diff options
| author | AAGaming <aa@mail.catvibers.me> | 2022-08-13 23:58:57 -0400 |
|---|---|---|
| committer | AAGaming <aa@mail.catvibers.me> | 2022-08-13 23:58:57 -0400 |
| commit | 30a538e85e1aa94ef65e5d04bfb4b4885626f258 (patch) | |
| tree | 733f6f4a6e1776e077639409086963613091170f | |
| parent | 84a19203c57190dbffa7ab33ac33b3624ae8975a (diff) | |
| download | decky-loader-30a538e85e1aa94ef65e5d04bfb4b4885626f258.tar.gz decky-loader-30a538e85e1aa94ef65e5d04bfb4b4885626f258.zip | |
FINALLY fix the multiple injections bugv2.0.5-pre.8
| -rw-r--r-- | backend/helpers.py | 5 | ||||
| -rw-r--r-- | backend/main.py | 1 | ||||
| -rw-r--r-- | frontend/src/index.tsx | 1 |
3 files changed, 4 insertions, 3 deletions
diff --git a/backend/helpers.py b/backend/helpers.py index b7f9fba4..8d329560 100644 --- a/backend/helpers.py +++ b/backend/helpers.py @@ -1,6 +1,7 @@ import certifi import ssl import uuid +import re from aiohttp.web import middleware, Response from subprocess import check_output @@ -12,6 +13,8 @@ ssl_ctx = ssl.create_default_context(cafile=certifi.where()) user = None group = None +assets_regex = re.compile("^/plugins/.*/assets/.*") + def get_ssl_context(): return ssl_ctx @@ -20,7 +23,7 @@ def get_csrf_token(): @middleware async def csrf_middleware(request, handler): - if str(request.method) == "OPTIONS" or request.headers.get('Authentication') == csrf_token or str(request.rel_url) == "/auth/token" or str(request.rel_url).startswith("/plugins/load_main/") or str(request.rel_url).startswith("/static/") or str(request.rel_url).startswith("/legacy/") or str(request.rel_url).startswith("/steam_resource/"): + if str(request.method) == "OPTIONS" or request.headers.get('Authentication') == csrf_token or str(request.rel_url) == "/auth/token" or str(request.rel_url).startswith("/plugins/load_main/") or str(request.rel_url).startswith("/static/") or str(request.rel_url).startswith("/legacy/") or str(request.rel_url).startswith("/steam_resource/") or assets_regex.match(str(request.rel_url)): return await handler(request) return Response(text='Forbidden', status='403') diff --git a/backend/main.py b/backend/main.py index b6af4b8f..21d4f5a0 100644 --- a/backend/main.py +++ b/backend/main.py @@ -62,7 +62,6 @@ class PluginManager: self.updater = Updater(self) jinja_setup(self.web_app) - self.web_app.on_startup.append(self.inject_javascript) if CONFIG["chown_plugin_path"] == True: self.web_app.on_startup.append(chown_plugin_dir) self.loop.create_task(self.loader_reinjector()) diff --git a/frontend/src/index.tsx b/frontend/src/index.tsx index 0347388c..694ac667 100644 --- a/frontend/src/index.tsx +++ b/frontend/src/index.tsx @@ -15,7 +15,6 @@ declare global { } (async () => { window.deckyHasLoaded = true; - await sleep(1000); window.deckyAuthToken = await fetch('http://127.0.0.1:1337/auth/token').then((r) => r.text()); window.DeckyPluginLoader?.dismountAll(); |