aboutsummaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChocobozzz <florian.bigard@gmail.com>2016-11-16 20:22:17 +0100
committerChocobozzz <florian.bigard@gmail.com>2016-11-16 20:29:26 +0100
commit441b66f80923d1f574a74582f1fb9306b99fc12a (patch)
treeed8a853b9df3666772ec4c027a03c7e05651423c
parent9c89a45cb2a7bb46e68fb084723a2046b12c7617 (diff)
downloadPeerTube-441b66f80923d1f574a74582f1fb9306b99fc12a.tar.gz
PeerTube-441b66f80923d1f574a74582f1fb9306b99fc12a.tar.zst
PeerTube-441b66f80923d1f574a74582f1fb9306b99fc12a.zip
Server: forbid to make friends with a non https server
-rw-r--r--server/helpers/utils.js7
-rw-r--r--server/initializers/constants.js3
-rw-r--r--server/middlewares/validators/pods.js7
3 files changed, 15 insertions, 2 deletions
diff --git a/server/helpers/utils.js b/server/helpers/utils.js
index 9c2d402e3..9f27671b6 100644
--- a/server/helpers/utils.js
+++ b/server/helpers/utils.js
@@ -6,7 +6,8 @@ const logger = require('./logger')
6 6
7const utils = { 7const utils = {
8 cleanForExit, 8 cleanForExit,
9 generateRandomString 9 generateRandomString,
10 isTestInstance
10} 11}
11 12
12function generateRandomString (size, callback) { 13function generateRandomString (size, callback) {
@@ -22,6 +23,10 @@ function cleanForExit (webtorrentProcess) {
22 process.kill(-webtorrentProcess.pid) 23 process.kill(-webtorrentProcess.pid)
23} 24}
24 25
26function isTestInstance () {
27 return (process.env.NODE_ENV === 'test')
28}
29
25// --------------------------------------------------------------------------- 30// ---------------------------------------------------------------------------
26 31
27module.exports = utils 32module.exports = utils
diff --git a/server/initializers/constants.js b/server/initializers/constants.js
index 40e1c5381..3ddf87454 100644
--- a/server/initializers/constants.js
+++ b/server/initializers/constants.js
@@ -152,7 +152,7 @@ const REQUEST_ENDPOINTS = {
152 152
153const REMOTE_SCHEME = { 153const REMOTE_SCHEME = {
154 HTTP: 'https', 154 HTTP: 'https',
155 WS: 'WS' 155 WS: 'wss'
156} 156}
157 157
158// Password encryption 158// Password encryption
@@ -220,6 +220,7 @@ module.exports = {
220 220
221// --------------------------------------------------------------------------- 221// ---------------------------------------------------------------------------
222 222
223// This method exists in utils module but we want to let the constants module independent
223function isTestInstance () { 224function isTestInstance () {
224 return (process.env.NODE_ENV === 'test') 225 return (process.env.NODE_ENV === 'test')
225} 226}
diff --git a/server/middlewares/validators/pods.js b/server/middlewares/validators/pods.js
index 4f8bad2f9..0723871b2 100644
--- a/server/middlewares/validators/pods.js
+++ b/server/middlewares/validators/pods.js
@@ -1,8 +1,10 @@
1'use strict' 1'use strict'
2 2
3const checkErrors = require('./utils').checkErrors 3const checkErrors = require('./utils').checkErrors
4const constants = require('../../initializers/constants')
4const friends = require('../../lib/friends') 5const friends = require('../../lib/friends')
5const logger = require('../../helpers/logger') 6const logger = require('../../helpers/logger')
7const utils = require('../../helpers/utils')
6 8
7const validatorsPod = { 9const validatorsPod = {
8 makeFriends, 10 makeFriends,
@@ -10,6 +12,11 @@ const validatorsPod = {
10} 12}
11 13
12function makeFriends (req, res, next) { 14function makeFriends (req, res, next) {
15 // Force https if the administrator wants to make friends
16 if (utils.isTestInstance() === false && constants.CONFIG.WEBSERVER.SCHEME === 'http') {
17 return res.status(400).send('Cannot make friends with a non HTTPS webserver.')
18 }
19
13 req.checkBody('hosts', 'Should have an array of unique hosts').isEachUniqueHostValid() 20 req.checkBody('hosts', 'Should have an array of unique hosts').isEachUniqueHostValid()
14 21
15 logger.debug('Checking makeFriends parameters', { parameters: req.body }) 22 logger.debug('Checking makeFriends parameters', { parameters: req.body })