Commit 84967f4d authored by Florent Fourcot's avatar Florent Fourcot

browser: detect HTTPS downgrade

parent 940b9034
......@@ -43,6 +43,8 @@ try:
except ImportError:
raise ImportError('Please install python-requests >= 2.0')
from weboob.exceptions import BrowserHTTPSDowngrade
from weboob.tools.log import getLogger
from weboob.tools.ordereddict import OrderedDict
from weboob.tools.json import json
......@@ -659,6 +661,16 @@ class PagesBrowser(DomainBrowser):
break
if response.page is None:
regexp = r'^(?P<proto>\w+)://.*'
proto_base = re.match(regexp, response.url)
if proto_base:
proto_base = proto_base.group('proto')
proto_resp = re.match(regexp, self.BASEURL).group('proto')
if proto_base == 'https' and proto_resp != 'https':
raise BrowserHTTPSDowngrade()
self.logger.debug('Unable to handle %s' % response.url)
return callback(response)
......
......@@ -55,6 +55,10 @@ class BrowserHTTPError(BrowserUnavailable):
pass
class BrowserHTTPSDowngrade(BrowserUnavailable):
pass
class BrowserSSLError(BrowserUnavailable):
pass
......
......@@ -32,7 +32,7 @@ from weboob.capabilities.account import CapAccount, Account, AccountRegisterErro
from weboob.core.backendscfg import BackendAlreadyExists
from weboob.core.modules import ModuleLoadError
from weboob.core.repositories import ModuleInstallError, IProgress
from weboob.exceptions import BrowserUnavailable, BrowserIncorrectPassword, BrowserForbidden, BrowserSSLError, BrowserQuestion
from weboob.exceptions import BrowserUnavailable, BrowserIncorrectPassword, BrowserForbidden, BrowserSSLError, BrowserQuestion, BrowserHTTPSDowngrade
from weboob.tools.value import Value, ValueBool, ValueFloat, ValueInt, ValueBackendPassword
from weboob.tools.misc import to_unicode
from weboob.tools.compat import check_output
......@@ -568,6 +568,8 @@ class ConsoleApplication(Application):
self.load_backends(names=[backend.name])
elif isinstance(error, BrowserSSLError):
print(u'FATAL(%s): ' % backend.name + self.BOLD + '/!\ SERVER CERTIFICATE IS INVALID /!\\' + self.NC, file=self.stderr)
elif isinstance(error, BrowserHTTPSDowngrade):
print(u'FATAL(%s): ' % backend.name + 'Downgrade from HTTPS to HTTP')
elif isinstance(error, BrowserForbidden):
msg = unicode(error)
print(u'Error(%s): %s' % (backend.name, msg or 'Forbidden'), file=self.stderr)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment