From 6481eb54f01fb06d9a268a7b830e37594bf77e52 Mon Sep 17 00:00:00 2001
From: Kieran <kieran@harkin.me>
Date: Fri, 3 Nov 2023 01:13:08 +0900
Subject: [PATCH] Blocked origins

---
 VoidCat/Controllers/DownloadController.cs | 16 ++++++++++++++--
 VoidCat/Model/VoidSettings.cs             |  9 +++++++--
 2 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/VoidCat/Controllers/DownloadController.cs b/VoidCat/Controllers/DownloadController.cs
index 1ddb841..8b1a525 100644
--- a/VoidCat/Controllers/DownloadController.cs
+++ b/VoidCat/Controllers/DownloadController.cs
@@ -111,6 +111,16 @@ public class DownloadController : Controller
 
     private async Task<VoidFileResponse?> SetupDownload(Guid id)
     {
+        var origin = Request.Headers.Origin.FirstOrDefault();
+        if (!string.IsNullOrEmpty(origin) && Uri.TryCreate(origin, UriKind.RelativeOrAbsolute, out var u))
+        {
+            if (_settings.BlockedOrigins.Any(a => string.Equals(a, u.DnsSafeHost, StringComparison.InvariantCultureIgnoreCase)))
+            {
+                Response.StatusCode = (int)HttpStatusCode.Forbidden;
+                return default;
+            }
+        }
+
         var meta = await _fileInfo.Get(id, false);
         if (meta == null)
         {
@@ -181,7 +191,8 @@ public class DownloadController : Controller
             if (order?.Status == PaywallOrderStatus.Paid)
             {
                 return true;
-            } 
+            }
+
             if (order?.Status is PaywallOrderStatus.Unpaid)
             {
                 // check status
@@ -191,10 +202,11 @@ public class DownloadController : Controller
                 {
                     await _paymentOrders.UpdateStatus(order.Id, status.Status);
                 }
+
                 if (status?.Status == PaywallOrderStatus.Paid)
                 {
                     return true;
-                } 
+                }
             }
         }
 
diff --git a/VoidCat/Model/VoidSettings.cs b/VoidCat/Model/VoidSettings.cs
index b03fa1a..3a958c3 100644
--- a/VoidCat/Model/VoidSettings.cs
+++ b/VoidCat/Model/VoidSettings.cs
@@ -11,7 +11,7 @@ namespace VoidCat.Model
         /// Maintenance flag
         /// </summary>
         public bool MaintenanceMode { get; init; } = false;
-        
+
         /// <summary>
         /// Base site url, used for redirect urls
         /// </summary>
@@ -127,11 +127,16 @@ namespace VoidCat.Model
             "udp://tracker.openbittorrent.com:6969/announce",
             "http://tracker.openbittorrent.com:80/announce"
         };
-        
+
         /// <summary>
         /// Lightning node configuration for LNProxy services
         /// </summary>
         public LndConfig? LndConfig { get; init; }
+
+        /// <summary>
+        /// Blocked origin hostnames
+        /// </summary>
+        public List<string> BlockedOrigins { get; init; } = new();
     }
 
     public sealed class TorSettings