add setting ALLOW_NON_HTTP_URL_SCHEMES (default false)

- adds ability to enable app url scheems

changelog.md

@@ -1,3 +1,6 @@
+__v0.0.13__
+add setting ALLOW_NON_HTTP_URL_SCHEMES (default false)
+
 __v0.0.12__
 update to ghc9
 

config/settings.yml

@@ -43,3 +43,5 @@ archive-socks-proxy-port: "_env:ARCHIVE_SOCKS_PROXY_PORT"
 source-code-uri: "_env:SOURCE_CODE_URI:https://github.com/jonschoning/espial"
 
 ssl-only: "_env:SSL_ONLY" # false
+
+allow-non-http-url-schemes: "_env:ALLOW_NON_HTTP_URL_SCHEMES:false"

docker-compose.yml

@@ -13,8 +13,10 @@ services:
     environment:
       - IP_FROM_HEADER=true
       - SQLITE_DATABASE=/app/data/espial.sqlite3
-      # - DETAILED_LOGGING=true
-      # - SHOULD_LOG_ALL=true
+      # - SSL_ONLY=false
+      # - DETAILED_LOGGING=false
+      # - SHOULD_LOG_ALL=false
       # - ARCHIVE_SOCKS_PROXY_HOST=localhost 
       # - ARCHIVE_SOCKS_PROXY_PORT=8888
       # - SOURCE_CODE_URI=https://github.com/jonschoning/espial
+      # - ALLOW_NON_HTTP_URL_SCHEMES=false

espial.cabal

@@ -5,7 +5,7 @@ cabal-version: 1.12
 -- see: https://github.com/sol/hpack
 
 name:           espial
-version:        0.0.12
+version:        0.0.13
 synopsis:       Espial is an open-source, web-based bookmarking server.
 description:    .
                 Espial is an open-source, web-based bookmarking server.

package.yaml

@@ -1,6 +1,6 @@
 name:    espial
 synopsis: Espial is an open-source, web-based bookmarking server.
-version: "0.0.12"
+version: "0.0.13"
 description: ! '
 
   Espial is an open-source, web-based bookmarking server.

src/Handler/Add.hs

@@ -68,16 +68,17 @@ postAddR = do
 _handleFormSuccess :: BookmarkForm -> Handler (UpsertResult (Key Bookmark))
 _handleFormSuccess bookmarkForm = do
   (userId, user) <- requireAuthPair
-  case (parseRequest . unpack . _url) bookmarkForm of
-    Nothing -> pure $ Failed "Invalid URL"
-    Just _ -> do
+  appSettings <- appSettings <$> getYesod
+  case (appAllowNonHttpUrlSchemes appSettings, (parseRequest . unpack . _url) bookmarkForm) of
+    (False, Nothing) -> pure $ Failed "Invalid URL"
+    (_, _) -> do
       let mkbid = BookmarkKey <$> _bid bookmarkForm
           tags = maybe [] (nub . words . T.replace "," " ") (_tags bookmarkForm)
       bm <- liftIO $ _toBookmark userId bookmarkForm
       res <- runDB (upsertBookmark userId mkbid bm tags)
       forM_ (maybeUpsertResult res) $ \kbid ->
         whenM (shouldArchiveBookmark user kbid) $
-          void $ async (archiveBookmarkUrl kbid (unpack (bookmarkHref bm)))
+        void $ async (archiveBookmarkUrl kbid (unpack (bookmarkHref bm)))
       pure res
 
 postLookupTitleR :: Handler ()

src/Settings.hs

@@ -66,6 +66,8 @@ data AppSettings = AppSettings
     -- ^ Uri to app source code
 
     , appSSLOnly :: Bool
+
+    , appAllowNonHttpUrlSchemes :: Bool
     }
 
 instance FromJSON AppSettings where
@@ -102,6 +104,8 @@ instance FromJSON AppSettings where
 
         appSSLOnly                 <- fromMaybe False <$> o .:? "ssl-only"
 
+        appAllowNonHttpUrlSchemes  <- fromMaybe False <$> o .:? "allow-non-http-url-schemes"
+
         return AppSettings {..}
 
 -- | Settings for 'widgetFile', such as which template languages to support and