commit 342bdebc4947df5a2c39a7e961362dcd1f8a2afc
parent b81e6292bdf764c9640888d8f9ed7836af2f122d
Author: Christian Grothoff <christian@grothoff.org>
Date: Sun, 31 May 2026 12:14:01 +0200
return 501 if paywall is disabled for /.well-known/paivana endpoint
Diffstat:
6 files changed, 19 insertions(+), 5 deletions(-)
diff --git a/contrib/paywall.en.must b/contrib/paywall.en.must
@@ -99,7 +99,6 @@
errorEl.textContent = JSON.stringify(await res.json());
}
const dest = res.redirected ? res.url : website;
- await waitMs(400);
location.href = dest;
} catch (e) {
console.warn('[paivana] Error trying to confirm payment:', e);
@@ -180,7 +179,7 @@
});
// From here we just poll. Whe the request from polling
- // returns that the order has been paid we show to the
+ // returns that the order has been paid we show to the
// proxy that we hold the nonce and it should return
// us a valid cookie.
while (true) {
@@ -195,7 +194,8 @@
await confirmPayment(info.order_id, talerLink, errorMessageLabel);
} else {
talerLink.textContent = I18N_PAYMENT_CONFIRMED_NO_ORDER;
- await waitMs(3000);
+ const remMs = Math.round(POLL_WAIT_MS - (performance.now() - start));
+ if (remMs > 0) await waitMs(remMs);
location.href = website;
}
return;
@@ -591,7 +591,7 @@ var QRCode;!function(){function a(a){this.mode=c.MODE_8BIT_BYTE,this.data=a,this
<div class="step-body ">
<p class="step-title">
<span>Pay {{default_choice.amount}} or see options</span>
- <svg name="toggle-arrow" data-accordion-icon="" class="arrow" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"><path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="m5 15 7-7 7 7"></path></svg>
+ <svg name="toggle-arrow" data-accordion-icon="" class="arrow" aria-hidden="true" xmlns="http://www.w3.org/2000/svg" width="24" height="24" fill="none" viewBox="0 0 24 24"><path stroke="currentColor" stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="m5 15 7-7 7 7"></path></svg>
</p>
<p class="step-desc">
Your wallet will display the details of the transaction.
diff --git a/src/backend/paivana-httpd.c b/src/backend/paivana-httpd.c
@@ -321,6 +321,7 @@ run (void *cls,
NULL);
PH_ctx = GNUNET_CURL_init (&GNUNET_CURL_gnunet_scheduler_reschedule,
&ctx_rc);
+ GNUNET_assert (NULL != PH_ctx);
if (! PH_no_check)
{
char *merchant_access_token;
diff --git a/src/backend/paivana-httpd_cookie.c b/src/backend/paivana-httpd_cookie.c
@@ -109,7 +109,7 @@ PAIVANA_HTTPD_check_cookie (const char *cookie,
GNUNET_break_op (0);
return false;
}
- a.abs_time.abs_value_us = u * 1000LLU * 1000LLU;
+ a.abs_time = GNUNET_TIME_absolute_from_s (u);
if (GNUNET_TIME_absolute_is_past (a.abs_time))
{
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
diff --git a/src/backend/paivana-httpd_daemon.c b/src/backend/paivana-httpd_daemon.c
@@ -132,6 +132,17 @@ create_response (void *cls,
}
if (rc->is_paivana)
{
+ if (PH_no_check)
+ {
+ /* paywall disabled, 501 */
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Paywall disabled, refusing to respond to %s\n",
+ url);
+ return TALER_MHD_reply_with_error (rc->connection,
+ MHD_HTTP_NOT_IMPLEMENTED,
+ TALER_EC_PAIVANA_PAYWALL_DISABLED,
+ NULL);
+ }
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
"Client POSTed payment, checking validity\n");
if (NULL == rc->hp)
diff --git a/src/backend/paivana-httpd_pay.c b/src/backend/paivana-httpd_pay.c
@@ -277,6 +277,7 @@ order_status_cb (struct PayRequest *ph,
resp = MHD_create_response_from_buffer (0,
NULL,
MHD_RESPMEM_PERSISTENT);
+ GNUNET_assert (NULL != resp);
GNUNET_assert (MHD_YES ==
MHD_add_response_header (resp,
MHD_HTTP_HEADER_SET_COOKIE,
diff --git a/src/backend/paivana-httpd_templates.c b/src/backend/paivana-httpd_templates.c
@@ -626,6 +626,7 @@ PAIVANA_HTTPD_search_templates (struct MHD_Connection *connection,
url = GNUNET_buffer_reap_str (&buf);
redirect = MHD_create_response_from_buffer_static (0,
NULL);
+ GNUNET_assert (NULL != redirect);
GNUNET_break (MHD_YES ==
MHD_add_response_header (redirect,
MHD_HTTP_HEADER_LOCATION,
