diff options
author | Chocobozzz <me@florianbigard.com> | 2022-02-09 08:58:40 +0100 |
---|---|---|
committer | Chocobozzz <me@florianbigard.com> | 2022-02-09 11:54:18 +0100 |
commit | 474542d7ac60f7860daf9ea34d1c31968f43ab29 (patch) | |
tree | c3e19095e19930d3955ce8d56d8c099bdda17923 /server/controllers/api | |
parent | ba8a8367e7fde7915ae6633445bf46ebf4a9fe94 (diff) | |
download | PeerTube-474542d7ac60f7860daf9ea34d1c31968f43ab29.tar.gz PeerTube-474542d7ac60f7860daf9ea34d1c31968f43ab29.tar.zst PeerTube-474542d7ac60f7860daf9ea34d1c31968f43ab29.zip |
Add additional checks when importing a video
Diffstat (limited to 'server/controllers/api')
-rw-r--r-- | server/controllers/api/videos/import.ts | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/server/controllers/api/videos/import.ts b/server/controllers/api/videos/import.ts index 8cbfd3286..b54fa822c 100644 --- a/server/controllers/api/videos/import.ts +++ b/server/controllers/api/videos/import.ts | |||
@@ -1,9 +1,11 @@ | |||
1 | import express from 'express' | 1 | import express from 'express' |
2 | import { move, readFile } from 'fs-extra' | 2 | import { move, readFile, remove } from 'fs-extra' |
3 | import { decode } from 'magnet-uri' | 3 | import { decode } from 'magnet-uri' |
4 | import parseTorrent, { Instance } from 'parse-torrent' | 4 | import parseTorrent, { Instance } from 'parse-torrent' |
5 | import { join } from 'path' | 5 | import { join } from 'path' |
6 | import { isVTTFileValid } from '@server/helpers/custom-validators/video-captions' | ||
6 | import { isVideoFileExtnameValid } from '@server/helpers/custom-validators/videos' | 7 | import { isVideoFileExtnameValid } from '@server/helpers/custom-validators/videos' |
8 | import { isResolvingToUnicastOnly } from '@server/helpers/dns' | ||
7 | import { Hooks } from '@server/lib/plugins/hooks' | 9 | import { Hooks } from '@server/lib/plugins/hooks' |
8 | import { ServerConfigManager } from '@server/lib/server-config-manager' | 10 | import { ServerConfigManager } from '@server/lib/server-config-manager' |
9 | import { setVideoTags } from '@server/lib/video' | 11 | import { setVideoTags } from '@server/lib/video' |
@@ -195,6 +197,13 @@ async function addYoutubeDLImport (req: express.Request, res: express.Response) | |||
195 | }) | 197 | }) |
196 | } | 198 | } |
197 | 199 | ||
200 | if (!await hasUnicastURLsOnly(youtubeDLInfo)) { | ||
201 | return res.fail({ | ||
202 | status: HttpStatusCode.FORBIDDEN_403, | ||
203 | message: 'Cannot use non unicast IP as targetUrl.' | ||
204 | }) | ||
205 | } | ||
206 | |||
198 | const video = await buildVideo(res.locals.videoChannel.id, body, youtubeDLInfo) | 207 | const video = await buildVideo(res.locals.videoChannel.id, body, youtubeDLInfo) |
199 | 208 | ||
200 | // Process video thumbnail from request.files | 209 | // Process video thumbnail from request.files |
@@ -432,6 +441,11 @@ async function processYoutubeSubtitles (youtubeDL: YoutubeDLWrapper, targetUrl: | |||
432 | logger.info('Will create %s subtitles from youtube import %s.', subtitles.length, targetUrl) | 441 | logger.info('Will create %s subtitles from youtube import %s.', subtitles.length, targetUrl) |
433 | 442 | ||
434 | for (const subtitle of subtitles) { | 443 | for (const subtitle of subtitles) { |
444 | if (!await isVTTFileValid(subtitle.path)) { | ||
445 | await remove(subtitle.path) | ||
446 | continue | ||
447 | } | ||
448 | |||
435 | const videoCaption = new VideoCaptionModel({ | 449 | const videoCaption = new VideoCaptionModel({ |
436 | videoId, | 450 | videoId, |
437 | language: subtitle.language, | 451 | language: subtitle.language, |
@@ -449,3 +463,16 @@ async function processYoutubeSubtitles (youtubeDL: YoutubeDLWrapper, targetUrl: | |||
449 | logger.warn('Cannot get video subtitles.', { err }) | 463 | logger.warn('Cannot get video subtitles.', { err }) |
450 | } | 464 | } |
451 | } | 465 | } |
466 | |||
467 | async function hasUnicastURLsOnly (youtubeDLInfo: YoutubeDLInfo) { | ||
468 | const hosts = youtubeDLInfo.urls.map(u => new URL(u).hostname) | ||
469 | const uniqHosts = new Set(hosts) | ||
470 | |||
471 | for (const h of uniqHosts) { | ||
472 | if (await isResolvingToUnicastOnly(h) !== true) { | ||
473 | return false | ||
474 | } | ||
475 | } | ||
476 | |||
477 | return true | ||
478 | } | ||