yume/yumechi-no-kuni
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 9

continue patching transport layer security
Some checks failed
Lint / pnpm_install (push) Successful in 1m47s
Details
Test (production install and build) / production (22.11.0) (push) Successful in 1m0s
Details
Publish Docker image / Build (push) Successful in 4m34s
Details
Lint / lint (backend) (push) Successful in 2m9s
Details
Lint / lint (frontend) (push) Successful in 2m5s
Details
Lint / lint (frontend-embed) (push) Successful in 1m56s
Details
Test (backend) / unit (22.11.0) (push) Failing after 7m47s
Details
Lint / lint (frontend-shared) (push) Successful in 2m5s
Details
Lint / lint (misskey-bubble-game) (push) Successful in 2m4s
Details
Lint / lint (misskey-js) (push) Successful in 2m2s
Details
Lint / lint (misskey-reversi) (push) Successful in 2m3s
Details
Lint / lint (sw) (push) Successful in 2m9s
Details
Lint / typecheck (backend) (push) Successful in 1m47s
Details
Lint / typecheck (misskey-js) (push) Successful in 1m21s
Details
Lint / typecheck (sw) (push) Successful in 1m25s
Details

Browse source 
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
This commit is contained in:
ゆめ 2024-11-23 11:47:11 -06:00
parent 4b96e03f54
commit 82c80a53a6
No known key found for this signature in database
4 changed files with 25 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
packages/backend/src/core/DownloadService.ts
View file

@ -44,6 +44,14 @@ export class DownloadService {
const maxSize = this.config.maxFileSize; const maxSize = this.config.maxFileSize;
const urlObj = new URL(url); const urlObj = new URL(url);
if (urlObj.protocol && urlObj.protocol !== 'https:') {
throw new Error(`Unsupported protocol: ${urlObj.protocol}, only HTTPS is supported`);
}
urlObj.protocol = 'https:';
if (urlObj.port && urlObj.port !== '443') {
throw new Error(`Unsupported port: ${urlObj.port}, only 443 is supported`);
}
let filename = urlObj.pathname.split('/').pop() ?? 'untitled'; let filename = urlObj.pathname.split('/').pop() ?? 'untitled';
const req = got.stream(url, { const req = got.stream(url, {

3
packages/backend/src/core/HttpRequestService.ts
View file

@ -171,9 +171,10 @@ export class HttpRequestService {
*/ */
@bindThis @bindThis
public getAgentByUrl(url: URL, bypassProxy = false): https.Agent { public getAgentByUrl(url: URL, bypassProxy = false): https.Agent {
if (url.protocol !== 'https:') { if (url.protocol && url.protocol !== 'https:') {
throw new Error('Invalid protocol'); throw new Error('Invalid protocol');
} }
url.protocol = 'https:';
if (url.port && url.port !== '443') { if (url.port && url.port !== '443') {
throw new Error('Invalid port'); throw new Error('Invalid port');
} }

4
packages/backend/src/core/activitypub/ApResolverService.ts
View file

@ -64,7 +64,7 @@ export class Resolver {
public async resolveCollection(value: string | IObject): Promise<ICollection | IOrderedCollection> { public async resolveCollection(value: string | IObject): Promise<ICollection | IOrderedCollection> {
const collection = typeof value === 'string' const collection = typeof value === 'string'
? await this.resolve(value) ? await this.resolve(value)
: value; : yumeNormalizeObject(value);
if (isCollectionOrOrderedCollection(collection)) { if (isCollectionOrOrderedCollection(collection)) {
return collection; return collection;
@ -74,7 +74,7 @@ export class Resolver {
} }
@bindThis @bindThis
public async resolveNotNormalized(value: string | IObject): Promise<IUnsanitizedObject> { private async resolveNotNormalized(value: string | IObject): Promise<IUnsanitizedObject> {
if (typeof value !== 'string') { if (typeof value !== 'string') {
return value; return value;
} }

19
packages/backend/src/core/activitypub/type.ts
View file

@ -103,26 +103,33 @@ export function yumeNormalizeRecursive<O extends IUnsanitizedObject | string | (
if (object.length > 64) { if (object.length > 64) {
throw new bull.UnrecoverableError('array length limit exceeded'); throw new bull.UnrecoverableError('array length limit exceeded');
} }
return object.flatMap(yumeNormalizeRecursive); return object.flatMap((x) => yumeNormalizeRecursive(x, depth + (object.length + 3 / 4)));
} }
return yumeNormalizeObject(object); return yumeNormalizeObject(object, depth + 1);
} }
export function yumeNormalizeObject(object: IUnsanitizedObject): IObject { export function yumeNormalizeObject(object: IUnsanitizedObject, depth = 0): IObject {
if (object.cc) { if (object.cc) {
object.cc = yumeNormalizeRecursive(object.cc); object.cc = yumeNormalizeRecursive(object.cc, depth + 1);
} }
if (object.id) { if (object.id) {
object.id = yumeNormalizeURL(object.id); object.id = yumeNormalizeURL(object.id);
} }
if (object.url) { if (object.url) {
object.url = yumeNormalizeRecursive(object.url); object.url = yumeNormalizeRecursive(object.url, depth + 1);
}
if (object.replies) {
object.replies.first = object.replies.first ?
typeof object.replies.first === 'string' ? yumeNormalizeURL(object.replies.first) : yumeNormalizeObject(object.replies.first, depth + 1) : undefined;
object.replies.items = object.replies.items ?
typeof object.replies.items === 'string' ? yumeNormalizeURL(object.replies.items) : yumeNormalizeRecursive(object.replies.items, depth + 1) : undefined;
} }
if (object.inReplyTo) { if (object.inReplyTo) {
object.inReplyTo = yumeNormalizeRecursive(object.inReplyTo); object.inReplyTo = yumeNormalizeRecursive(object.inReplyTo, depth + 1);
} }
return object as IObject; return object as IObject;