diff --git a/r2/r2/config/middleware.py b/r2/r2/config/middleware.py
index 36d0b23da..fa43ef7ac 100644
--- a/r2/r2/config/middleware.py
+++ b/r2/r2/config/middleware.py
@@ -175,6 +175,15 @@ class DomainMiddleware(object):
def __init__(self, app):
self.app = app
+ auth_cnames = config['global_conf'].get('authorized_cnames', '')
+ auth_cnames = [x.strip() for x in auth_cnames.split(',')]
+ # we are going to be matching with endswith, so make sure there
+ # are no empty strings that have snuck in
+ self.auth_cnames = [x for x in auth_cnames if x]
+
+ def is_auth_cname(self, domain):
+ return any((domain == cname or domain.endswith('.' + cname))
+ for cname in self.auth_cnames)
def __call__(self, environ, start_response):
# get base domain as defined in INI file
@@ -198,6 +207,9 @@ class DomainMiddleware(object):
if not environ.get('extension'):
if environ['PATH_INFO'].startswith('/frame'):
return self.app(environ, start_response)
+ elif self.is_auth_cname(sub_domains):
+ environ['frameless_cname'] = True
+ environ['authorized_cname'] = True
elif ("redditSession" in environ.get('HTTP_COOKIE', '')
and environ['REQUEST_METHOD'] != 'POST'
and not environ['PATH_INFO'].startswith('/error')):
diff --git a/r2/r2/controllers/reddit_base.py b/r2/r2/controllers/reddit_base.py
index 9631b0baf..36e6ed5ee 100644
--- a/r2/r2/controllers/reddit_base.py
+++ b/r2/r2/controllers/reddit_base.py
@@ -60,6 +60,8 @@ class Cookie(object):
self.dirty = dirty
if domain:
self.domain = domain
+ elif c.authorized_cname:
+ self.domain = c.site.domain
else:
self.domain = g.domain
@@ -133,10 +135,8 @@ def read_user_cookie(name):
def set_user_cookie(name, val):
uname = c.user.name if c.user_is_loggedin else ""
- domain = g.domain if not c.frameless_cname else None
- c.cookies[uname + '_' + name] = Cookie(value = val,
- domain = domain)
-
+ c.cookies[uname + '_' + name] = Cookie(value = val)
+
valid_click_cookie = re.compile(r'(t[0-9]_[a-zA-Z0-9]+:)+').match
def read_click_cookie():
if c.user_is_loggedin:
@@ -182,8 +182,7 @@ def set_redditfirst(key,val):
cookie = {key: val}
c.cookies['reddit_first'] = Cookie(simplejson.dumps(cookie),
- expires = NEVER,
- domain = g.domain)
+ expires = NEVER)
# this cookie is also accessed by organic.js, so changes to the format
# will have to be made there as well
@@ -336,7 +335,9 @@ def set_cnameframe():
del request.params[utils.UrlParser.cname_get]
if request.get.has_key(utils.UrlParser.cname_get):
del request.get[utils.UrlParser.cname_get]
- c.frameless_cname = request.environ.get('frameless_cname', False)
+ c.frameless_cname = request.environ.get('frameless_cname', False)
+ if hasattr(c.site, 'domain'):
+ c.authorized_cname = request.environ.get('authorized_cname', False)
def ratelimit_agents():
user_agent = request.user_agent
@@ -424,6 +425,10 @@ class RedditController(BaseController):
#check if user-agent needs a dose of rate-limiting
ratelimit_agents()
+ # the domain has to be set before Cookies get initialized
+ set_subreddit()
+ set_cnameframe()
+
# populate c.cookies
c.cookies = Cookies()
for k,v in request.cookies.iteritems():
@@ -458,11 +463,9 @@ class RedditController(BaseController):
#set_browser_langs()
set_host_lang()
- set_subreddit()
set_content_type()
set_iface_lang()
set_content_lang()
- set_cnameframe()
# set some environmental variables in case we hit an abort
if not isinstance(c.site, FakeSubreddit):
diff --git a/r2/r2/lib/pages/pages.py b/r2/r2/lib/pages/pages.py
index 84acc13d5..5027b917a 100644
--- a/r2/r2/lib/pages/pages.py
+++ b/r2/r2/lib/pages/pages.py
@@ -92,7 +92,8 @@ class Reddit(Wrapped):
#c.subredditbox is set by VSRMask
self.subreddit_sidebox = False
- if c.subreddit_sidebox:
+ #don't show the sidebox on cnames
+ if c.subreddit_sidebox and not c.cname:
self.subreddit_sidebox = True
self.subreddit_checkboxes = c.site == Default
@@ -101,7 +102,6 @@ class Reddit(Wrapped):
else:
self._content = content
-
self.toolbars = self.build_toolbars()
def rightbox(self):
@@ -112,7 +112,8 @@ class Reddit(Wrapped):
if not c.user_is_loggedin and self.loginbox:
ps.append(LoginFormWide())
- if not isinstance(c.site, FakeSubreddit):
+ #don't show the subreddit info bar on cnames
+ if not isinstance(c.site, FakeSubreddit) and not c.cname:
ps.append(SubredditInfoBar())
if self.subreddit_sidebox:
@@ -179,7 +180,8 @@ class Reddit(Wrapped):
NamedButton("blog", False, nocname=True)]
if c.user_is_loggedin:
- buttons += [NamedButton("logout", False, nocname=True,
+ buttons += [NamedButton("logout", False,
+ nocname=not c.authorized_cname,
target = "_self")]
return NavMenu(buttons, base_path = "/", type = "flatlist")
diff --git a/r2/r2/templates/base.html b/r2/r2/templates/base.html
index e979dfc05..29c5ed2a3 100644
--- a/r2/r2/templates/base.html
+++ b/r2/r2/templates/base.html
@@ -49,7 +49,7 @@
var cnameframe = ${'true' if c.cname else 'false'};
var modhash = ${"'%s'" % c.modhash or "false"};
var cur_domain = "${get_domain(cname = True, subreddit = False) if c.frameless_cname else g.domain}";
- var ajax_domain = "${g.domain}";
+ var ajax_domain = "${get_domain(cname = True, subreddit = False) if c.authorized_cname else g.domain}";
diff --git a/r2/r2/templates/redditfooter.html b/r2/r2/templates/redditfooter.html
index 1894805ff..009739e57 100644
--- a/r2/r2/templates/redditfooter.html
+++ b/r2/r2/templates/redditfooter.html
@@ -46,7 +46,7 @@
%if g.tracker_url:
})
%endif
- %if c.frameless_cname:
+ %if c.frameless_cname and not c.authorized_cname:
<%
u = UrlParser("http://%s/%s" % (get_domain(cname = True, subreddit = False), request.path))
u.update_query(**request.get)
diff --git a/r2/r2/templates/sharelink.html b/r2/r2/templates/sharelink.html
index 30466d0f1..9d37adadf 100644
--- a/r2/r2/templates/sharelink.html
+++ b/r2/r2/templates/sharelink.html
@@ -77,7 +77,7 @@
|
|