Stripe: Prevent lost session with firefox tracking protection

2022-10-11 18:04:30 +02:00
parent 7e79fc8b5e
commit 9ed39ab0fa
2 changed files with 23 additions and 11 deletions
--- a/src/pretix/plugins/stripe/payment.py
+++ b/src/pretix/plugins/stripe/payment.py
@@ -649,10 +649,14 @@ class StripeMethod(BasePaymentProvider):

    def redirect(self, request, url):
        if request.session.get('iframe_session', False):
-            signer = signing.Signer(salt='safe-redirect')
            return (
-                build_absolute_uri(request.event, 'plugins:stripe:redirect') + '?url=' +
-                urllib.parse.quote(signer.sign(url))
+                build_absolute_uri(request.event, 'plugins:stripe:redirect') +
+                '?data=' + signing.dumps({
+                    'url': url,
+                    'session': {
+                        'payment_stripe_order_secret': request.session['payment_stripe_order_secret'],
+                    },
+                }, salt='safe-redirect')
            )
        else:
            return str(url)
--- a/src/pretix/plugins/stripe/views.py
+++ b/src/pretix/plugins/stripe/views.py
@@ -35,6 +35,7 @@
 import hashlib
 import json
 import logging
+import urllib.parse

 import requests
 import stripe
@@ -63,7 +64,7 @@ from pretix.control.permissions import (
 )
 from pretix.control.views.event import DecoupleMixin
 from pretix.control.views.organizer import OrganizerDetailViewMixin
-from pretix.multidomain.urlreverse import eventreverse
+from pretix.multidomain.urlreverse import build_absolute_uri, eventreverse
 from pretix.plugins.stripe.forms import OrganizerStripeSettingsForm
 from pretix.plugins.stripe.models import ReferencedStripeObject
 from pretix.plugins.stripe.payment import StripeCC, StripeSettingsHolder
@@ -76,17 +77,24 @@ logger = logging.getLogger('pretix.plugins.stripe')

@xframe_options_exempt
 def redirect_view(request, *args, **kwargs):
-    signer = signing.Signer(salt='safe-redirect')
    try:
-        url = signer.unsign(request.GET.get('url', ''))
+        data = signing.loads(request.GET.get('data', ''), salt='safe-redirect')
    except signing.BadSignature:
        return HttpResponseBadRequest('Invalid parameter')

-    r = render(request, 'pretixplugins/stripe/redirect.html', {
-        'url': url,
-    })
-    r._csp_ignore = True
-    return r
+    if 'go' in request.GET:
+        if 'session' in data:
+            for k, v in data['session'].items():
+                request.session[k] = v
+        return redirect(data['url'])
+    else:
+        params = request.GET.copy()
+        params['go'] = '1'
+        r = render(request, 'pretixplugins/stripe/redirect.html', {
+            'url': build_absolute_uri(request.event, 'plugins:stripe:redirect') + '?' + urllib.parse.urlencode(params),
+        })
+        r._csp_ignore = True
+        return r


@scopes_disabled()