hash tile etag to prevent information disclosure

src/c3nav/mapdata/views.py

@@ -1,8 +1,10 @@
+import hashlib
 import os
 
 from django.conf import settings
 from django.core.cache import cache
 from django.core.exceptions import PermissionDenied
+from django.core.signing import b64_encode
 from django.http import Http404, HttpResponse, HttpResponseNotModified
 from django.shortcuts import get_object_or_404
 from shapely.geometry import box
@@ -43,7 +45,9 @@ def tile(request, level, zoom, x, y, format):
     update_cache_key = renderer.update_cache_key
 
     # check browser cache
-    etag = tile_cache_key
+    etag = b64_encode(hashlib.sha256(
+        ('%d-%d-%d-%d:%s:%s' % (level, zoom, x, y, tile_cache_key, settings.SECRET_TILE_KEY)).encode()
+    ).digest())
     if_none_match = request.META.get('HTTP_IF_NONE_MATCH')
     if if_none_match == etag:
         return HttpResponseNotModified()

src/c3nav/settings.py

@@ -55,6 +55,20 @@ else:
             os.chown(SECRET_FILE, os.getuid(), os.getgid())
             f.write(SECRET_KEY)
 
+if config.has_option('c3nav', 'tile_secret'):
+    SECRET_TILE_KEY = config.get('c3nav', 'tile_secret')
+else:
+    SECRET_TILE_FILE = os.path.join(DATA_DIR, '.tile_secret')
+    if os.path.exists(SECRET_TILE_FILE):
+        with open(SECRET_TILE_FILE, 'r') as f:
+            SECRET_TILE_KEY = f.read().strip()
+    else:
+        SECRET_TILE_KEY = get_random_string(50, string.printable)
+        with open(SECRET_TILE_FILE, 'w') as f:
+            os.chmod(SECRET_TILE_FILE, 0o600)
+            os.chown(SECRET_TILE_FILE, os.getuid(), os.getgid())
+            f.write(SECRET_TILE_KEY)
+
 # Adjustable settings
 
 debug_fallback = "runserver" in sys.argv