Loading backend/src/lib/instance/instanceMeta.ts +12 −4 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ import { NodeInfo } from "../../types/nodeinfo.js"; import { safe_fetch } from "../fetch.js"; import { getNodeInfo } from "../nodeinfo.js"; import { getSafeURL } from "../utils.js"; export interface IInstance { software: { Loading @@ -18,10 +19,12 @@ export interface IInstance { /** * Untrusted URL */ logo_uri?: string; raw_logo_uri?: string; /** * Untrusted URL */ raw_banner_uri?: string; logo_uri?: string; banner_uri?: string; name?: string; }; Loading Loading @@ -87,7 +90,7 @@ export const getInstanceMeta = async ( if (!metaRes) throw new Error(); instance.name = typeof metaRes.title === "string" && metaRes.title; instance.banner_uri = instance.raw_banner_uri = typeof metaRes?.thumbnail?.url === "string" && metaRes.thumbnail.url; break; } Loading @@ -104,10 +107,10 @@ export const getInstanceMeta = async ( instance.name = typeof metaRes.site_view?.site?.name === "string" && metaRes.site_view.site.name; instance.logo_uri = instance.raw_logo_uri = typeof metaRes.site_view?.site?.icon === "string" && metaRes.site_view.site.icon; instance.banner_uri = instance.raw_banner_uri = typeof metaRes.site_view?.site?.banner === "string" && metaRes.site_view.site.banner; break; Loading @@ -117,6 +120,11 @@ export const getInstanceMeta = async ( // ignore meta if failed } if (instance.raw_banner_uri) instance.banner_uri = getSafeURL(instance.raw_banner_uri); if (instance.raw_logo_uri) instance.logo_uri = getSafeURL(instance.raw_logo_uri); return { software, instance, Loading backend/src/lib/instance/userMeta.ts +8 −1 Original line number Diff line number Diff line import { safe_fetch } from "../fetch.js"; import { getSafeURL } from "../utils.js"; /** * Matches as close as possible to standard OpenID claims Loading @@ -25,6 +26,11 @@ export interface IProfile { */ profile?: string; /** * Raw URL to profile picture */ raw_picture?: string; /** * URL to profile picture */ Loading Loading @@ -92,7 +98,8 @@ export const getUserMeta = async ( return { sub: user.join("@"), name: apData.name, picture: apData.icon?.url, raw_picture: apData.icon?.url, picture: getSafeURL(apData.icon?.url), preferred_username: apData.preferredUsername, profile: profilePage, }; Loading backend/src/lib/utils.ts +16 −0 Original line number Diff line number Diff line Loading @@ -55,3 +55,19 @@ export const isInstanceDomainValid = async ( return nodeinfo.protocols.indexOf("activitypub") > -1; }; /** * Get a safe URL * * This restricts the protocol and that's basically it * * This could be improved to proxy all requests * * @param unsafe_url * @returns */ export const getSafeURL = (unsafe_url: string): string | undefined => { if (unsafe_url.indexOf("https://") !== 0) return undefined; return unsafe_url; }; Loading
backend/src/lib/instance/instanceMeta.ts +12 −4 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ import { NodeInfo } from "../../types/nodeinfo.js"; import { safe_fetch } from "../fetch.js"; import { getNodeInfo } from "../nodeinfo.js"; import { getSafeURL } from "../utils.js"; export interface IInstance { software: { Loading @@ -18,10 +19,12 @@ export interface IInstance { /** * Untrusted URL */ logo_uri?: string; raw_logo_uri?: string; /** * Untrusted URL */ raw_banner_uri?: string; logo_uri?: string; banner_uri?: string; name?: string; }; Loading Loading @@ -87,7 +90,7 @@ export const getInstanceMeta = async ( if (!metaRes) throw new Error(); instance.name = typeof metaRes.title === "string" && metaRes.title; instance.banner_uri = instance.raw_banner_uri = typeof metaRes?.thumbnail?.url === "string" && metaRes.thumbnail.url; break; } Loading @@ -104,10 +107,10 @@ export const getInstanceMeta = async ( instance.name = typeof metaRes.site_view?.site?.name === "string" && metaRes.site_view.site.name; instance.logo_uri = instance.raw_logo_uri = typeof metaRes.site_view?.site?.icon === "string" && metaRes.site_view.site.icon; instance.banner_uri = instance.raw_banner_uri = typeof metaRes.site_view?.site?.banner === "string" && metaRes.site_view.site.banner; break; Loading @@ -117,6 +120,11 @@ export const getInstanceMeta = async ( // ignore meta if failed } if (instance.raw_banner_uri) instance.banner_uri = getSafeURL(instance.raw_banner_uri); if (instance.raw_logo_uri) instance.logo_uri = getSafeURL(instance.raw_logo_uri); return { software, instance, Loading
backend/src/lib/instance/userMeta.ts +8 −1 Original line number Diff line number Diff line import { safe_fetch } from "../fetch.js"; import { getSafeURL } from "../utils.js"; /** * Matches as close as possible to standard OpenID claims Loading @@ -25,6 +26,11 @@ export interface IProfile { */ profile?: string; /** * Raw URL to profile picture */ raw_picture?: string; /** * URL to profile picture */ Loading Loading @@ -92,7 +98,8 @@ export const getUserMeta = async ( return { sub: user.join("@"), name: apData.name, picture: apData.icon?.url, raw_picture: apData.icon?.url, picture: getSafeURL(apData.icon?.url), preferred_username: apData.preferredUsername, profile: profilePage, }; Loading
backend/src/lib/utils.ts +16 −0 Original line number Diff line number Diff line Loading @@ -55,3 +55,19 @@ export const isInstanceDomainValid = async ( return nodeinfo.protocols.indexOf("activitypub") > -1; }; /** * Get a safe URL * * This restricts the protocol and that's basically it * * This could be improved to proxy all requests * * @param unsafe_url * @returns */ export const getSafeURL = (unsafe_url: string): string | undefined => { if (unsafe_url.indexOf("https://") !== 0) return undefined; return unsafe_url; };
