From 0fbe1eb9bf95c456f68b758270ad158aa39a42b0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Laura=20Kl=C3=BCnder?= <laura@codingcatgirl.de>
Date: Tue, 24 Oct 2017 20:05:47 +0200
Subject: [PATCH] hash tile etag to prevent information disclosure

---
 src/c3nav/mapdata/views.py |  6 +++++-
 src/c3nav/settings.py      | 14 ++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/src/c3nav/mapdata/views.py b/src/c3nav/mapdata/views.py
index 83c1fbd9..3f886643 100644
--- a/src/c3nav/mapdata/views.py
+++ b/src/c3nav/mapdata/views.py
@@ -1,8 +1,10 @@
+import hashlib
 import os
 
 from django.conf import settings
 from django.core.cache import cache
 from django.core.exceptions import PermissionDenied
+from django.core.signing import b64_encode
 from django.http import Http404, HttpResponse, HttpResponseNotModified
 from django.shortcuts import get_object_or_404
 from shapely.geometry import box
@@ -43,7 +45,9 @@ def tile(request, level, zoom, x, y, format):
     update_cache_key = renderer.update_cache_key
 
     # check browser cache
-    etag = tile_cache_key
+    etag = b64_encode(hashlib.sha256(
+        ('%d-%d-%d-%d:%s:%s' % (level, zoom, x, y, tile_cache_key, settings.SECRET_TILE_KEY)).encode()
+    ).digest())
     if_none_match = request.META.get('HTTP_IF_NONE_MATCH')
     if if_none_match == etag:
         return HttpResponseNotModified()
diff --git a/src/c3nav/settings.py b/src/c3nav/settings.py
index 6c44d37f..29082189 100644
--- a/src/c3nav/settings.py
+++ b/src/c3nav/settings.py
@@ -55,6 +55,20 @@ else:
             os.chown(SECRET_FILE, os.getuid(), os.getgid())
             f.write(SECRET_KEY)
 
+if config.has_option('c3nav', 'tile_secret'):
+    SECRET_TILE_KEY = config.get('c3nav', 'tile_secret')
+else:
+    SECRET_TILE_FILE = os.path.join(DATA_DIR, '.tile_secret')
+    if os.path.exists(SECRET_TILE_FILE):
+        with open(SECRET_TILE_FILE, 'r') as f:
+            SECRET_TILE_KEY = f.read().strip()
+    else:
+        SECRET_TILE_KEY = get_random_string(50, string.printable)
+        with open(SECRET_TILE_FILE, 'w') as f:
+            os.chmod(SECRET_TILE_FILE, 0o600)
+            os.chown(SECRET_TILE_FILE, os.getuid(), os.getgid())
+            f.write(SECRET_TILE_KEY)
+
 # Adjustable settings
 
 debug_fallback = "runserver" in sys.argv