6jI!UdZddlZddlZddlZddlmZddlmZmZm Z ddl m Z m Z ddl mZmZejeZdZeZeed<d Zd Zd Zd Zd ZddddddddddddddddZhdZde efdZd edefd!Z d"ede!fd#Z"d$edeefd%Z#deee$ffd&Z%d'edefd(Z&d)ede!fd*Z'de!fd+Z(de!fd,Z)dS)-aOpt-in WebUI extension hooks. This module intentionally provides a small, self-hosted extension surface: configured same-origin script/style injection plus sandboxed static file serving. It is disabled by default and never executes or fetches third-party URLs. N)Path)DictListOptional)unquoteurlsplit)_security_headersj _warned_urls /extensions/HERMES_WEBUI_EXTENSION_DIR"HERMES_WEBUI_EXTENSION_SCRIPT_URLS&HERMES_WEBUI_EXTENSION_STYLESHEET_URLS)r z/static/text/cssapplication/javascript text/html image/svg+xmlz image/pngz image/jpegz image/x-iconz image/gifz image/webpz font/woffz font/woff2zfont/ttfzfont/otfzapplication/wasm)cssjshtmlsvgpngjpgjpegicogifwebpwoffwoff2ttfotfwasm>rr text/plainrrreturnc tjtd}|sdSt |}|r|sdS|S)zReturn the configured extension directory, or None when disabled. A missing or non-directory path disables extensions instead of failing open. The startup docs encourage users to point this at a directory they control. N) osgetenv_EXTENSION_DIR_ENVstripr expanduserresolveexistsis_dir)rawroots $/root/hermes-webui/api/extensions.py_extension_rootr37s{ )& + + 1 1 3 3C t 99   ! ! ) ) + +D ;;== t Kpathcd|}tdD]}t|}||kr|cS|}|S)abDecode percent-encoding until stable so encoded dot-segments cannot hide. Iterates up to 10 times so even quadruple-encoded inputs like ``%2525252e%2525252e`` collapse to literal ``..`` and are rejected by the segment-level safety check downstream. URL strings stabilize in fewer than 5 iterations in practice; the cap is defensive. )ranger)r5previous_currents r2_fully_unquote_pathr<FsKH 2YY(## h  NNN Or4valuecrtfddDrdSt}|js|js|jrdSt |jtfdtDsdStD]=}|r&tt|dcS>dS)zAllow only same-origin extension/static asset URLs. External schemes, protocol-relative URLs, fragments, arbitrary API paths, and encoded traversal are rejected so enabling extensions does not require loosening the CSP. c3 K|]}|vV dSN).0chr=s r2 z%_is_safe_asset_url..^s']]e ]]]]]]r4)  "'<>\Fc3BK|]}|VdSr@) startswith)rBprefix decoded_paths r2rDz%_is_safe_asset_url..es1UU6|&&v..UUUUUUr4N) anyrschemenetlocfragmentr<r5_ALLOWED_ASSET_PREFIXESrN_is_safe_relative_pathlen)r=parsedrOrPs` @r2_is_safe_asset_urlrYWs C]]]].\]]]]]u e__F } u&v{33L UUUU=TUUU U Uu)GG  " "6 * * G),s6{{}}*EFF F F F G 5r4env_namectj|d}g}|dD]}|}|st |rt||t |tkrF|tvr;t |t d|tnA|tvr6t |t d|||S)Nr',z-Extension URL list %s truncated at %d entrieszmRejected extension URL %r from %s (not a same-origin /extensions/ or /static/ path, or contains unsafe chars)) r(r)splitr+rYappendrW _MAX_URL_LISTr add_logwarning)rZr0urlsitemr=s r2_read_url_listrens )Hb ! !C D #    e $ $  KK   4yyM))<// $$X...LLG -*, & &   U # # # LLKx    Kr4ctdu}|sdggdSdttttdS)zAReturn public extension config without exposing filesystem paths.NF)enabled script_urlsstylesheet_urlsT)r3re_EXTENSION_SCRIPT_URLS_ENV_EXTENSION_STYLESHEET_URLS_ENV)rgs r2get_extension_configrlsUt+G L KKK%&@AA)*HII  r4 index_htmlct}|ds|S|}d|dD}d|dD}|r>d}d|dz}||vr||||zd}n||z}|rAd }d|dz}||vr||||zd}n|dz|z}|S) zInject configured extension tags into the app shell. Tags are inserted only when the extension directory is enabled. URLs are escaped even though they are already validated, keeping the renderer robust if validation rules evolve later. rgc`g|]+}dtj|d,S)z!TquoteformatrescaperBurls r2 z)inject_extension_tags..sE  ,224;s$3O3O3OPPr4ric`g|]+}dtj|d,S)z Trprrrus r2rwz)inject_extension_tags..sE  +11$+c2N2N2NOOr4rhzrGz)rljoinreplace)rmconfigresultstylesheet_tags script_tags head_markerblock body_markers r2inject_extension_tagsrs " # #F )  F+,O-(K $  /**T1 & ^^K1DaHHFFV^F+  +&&- & ^^K1DaHHFFd]U*F Mr4relc|rd|vsd|vrdS|dD] }|r|dvs|drdS!dS)NrErLF/).z..rT)r]rN)rsegments r2rVrVsn &C--43;;u99S>> '[00G4F4Fs4K4K0551 4r4c.t|ddiddS)Nerrorz not foundi)statusT)r )handlers r2 _not_foundrs!g%c2222 4r4ctt}|t|St|jt t d}t |st|S||z } ||n#t$rt|cYSwxYw| r| st|St |jdd}|t"vrd|n|} |}n#t($rt|cYSwxYw|d|d||dd|d t/t |t1|||j|d S) aServe a file from the configured extension directory. The function always returns True for /extensions/* requests: either a file response or a 404. It never reveals why a request failed, which avoids leaking local paths or extension configuration details. Nrr$z{}; charset=utf-8z Content-Typez Cache-Controlzno-storezContent-LengthT)r3rrr5rWEXTENSION_ROUTE_PREFIXrVr- relative_to ValueErrorr.is_file_EXTENSION_MIMEgetsuffixlowerlstrip_TEXT_MIME_TYPESrs read_bytesOSError send_response send_headerstrr end_headerswfilewrite)rrXr1r static_filect ct_headerr0s r2serve_extension_staticrs7   D |'""" &+c"899;;< = =C !# & &#'"""#:&&((K#%%%% ###'"""""#     #{':':'<'<#'"""   [/5577>>sCC\ R RB248H2H2H#**2...bI#$$&& ###'"""""# #  222 444 (#c#hh--888g  M 4s$BB65B6E++FF)*__doc__rloggingr(pathlibrtypingrrr urllib.parserr api.helpersr r getLogger__name__rar_setr __annotations__rr*rjrkrUrrr3rr<boolrYreobjectrlrrVrrrAr4r2rs]  ''''''''''********,,,,,,,,w""  CEE c'1A!I6  "             "fee $    cc"cd.ST#Y@ d3;/    %c%c%%%%P4 &t&&&&&&r4