aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers/custom-validators
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2021-02-18 10:15:11 +0100
committerChocobozzz <chocobozzz@cpy.re>2021-02-18 13:38:09 +0100
commitd9a2a03196275065c28f4a0b7d4d7bc9992d77a1 (patch)
tree14579db95cd07506bf3d8e5c0af3ef1630e8700c /server/helpers/custom-validators
parent2451916e45420fedf556913ce121f3964c4b57d6 (diff)
downloadPeerTube-d9a2a03196275065c28f4a0b7d4d7bc9992d77a1.tar.gz
PeerTube-d9a2a03196275065c28f4a0b7d4d7bc9992d77a1.tar.zst
PeerTube-d9a2a03196275065c28f4a0b7d4d7bc9992d77a1.zip
Don't guess remote tracker URL
Diffstat (limited to 'server/helpers/custom-validators')
-rw-r--r--server/helpers/custom-validators/activitypub/videos.ts24
1 files changed, 18 insertions, 6 deletions
diff --git a/server/helpers/custom-validators/activitypub/videos.ts b/server/helpers/custom-validators/activitypub/videos.ts
index a01429c83..a41d37810 100644
--- a/server/helpers/custom-validators/activitypub/videos.ts
+++ b/server/helpers/custom-validators/activitypub/videos.ts
@@ -1,4 +1,7 @@
1import validator from 'validator' 1import validator from 'validator'
2import { logger } from '@server/helpers/logger'
3import { ActivityTrackerUrlObject, ActivityVideoFileMetadataUrlObject } from '@shared/models'
4import { VideoState } from '../../../../shared/models/videos'
2import { ACTIVITY_PUB, CONSTRAINTS_FIELDS } from '../../../initializers/constants' 5import { ACTIVITY_PUB, CONSTRAINTS_FIELDS } from '../../../initializers/constants'
3import { peertubeTruncate } from '../../core-utils' 6import { peertubeTruncate } from '../../core-utils'
4import { exists, isArray, isBooleanValid, isDateValid, isUUIDValid } from '../misc' 7import { exists, isArray, isBooleanValid, isDateValid, isUUIDValid } from '../misc'
@@ -11,9 +14,6 @@ import {
11 isVideoViewsValid 14 isVideoViewsValid
12} from '../videos' 15} from '../videos'
13import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc' 16import { isActivityPubUrlValid, isBaseActivityValid, setValidAttributedTo } from './misc'
14import { VideoState } from '../../../../shared/models/videos'
15import { logger } from '@server/helpers/logger'
16import { ActivityVideoFileMetadataObject } from '@shared/models'
17 17
18function sanitizeAndCheckVideoTorrentUpdateActivity (activity: any) { 18function sanitizeAndCheckVideoTorrentUpdateActivity (activity: any) {
19 return isBaseActivityValid(activity, 'Update') && 19 return isBaseActivityValid(activity, 'Update') &&
@@ -84,6 +84,7 @@ function sanitizeAndCheckVideoTorrentObject (video: any) {
84 84
85function isRemoteVideoUrlValid (url: any) { 85function isRemoteVideoUrlValid (url: any) {
86 return url.type === 'Link' && 86 return url.type === 'Link' &&
87 // Video file link
87 ( 88 (
88 ACTIVITY_PUB.URL_MIME_TYPES.VIDEO.includes(url.mediaType) && 89 ACTIVITY_PUB.URL_MIME_TYPES.VIDEO.includes(url.mediaType) &&
89 isActivityPubUrlValid(url.href) && 90 isActivityPubUrlValid(url.href) &&
@@ -91,31 +92,41 @@ function isRemoteVideoUrlValid (url: any) {
91 validator.isInt(url.size + '', { min: 0 }) && 92 validator.isInt(url.size + '', { min: 0 }) &&
92 (!url.fps || validator.isInt(url.fps + '', { min: -1 })) 93 (!url.fps || validator.isInt(url.fps + '', { min: -1 }))
93 ) || 94 ) ||
95 // Torrent link
94 ( 96 (
95 ACTIVITY_PUB.URL_MIME_TYPES.TORRENT.includes(url.mediaType) && 97 ACTIVITY_PUB.URL_MIME_TYPES.TORRENT.includes(url.mediaType) &&
96 isActivityPubUrlValid(url.href) && 98 isActivityPubUrlValid(url.href) &&
97 validator.isInt(url.height + '', { min: 0 }) 99 validator.isInt(url.height + '', { min: 0 })
98 ) || 100 ) ||
101 // Magnet link
99 ( 102 (
100 ACTIVITY_PUB.URL_MIME_TYPES.MAGNET.includes(url.mediaType) && 103 ACTIVITY_PUB.URL_MIME_TYPES.MAGNET.includes(url.mediaType) &&
101 validator.isLength(url.href, { min: 5 }) && 104 validator.isLength(url.href, { min: 5 }) &&
102 validator.isInt(url.height + '', { min: 0 }) 105 validator.isInt(url.height + '', { min: 0 })
103 ) || 106 ) ||
107 // HLS playlist link
104 ( 108 (
105 (url.mediaType || url.mimeType) === 'application/x-mpegURL' && 109 (url.mediaType || url.mimeType) === 'application/x-mpegURL' &&
106 isActivityPubUrlValid(url.href) && 110 isActivityPubUrlValid(url.href) &&
107 isArray(url.tag) 111 isArray(url.tag)
108 ) || 112 ) ||
109 isAPVideoFileMetadataObject(url) 113 isAPVideoTrackerUrlObject(url) ||
114 isAPVideoFileUrlMetadataObject(url)
110} 115}
111 116
112function isAPVideoFileMetadataObject (url: any): url is ActivityVideoFileMetadataObject { 117function isAPVideoFileUrlMetadataObject (url: any): url is ActivityVideoFileMetadataUrlObject {
113 return url && 118 return url &&
114 url.type === 'Link' && 119 url.type === 'Link' &&
115 url.mediaType === 'application/json' && 120 url.mediaType === 'application/json' &&
116 isArray(url.rel) && url.rel.includes('metadata') 121 isArray(url.rel) && url.rel.includes('metadata')
117} 122}
118 123
124function isAPVideoTrackerUrlObject (url: any): url is ActivityTrackerUrlObject {
125 return isArray(url.rel) &&
126 url.rel.includes('tracker') &&
127 isActivityPubUrlValid(url.href)
128}
129
119// --------------------------------------------------------------------------- 130// ---------------------------------------------------------------------------
120 131
121export { 132export {
@@ -123,7 +134,8 @@ export {
123 isRemoteStringIdentifierValid, 134 isRemoteStringIdentifierValid,
124 sanitizeAndCheckVideoTorrentObject, 135 sanitizeAndCheckVideoTorrentObject,
125 isRemoteVideoUrlValid, 136 isRemoteVideoUrlValid,
126 isAPVideoFileMetadataObject 137 isAPVideoFileUrlMetadataObject,
138 isAPVideoTrackerUrlObject
127} 139}
128 140
129// --------------------------------------------------------------------------- 141// ---------------------------------------------------------------------------