yume/yumechi-no-kuni-proxy-worker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Update loop detection to reflect latest information

Browse source 
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
This commit is contained in:
ゆめ 2024-12-21 10:55:29 -06:00
parent aff0fec58f
commit e96a8511b3
No known key found for this signature in database
1 changed files with 13 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
src/fetch/mod.rs
View file

@ -69,10 +69,19 @@ impl IncomingInfo {
return true; return true;
} }
// defense against upstream // defense against known looping user agents
if self.user_agent.contains("Misskey/") || //
// Purposefully typoed // we do not consider whether there is a Via header or not because
// https://raw.githubusercontent.com/backrunner/misskey-media-proxy-worker/refs/heads/main/wrangler.toml // many legitimate CDNs and reverse proxies add their own Via before reaching us
// and that does not mean when the request is sent back to them the loop will be detected
// and next time it hit us again we will have no idea it's looping since the Via is stripped again
if self.user_agent.contains("Misskey/") {
return true;
}
// proxies that are once vulnerable but now fixed
if !self.via.contains("misskey-media-proxy-worker") &&
// Purposefully typoed to match the vulnerable version
self.user_agent.contains("Edg/119.0.2109.1") self.user_agent.contains("Edg/119.0.2109.1")
{ {
return true; return true;