refactor: remove referer checks, as they are no longer needed (replaced by csrf tokens) (#3432)

19 files changed, 0 insertions, 79 deletions

diff --git a/app/FreshRSS.php b/app/FreshRSS.php
index fe55427c0..8a9a85213 100644
--- a/app/FreshRSS.php
+++ b/app/FreshRSS.php
@@ -65,16 +65,6 @@ class FreshRSS extends Minz_FrontController {
 	private static function initAuth() {
 		FreshRSS_Auth::init();
 		if (Minz_Request::isPost()) {
-			if (!is_referer_from_same_domain()) {
-				// Basic protection against XSRF attacks
-				FreshRSS_Auth::removeAccess();
-				$http_referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
-				self::initI18n();
-				Minz_Error::error(403, array('error' => array(
-						_t('feedback.access.denied'),
-						' [HTTP_REFERER=' . htmlspecialchars($http_referer, ENT_NOQUOTES, 'UTF-8') . ']'
-					)));
-			}
 			if (!(FreshRSS_Auth::isCsrfOk() ||
 				(Minz_Request::controllerName() === 'auth' && Minz_Request::actionName() === 'login') ||
 				(Minz_Request::controllerName() === 'user' && Minz_Request::actionName() === 'create' && !FreshRSS_Auth::hasAccess('admin')) ||
diff --git a/app/i18n/cz/install.php b/app/i18n/cz/install.php
index cebad4aee..5bd8ee872 100644
--- a/app/i18n/cz/install.php
+++ b/app/i18n/cz/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Nemáte PHP fileinfo (balíček fileinfo).',
 			'ok' => 'Máte rozšíření fileinfo.',
 		),
-		'http_referer' => array(
-			'nok' => 'Zkontrolujte prosím že neměníte HTTP REFERER.',
-			'ok' => 'Váš HTTP REFERER je znám a odpovídá Vašemu serveru.',
-		),
 		'json' => array(
 			'nok' => 'Pro parsování JSON chybí doporučená knihovna.',
 			'ok' => 'Máte doporučenou knihovnu pro parsování JSON.',
diff --git a/app/i18n/de/install.php b/app/i18n/de/install.php
index 8aad28ad2..c510b9044 100644
--- a/app/i18n/de/install.php
+++ b/app/i18n/de/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Ihnen fehlt PHP fileinfo (Paket fileinfo).',
 			'ok' => 'Sie haben die fileinfo-Erweiterung.',
 		),
-		'http_referer' => array(
-			'nok' => 'Bitte stellen Sie sicher, dass Sie Ihren HTTP REFERER nicht abändern.',
-			'ok' => 'Ihr HTTP REFERER ist bekannt und entspricht Ihrem Server.',
-		),
 		'json' => array(
 			'nok' => 'Ihnen fehlt eine empfohlene Bibliothek um JSON zu parsen.',
 			'ok' => 'Sie haben eine empfohlene Bibliothek um JSON zu parsen.',
diff --git a/app/i18n/en-us/install.php b/app/i18n/en-us/install.php
index 6808a8c77..86d6c5ec3 100644
--- a/app/i18n/en-us/install.php
+++ b/app/i18n/en-us/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Cannot find the PHP fileinfo library (fileinfo package).',
 			'ok' => 'You have the fileinfo library.',
 		),
-		'http_referer' => array(
-			'nok' => 'Please check that you are not altering your HTTP REFERER.',
-			'ok' => 'Your HTTP REFERER is known and corresponds to your server.',
-		),
 		'json' => array(
 			'nok' => 'Cannot find the recommended library to parse JSON.',
 			'ok' => 'You have the recommended library to parse JSON.',
diff --git a/app/i18n/en/install.php b/app/i18n/en/install.php
index b06e47bb2..b69769ac8 100644
--- a/app/i18n/en/install.php
+++ b/app/i18n/en/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Cannot find the PHP fileinfo library (fileinfo package).',
 			'ok' => 'You have the fileinfo library.',
 		),
-		'http_referer' => array(
-			'nok' => 'Please check that you are not altering your HTTP REFERER.',
-			'ok' => 'Your HTTP REFERER is known and corresponds to your server.',
-		),
 		'json' => array(
 			'nok' => 'Cannot find the recommended library to parse JSON.',
 			'ok' => 'You have the recommended library to parse JSON.',
diff --git a/app/i18n/es/install.php b/app/i18n/es/install.php
index fe4538cb5..fe65aee63 100755
--- a/app/i18n/es/install.php
+++ b/app/i18n/es/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'No se ha podido localizar la librería PHP fileinfo (paquete fileinfo).',
 			'ok' => 'Dispones de la librería fileinfo.',
 		),
-		'http_referer' => array(
-			'nok' => 'Por favor, comprueba que no estás alterando tu configuración HTTP REFERER.',
-			'ok' => 'La configuración HTTP REFERER es conocida y se corresponde con la de tu servidor.',
-		),
 		'json' => array(
 			'nok' => 'No se ha podido localizar la librería para procesar JSON.',
 			'ok' => 'Dispones de la librería recomendada para procesar JSON.',
diff --git a/app/i18n/fr/install.php b/app/i18n/fr/install.php
index c92bd3ca2..938660d0f 100644
--- a/app/i18n/fr/install.php
+++ b/app/i18n/fr/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Vous ne disposez pas de PHP fileinfo (paquet fileinfo).',
 			'ok' => 'Vous disposez de fileinfo.',
 		),
-		'http_referer' => array(
-			'nok' => 'Veuillez vérifier que vous ne modifiez pas votre HTTP REFERER.',
-			'ok' => 'Le HTTP REFERER est connu et semble correspondre à votre serveur.',
-		),
 		'json' => array(
 			'nok' => 'Vous ne disposez pas de l’extension recommendée JSON (paquet php-json).',
 			'ok' => 'Vous disposez de l’extension recommendée JSON.',
diff --git a/app/i18n/he/install.php b/app/i18n/he/install.php
index 1cc289c14..254877a08 100644
--- a/app/i18n/he/install.php
+++ b/app/i18n/he/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Cannot find the PHP fileinfo library (fileinfo package).',	// TODO - Translation
 			'ok' => 'You have the fileinfo library.',	// TODO - Translation
 		),
-		'http_referer' => array(
-			'nok' => 'נא לדבוק שאינך פוגעת ב HTTP REFERER שלך.',
-			'ok' => 'הHTTP REFERER ידוע ותאם לשרת שלך.',
-		),
 		'json' => array(
 			'nok' => 'Cannot find the recommended library to parse JSON.',	// TODO - Translation
 			'ok' => 'You have the recommended library to parse JSON.',	// TODO - Translation
diff --git a/app/i18n/it/install.php b/app/i18n/it/install.php
index 7f5de42d8..36ac3b49e 100644
--- a/app/i18n/it/install.php
+++ b/app/i18n/it/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Manca il supporto per PHP fileinfo (pacchetto fileinfo).',
 			'ok' => 'Estensione fileinfo presente.',
 		),
-		'http_referer' => array(
-			'nok' => 'Per favore verifica che non stai alterando il tuo HTTP REFERER.',
-			'ok' => 'Il tuo HTTP REFERER riconosciuto corrisponde al tuo server.',
-		),
 		'json' => array(
 			'nok' => 'You lack a recommended library to parse JSON.',
 			'ok' => 'You have the recommended library to parse JSON.',	// TODO - Translation
diff --git a/app/i18n/kr/install.php b/app/i18n/kr/install.php
index b0afe532c..fe142a20c 100644
--- a/app/i18n/kr/install.php
+++ b/app/i18n/kr/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'fileinfo 라이브러리를 찾을 수 없습니다 (fileinfo 패키지).',
 			'ok' => 'fileinfo 라이브러리가 설치되어 있습니다.',
 		),
-		'http_referer' => array(
-			'nok' => 'HTTP REFERER가 변경되지 않았는지 확인해주세요.',
-			'ok' => 'HTTP REFERER가 서버와 일치하는 것을 확인했습니다.',
-		),
 		'json' => array(
 			'nok' => 'JSON 확장 기능을 찾을 수 없습니다 (php-json 패키지).',
 			'ok' => 'JSON 확장 기능이 설치되어 있습니다.',
diff --git a/app/i18n/nl/install.php b/app/i18n/nl/install.php
index dcab37fdd..101267e2c 100644
--- a/app/i18n/nl/install.php
+++ b/app/i18n/nl/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'U mist PHP fileinfo (fileinfo package).',
 			'ok' => 'U hebt de fileinfo uitbreiding.',
 		),
-		'http_referer' => array(
-			'nok' => 'Controleer a.u.b. dat u niet uw HTTP REFERER wijzigd.',
-			'ok' => 'Uw HTTP REFERER is bekend en komt overeen met uw server.',
-		),
 		'json' => array(
 			'nok' => 'U mist een benodigede bibliotheek om JSON te gebruiken.',
 			'ok' => 'U hebt de benodigde bibliotheek om JSON te gebruiken.',
diff --git a/app/i18n/oc/install.php b/app/i18n/oc/install.php
index 770b1aebc..c69686f50 100644
--- a/app/i18n/oc/install.php
+++ b/app/i18n/oc/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Avètz pas PHP fileinfo (paquet fileinfo).',
 			'ok' => 'Avètz la bibliotèca fileinfo.',
 		),
-		'http_referer' => array(
-			'nok' => 'Mercés de verificar que modificatz pas vòstre HTTP REFERER.',
-			'ok' => 'Lo HTTP REFERER es conegut e sembla correspondre a vòstre servidor.',
-		),
 		'json' => array(
 			'nok' => 'Impossible de trobar l’extension recomandada JSON (paquet php-json).',
 			'ok' => 'Avètz l’exension recomandada JSON.',
diff --git a/app/i18n/pl/install.php b/app/i18n/pl/install.php
index c8f7c98e3..5017d31ea 100644
--- a/app/i18n/pl/install.php
+++ b/app/i18n/pl/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Cannot find the PHP fileinfo library (fileinfo package).',	// TODO - Translation
 			'ok' => 'You have the fileinfo library.',	// TODO - Translation
 		),
-		'http_referer' => array(
-			'nok' => 'Please check that you are not altering your HTTP REFERER.',	// TODO - Translation
-			'ok' => 'Your HTTP REFERER is known and corresponds to your server.',	// TODO - Translation
-		),
 		'json' => array(
 			'nok' => 'Cannot find the recommended library to parse JSON.',	// TODO - Translation
 			'ok' => 'You have the recommended library to parse JSON.',	// TODO - Translation
diff --git a/app/i18n/pt-br/install.php b/app/i18n/pt-br/install.php
index abb5f6982..82815947e 100644
--- a/app/i18n/pt-br/install.php
+++ b/app/i18n/pt-br/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Não foi possível encontrar a biblioteca fileinfo do PHP (fileinfo).',
 			'ok' => 'Você tem a biblioteca fileinfo.',
 		),
-		'http_referer' => array(
-			'nok' => 'Por favor verifique se você não está alterando o cabeçalho HTTP REFERER.',
-			'ok' => 'O cabeçalho HTTP REFERER é conhecido e corresponde ao seu servidor.',
-		),
 		'json' => array(
 			'nok' => 'Não foi possível encontrar JSON (php-json).',
 			'ok' => 'Você tem a extensão JSON.',
diff --git a/app/i18n/ru/install.php b/app/i18n/ru/install.php
index a8db3f436..064390212 100644
--- a/app/i18n/ru/install.php
+++ b/app/i18n/ru/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'У вас нет расширения PHP fileinfo (пакет fileinfo).',
 			'ok' => 'У вас установлено расширение fileinfo.',
 		),
-		'http_referer' => array(
-			'nok' => 'Убедитесь, что вы не изменяете ваш HTTP REFERER.',
-			'ok' => 'Ваш HTTP REFERER известен и соотвествует вашему серверу.',
-		),
 		'json' => array(
 			'nok' => 'Cannot find the recommended library to parse JSON.',	// TODO - Translation
 			'ok' => 'You have the recommended library to parse JSON.',	// TODO - Translation
diff --git a/app/i18n/sk/install.php b/app/i18n/sk/install.php
index 998119102..785cc2721 100644
--- a/app/i18n/sk/install.php
+++ b/app/i18n/sk/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'Nepodarilo sa nájsť knižniuc PHP fileinfo (balík fileinfo).',
 			'ok' => 'Našla sa knižnica fileinfo.',
 		),
-		'http_referer' => array(
-			'nok' => 'Prosím, skontrolujte, či ste nezmenili váš HTTP REFERER.',
-			'ok' => 'Váš HTTP REFERER je OK.',
-		),
 		'json' => array(
 			'nok' => 'Nepodarilo sa nájsť požadovanú knižnicu na spracovanie formátu JSON.',
 			'ok' => 'Našla sa požadovaná knižnica na spracovanie formátu JSON.',
diff --git a/app/i18n/tr/install.php b/app/i18n/tr/install.php
index e4c9bd10d..4cc63c4f4 100644
--- a/app/i18n/tr/install.php
+++ b/app/i18n/tr/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => 'PHP fileinfo eksik (fileinfo package).',
 			'ok' => 'fileinfo eklentisi sorunsuz.',
 		),
-		'http_referer' => array(
-			'nok' => 'Lütfen HTTP REFERER değiştirmediğinize emin olun.',
-			'ok' => 'HTTP REFERER ve sunucunuz arası iletişim sorunsuz.',
-		),
 		'json' => array(
 			'nok' => 'Tavsiye edilen JSON çözümleme kütüphanesi eksik.',
 			'ok' => 'Tavsiye edilen JSON çözümleme kütüphanesi sorunsuz.',
diff --git a/app/i18n/zh-cn/install.php b/app/i18n/zh-cn/install.php
index fa6fd9f90..67b88f336 100644
--- a/app/i18n/zh-cn/install.php
+++ b/app/i18n/zh-cn/install.php
@@ -60,10 +60,6 @@ return array(
 			'nok' => '找不到 PHP fileinfo 库（fileinfo）',
 			'ok' => '已找到 fileinfo 库',
 		),
-		'http_referer' => array(
-			'nok' => '请检查你是否修改了 HTTP REFERER',
-			'ok' => '你的 HTTP REFERER 已知且与服务器一致',
-		),
 		'json' => array(
 			'nok' => '找不到推荐的 JSON 解析库',
 			'ok' => '已找到推荐的 JSON 解析库',
diff --git a/app/install.php b/app/install.php
index 366fa9a36..a156027e4 100644
--- a/app/install.php
+++ b/app/install.php
@@ -418,7 +418,6 @@ function printStep1() {
 	printStep1Template('tmp', $res['tmp'], [TMP_PATH, $processUsername]);
 	printStep1Template('users', $res['users'], [USERS_PATH, $processUsername]);
 	printStep1Template('favicons', $res['favicons'], [DATA_PATH . '/favicons', $processUsername]);
-	printStep1Template('http_referer', $res['http_referer']);
 	?>
 
 	<?php if (freshrss_already_installed() && $res['all'] == 'ok') { ?>