From 10eb0b1a7513b7ec8900d0a5f79925af73356c14 Mon Sep 17 00:00:00 2001
From: wvffle <funkwhale@wvffle.net>
Date: Sat, 2 Jul 2022 11:07:59 +0000
Subject: [PATCH] Fix 'Referer checking failed - Referer is insecure while host
 is secure'

---
 .env.dev              |  2 +-
 .gitpod.yml           | 15 +++++++++++----
 .gitpod/init_actor.py | 13 ++++++-------
 3 files changed, 18 insertions(+), 12 deletions(-)

diff --git a/.env.dev b/.env.dev
index 66638d77f..0c81dc506 100644
--- a/.env.dev
+++ b/.env.dev
@@ -1,4 +1,4 @@
-DJANGO_ALLOWED_HOSTS=.funkwhale.test,localhost,nginx,0.0.0.0,127.0.0.1
+DJANGO_ALLOWED_HOSTS=.funkwhale.test,localhost,nginx,0.0.0.0,127.0.0.1,.gitpod.io
 DJANGO_SETTINGS_MODULE=config.settings.local
 DJANGO_SECRET_KEY=dev
 C_FORCE_ROOT=true
diff --git a/.gitpod.yml b/.gitpod.yml
index f2d328c66..c7c7bba87 100644
--- a/.gitpod.yml
+++ b/.gitpod.yml
@@ -12,8 +12,6 @@ tasks:
       echo "# Gitpod Environment Variables" > .env
       echo "MEDIA_URL=http://localhost:8000/media/" >> .env
       echo "STATIC_URL=http://localhost:8000/staticfiles/" >> .env
-      echo "FUNKWHALE_HOSTNAME=`gp url 8000 | sed 's#https://##'`" >> .env
-      echo "FUNKWHALE_PROTOCOL=https" >> .env
       echo "GITPOD_WORKSPACE_URL=$GITPOD_WORKSPACE_URL" >> .env
       echo "HMR_PORT=8000" >> .env
       echo "VUE_APP_INSTANCE_URL=$VUE_APP_INSTANCE_URL" >> .env
@@ -33,18 +31,27 @@ tasks:
       # Compile frontend locales
       docker-compose run --rm front yarn run i18n-compile
 
-      # Login with cURL to create actors
+      # Start API to let script create an actor
       docker-compose up -d nginx
       gp ports await 8000
 
-      # Import music
+      # Clone music repo
       git clone https://dev.funkwhale.audio/funkwhale/catalog.git
       sudo mv catalog/music data
       sudo chown -R root:root data/music
       rm -rf catalog
+
+      # Login with cURL to create actor
       python .gitpod/init_actor.py
+
+      # Import music
+      docker-compose down
+      echo "FUNKWHALE_HOSTNAME=`gp url 8000 | sed 's#https://##'`" >> .env
+      echo "FUNKWHALE_PROTOCOL=https" >> .env
       LIBRARY_ID=`cat .gitpod/create_library.py | docker-compose run --rm -T api python manage.py shell -i python`
       docker-compose run --rm api python manage.py import_files $LIBRARY_ID "/music/" --recursive --noinput --in-place
+
+      # Stop docker
       docker-compose stop
     command: |
       docker-compose up -d nginx
diff --git a/.gitpod/init_actor.py b/.gitpod/init_actor.py
index b6f49af61..e1e64e4af 100644
--- a/.gitpod/init_actor.py
+++ b/.gitpod/init_actor.py
@@ -9,12 +9,11 @@ token = res.cookies['csrftoken']
 
 res = req.post('http://localhost:8000/api/v1/users/login', data={
     'username': 'gitpod',
-    'password': 'gitpod'
-}, headers={
-    'Referer': 'http://localhost:8000/login',
-    'X-CSRFTOKEN': token
+    'password': 'gitpod',
+    'csrfmiddlewaretoken': token,
+    'next': '/api/v1/libraries/?scope=me'
 })
-print(res.status_code)
+print(res.status_code, res.content)
 
-res = req.get('http://localhost:8000/api/v1/libraries/?scope=me')
-print(res.status_code)
\ No newline at end of file
+if res.status_code == 401:
+    exit(1)
\ No newline at end of file