url);
 
-       my @options = split(",", $params{blogspam_options})
-               if exists $params{blogspam_options};
+       my @options = split(",", $config{blogspam_options})
+               if exists $config{blogspam_options};
 
        # Allow short comments and whitespace-only edits, unless the user
        # has overridden min-words themselves.
@@ -83,31 +97,29 @@ sub checkcontent (@) {
        # and "buy".
        push @options, "exclude=stopwords";
 
-       # blogspam API does not have a field for author url, so put it in
-       # the content to be checked.
-       if (exists $params{url}) {
-               $params{content}.="\n".$params{url};
-       }
-
-       my $res = $client->send_request('testComment', {
-               ip => $ENV{REMOTE_ADDR},
-               comment => $params{content},
-               subject => defined $params{subject} ? $params{subject} : "",
-               name => defined $params{author} ? $params{author} : "",
+       my %req=(
+               ip => $session->remote_addr(),
+               comment => encode_utf8(defined $params{diff} ? $params{diff} : $params{content}),
+               subject => encode_utf8(defined $params{subject} ? $params{subject} : ""),
+               name => encode_utf8(defined $params{author} ? $params{author} : ""),
+               link => encode_utf8(exists $params{url} ? $params{url} : ""),
                options => join(",", @options),
-               site => $config{url},
+               site => encode_utf8($config{url}),
                version => "ikiwiki ".$IkiWiki::version,
-       });
+       );
+       my $res = $client->send_request('testComment', \%req);
 
        if (! ref $res || ! defined $res->value) {
                debug("failed to get response from blogspam server ($url)");
                return undef;
        }
        elsif ($res->value =~ /^SPAM:(.*)/) {
+               eval q{use Data::Dumper};
+               debug("blogspam server reports ".$res->value.": ".Dumper(\%req));
                return gettext("Sorry, but that looks like spam to <a href=\"http://blogspam.net/\">blogspam</a>: ").$1;
        }
        elsif ($res->value ne 'OK') {
-               debug(gettext("blogspam server failure: ").$res->value);
+               debug("blogspam server failure: ".$res->value);
                return undef;
        }
        else {