Add contact antispam and fix gallery video playback.

English-only messages, rate limiting, min fill time, and normalized email validation; improve modal video serving with posters, correct MIME types, and no gzip on gallery media. Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-04 00:38:48 +12:00
parent a9095727bf
commit 6c215d40e6
16 changed files with 385 additions and 16 deletions
--- a/app/internal/handlers/contact_antispam.go
+++ b/app/internal/handlers/contact_antispam.go
@@ -0,0 +1,50 @@
+package handlers
+
+import (
+	"net"
+	"net/http"
+	"strconv"
+	"strings"
+	"time"
+)
+
+const contactSeenCookie = "tk_contact_seen"
+
+func clientIP(r *http.Request) string {
+	if xff := r.Header.Get("X-Forwarded-For"); xff != "" {
+		if i := strings.Index(xff, ","); i >= 0 {
+			xff = xff[:i]
+		}
+		if ip := strings.TrimSpace(xff); ip != "" {
+			return ip
+		}
+	}
+	host, _, err := net.SplitHostPort(r.RemoteAddr)
+	if err != nil {
+		return r.RemoteAddr
+	}
+	return host
+}
+
+func setContactFormSeen(w http.ResponseWriter) {
+	http.SetCookie(w, &http.Cookie{
+		Name:     contactSeenCookie,
+		Value:    strconv.FormatInt(time.Now().Unix(), 10),
+		Path:     "/",
+		HttpOnly: true,
+		SameSite: http.SameSiteLaxMode,
+		MaxAge:   int((10 * time.Minute).Seconds()),
+	})
+}
+
+func contactFormSeenUnix(r *http.Request) int64 {
+	c, err := r.Cookie(contactSeenCookie)
+	if err != nil {
+		return 0
+	}
+	v, err := strconv.ParseInt(c.Value, 10, 64)
+	if err != nil {
+		return 0
+	}
+	return v
+}
--- a/app/internal/handlers/handlers.go
+++ b/app/internal/handlers/handlers.go
@@ -3,15 +3,16 @@ package handlers
 import (
 	"log"
 	"net/http"
-	"strings"
 	"sync"
 	"time"

 	"technical.kiwi/website/internal/auth"
 	"technical.kiwi/website/internal/contact"
+	"technical.kiwi/website/internal/contactcheck"
 	"technical.kiwi/website/internal/gallery"
 	"technical.kiwi/website/internal/mail"
 	"technical.kiwi/website/internal/middleware"
+	"technical.kiwi/website/internal/ratelimit"
 	"technical.kiwi/website/templates"
 )

@@ -26,6 +27,7 @@ type Server struct {
 	ContactEnabled bool
 	Auth           auth.Config
 	Sessions       *auth.Sessions
+	contactRL      *ratelimit.IPWindow
 	galleryMu      sync.RWMutex
 }

@@ -59,6 +61,7 @@ func New(imagesDir, staticDir string, mailCfg *mail.Config) (*Server, error) {
 		ContactEnabled: mailCfg != nil,
 		Auth:           authCfg,
 		Sessions:       auth.NewSessions(),
+		contactRL:      ratelimit.NewIPWindow(5, time.Hour),
 	}
 	if authCfg.Enabled {
 		log.Print("admin: enabled at /admin/")
@@ -92,6 +95,9 @@ func (s *Server) snapshot() ([]gallery.Image, gallery.Image, bool) {

 func (s *Server) index(w http.ResponseWriter, r *http.Request) {
 	w.Header().Set("Cache-Control", "no-cache")
+	if s.ContactEnabled {
+		setContactFormSeen(w)
+	}
 	images, hero, hasHero := s.snapshot()
 	templates.Home(images, hero, hasHero, s.ContactEnabled).Render(r.Context(), w)
 }
@@ -107,11 +113,21 @@ func (s *Server) contact(w http.ResponseWriter, r *http.Request) {
 		return
 	}

-	if strings.TrimSpace(r.FormValue("website")) != "" {
+	if contactcheck.SpamHoneypot(r.FormValue(contactcheck.HoneypotField)) {
 		templates.ContactSuccess().Render(r.Context(), w)
 		return
 	}

+	if contactcheck.FormFilledTooFast(contactFormSeenUnix(r), time.Now()) {
+		templates.ContactSuccess().Render(r.Context(), w)
+		return
+	}
+
+	if !s.contactRL.Allow(clientIP(r)) {
+		templates.ContactRateLimited().Render(r.Context(), w)
+		return
+	}
+
 	sub, errs := contact.Parse(
 		r.FormValue("name"),
 		r.FormValue("email"),