From ecc42067ec5e1f85ff8789c823321bd2bb7db602 Mon Sep 17 00:00:00 2001
From: thematdev <thematdev@gmail.com>
Date: Wed, 22 Sep 2021 14:33:53 +0300
Subject: [PATCH 1/5] Fix 404 internal server error

---
 app/__init__.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/__init__.py b/app/__init__.py
index 5632ca3..4908316 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -40,7 +40,8 @@ def render_page(page):
 def get_pandoc_page(page):
     path = f'{PANDOC_PATH}/{page}'
     if not os.path.exists(f'{path}'):
-        abort(404)
+        # TODO: Add 404 handler
+        return 'This page does not exist'
     with open(f'{path}/config.json') as f:
         data = json.loads(f.read())
     if not os.path.exists(f'{path}/render.html') or not os.path.exists(f'{path}/render.html.lock'):

From 227c042642f16a30bb6f2e0dd8f604f02a9995a7 Mon Sep 17 00:00:00 2001
From: thematdev <thematdev@gmail.com>
Date: Mon, 4 Apr 2022 21:43:51 +0300
Subject: [PATCH 2/5] Added list of all pages to prevent some attacks

---
 app/__init__.py | 10 +++++++++-
 app/config.py   |  1 +
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/app/__init__.py b/app/__init__.py
index 4908316..aecd424 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -1,7 +1,7 @@
 from flask import Flask, url_for, render_template, abort
 import os
 import json
-from app.config import PANDOC_LINK, PANDOC_PATH
+from app.config import PANDOC_LINK, PANDOC_PATH, WHITELIST_PATH
 from app.hash_manager import hash_file_sha512
 import subprocess
 
@@ -27,6 +27,10 @@ def dated_url_for(endpoint, **values):
 
 def render_page(page):
     path = f'{PANDOC_PATH}/{page}'
+    whitelist = WHITELIST_PATH
+    with open(whitelist, 'r') as f:
+        if page not in f.readlines():
+            raise Exception("Page doesn't exist!")
     if not os.path.exists(f'{path}'):
         raise Exception("Page doesn't exist!")
     in_filename = f'{path}/main.md'
@@ -39,6 +43,10 @@ def render_page(page):
 @app.route(f'/{PANDOC_LINK}/<page>')
 def get_pandoc_page(page):
     path = f'{PANDOC_PATH}/{page}'
+    whitelist = WHITELIST_PATH
+    with open(whitelist, 'r') as f:
+        if page not in f.readlines():
+            return 'This page does not exist'
     if not os.path.exists(f'{path}'):
         # TODO: Add 404 handler
         return 'This page does not exist'
diff --git a/app/config.py b/app/config.py
index 232863d..b77b5cd 100644
--- a/app/config.py
+++ b/app/config.py
@@ -1,2 +1,3 @@
 PANDOC_LINK = 'page'
 PANDOC_PATH = '/home/thematdev/pandoc_pages'
+WHITELIST_PATH = f'{PANDOC_PATH}/pages'

From dfa71380913c836d3e926899a09d069eed081660 Mon Sep 17 00:00:00 2001
From: thematdev <thematdev@gmail.com>
Date: Mon, 4 Apr 2022 23:14:14 +0300
Subject: [PATCH 3/5] Fix non-working code

---
 app/__init__.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/app/__init__.py b/app/__init__.py
index aecd424..f3f8acb 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -29,7 +29,8 @@ def render_page(page):
     path = f'{PANDOC_PATH}/{page}'
     whitelist = WHITELIST_PATH
     with open(whitelist, 'r') as f:
-        if page not in f.readlines():
+        lines = f.read().splitlines()
+        if page not in lines:
             raise Exception("Page doesn't exist!")
     if not os.path.exists(f'{path}'):
         raise Exception("Page doesn't exist!")
@@ -45,7 +46,9 @@ def get_pandoc_page(page):
     path = f'{PANDOC_PATH}/{page}'
     whitelist = WHITELIST_PATH
     with open(whitelist, 'r') as f:
-        if page not in f.readlines():
+        lines = f.read().splitlines()
+        if page not in lines:
+            print('Access to page not in list {page}')
             return 'This page does not exist'
     if not os.path.exists(f'{path}'):
         # TODO: Add 404 handler

From ec5b288e68f561bc7eb78c968fd19ceb7b87a098 Mon Sep 17 00:00:00 2001
From: thematdev <thematdev@gmail.com>
Date: Mon, 4 Apr 2022 23:16:37 +0300
Subject: [PATCH 4/5] Yet again retarded error

---
 app/__init__.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/__init__.py b/app/__init__.py
index f3f8acb..8ceb349 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -48,7 +48,7 @@ def get_pandoc_page(page):
     with open(whitelist, 'r') as f:
         lines = f.read().splitlines()
         if page not in lines:
-            print('Access to page not in list {page}')
+            print(f'Access to page not in list {page}')
             return 'This page does not exist'
     if not os.path.exists(f'{path}'):
         # TODO: Add 404 handler

From 5cbcfc673f2253cbd2186ffc56ce87f739350bf2 Mon Sep 17 00:00:00 2001
From: thematdev <thematdev@gmail.com>
Date: Mon, 4 Apr 2022 23:20:52 +0300
Subject: [PATCH 5/5] Love f-strings so much

---
 app/__init__.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/__init__.py b/app/__init__.py
index 8ceb349..78df573 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -56,7 +56,7 @@ def get_pandoc_page(page):
     with open(f'{path}/config.json') as f:
         data = json.loads(f.read())
     if not os.path.exists(f'{path}/render.html') or not os.path.exists(f'{path}/render.html.lock'):
-        print('Rendered page or lockfile for {page} does not exist! Rendering {page}')
+        print(f'Rendered page or lockfile for {page} does not exist! Rendering {page}')
         render_page(page)
     else:
         with open(f'{path}/render.html.lock', 'r') as f:
@@ -64,7 +64,7 @@ def get_pandoc_page(page):
         current_hash = hash_file_sha512(f'{path}/main.md')
         if rendered_hash != current_hash:
             print(f'CURRENT: {current_hash}, RENDERED: {rendered_hash}')
-            print('Integrity test failed, rendering {page}!')
+            print(f'Integrity test failed, rendering {page}!')
             render_page(page)
     template = data['template']
     with open(f'{path}/render.html', 'r') as f: