From cdac1cc5aaa97d3bda16c9f2682f74560ab9b244 Mon Sep 17 00:00:00 2001 From: Arndt Brenschede Date: Wed, 26 May 2021 08:36:52 +0200 Subject: [PATCH] spam heuristics --- .../main/java/btools/server/RouteServer.java | 20 +++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/brouter-server/src/main/java/btools/server/RouteServer.java b/brouter-server/src/main/java/btools/server/RouteServer.java index 26ccfd3..7125dc8 100644 --- a/brouter-server/src/main/java/btools/server/RouteServer.java +++ b/brouter-server/src/main/java/btools/server/RouteServer.java @@ -87,6 +87,7 @@ public class RouteServer extends Thread implements Comparable String agent = null; String encodings = null; String xff = null; // X-Forwarded-For + String referer = null; // more headers until first empty line for(;;) @@ -120,6 +121,14 @@ public class RouteServer extends Thread implements Comparable { xff = line.substring( "x-forwarded-for: ".length() ); } + if ( line.startsWith( "Referer: " ) ) + { + referer = line.substring( "Referer: ".length() ); + } + if ( line.startsWith( "Referrer: " ) ) + { + referer = line.substring( "Referrer: ".length() ); + } } InetAddress ip = clientSocket.getInetAddress(); @@ -149,6 +158,17 @@ public class RouteServer extends Thread implements Comparable } } + if ( referer != null && referer.indexOf( "brouter.de/brouter-web" ) >= 0 ) + { + if ( getline.indexOf( "%7C" ) >= 0 && getline.indexOf( "%2C" ) >= 0 ) + { + writeHttpHeader( bw, HTTP_STATUS_FORBIDDEN ); + bw.write( "Spam? please stop" ); + bw.flush(); + return; + } + } + if ( getline.startsWith("GET /favicon.ico") ) { writeHttpHeader( bw, HTTP_STATUS_NOT_FOUND );