aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers
diff options
context:
space:
mode:
authorChocobozzz <me@florianbigard.com>2017-12-21 09:56:59 +0100
committerChocobozzz <me@florianbigard.com>2017-12-21 09:56:59 +0100
commit225a89c2afbbe53cf39ffa7ea0cd485095a1d5f5 (patch)
tree9dc8fa039e820229fd3ecb386d6f63bf02e16698 /server/helpers
parent6725d05c5f71e0cdf0deba6692220b73e42e7ffa (diff)
downloadPeerTube-225a89c2afbbe53cf39ffa7ea0cd485095a1d5f5.tar.gz
PeerTube-225a89c2afbbe53cf39ffa7ea0cd485095a1d5f5.tar.zst
PeerTube-225a89c2afbbe53cf39ffa7ea0cd485095a1d5f5.zip
Sanitize url to not end with implicit ports
Diffstat (limited to 'server/helpers')
-rw-r--r--server/helpers/core-utils.ts22
-rw-r--r--server/helpers/custom-validators/webfinger.ts5
2 files changed, 25 insertions, 2 deletions
diff --git a/server/helpers/core-utils.ts b/server/helpers/core-utils.ts
index 443115336..0c6c36d11 100644
--- a/server/helpers/core-utils.ts
+++ b/server/helpers/core-utils.ts
@@ -11,6 +11,26 @@ import * as mkdirp from 'mkdirp'
11import { join } from 'path' 11import { join } from 'path'
12import * as pem from 'pem' 12import * as pem from 'pem'
13import * as rimraf from 'rimraf' 13import * as rimraf from 'rimraf'
14import { URL } from 'url'
15
16function sanitizeUrl (url: string) {
17 const urlObject = new URL(url)
18
19 if (urlObject.protocol === 'https:' && urlObject.port === '443') {
20 urlObject.port = ''
21 } else if (urlObject.protocol === 'http:' && urlObject.port === '80') {
22 urlObject.port = ''
23 }
24
25 return urlObject.href.replace(/\/$/, '')
26}
27
28// Don't import remote scheme from constants because we are in core utils
29function sanitizeHost (host: string, remoteScheme: string) {
30 let toRemove = remoteScheme === 'https' ? 443 : 80
31
32 return host.replace(new RegExp(`:${toRemove}$`), '')
33}
14 34
15function isTestInstance () { 35function isTestInstance () {
16 return process.env.NODE_ENV === 'test' 36 return process.env.NODE_ENV === 'test'
@@ -114,6 +134,8 @@ export {
114 root, 134 root,
115 escapeHTML, 135 escapeHTML,
116 pageToStartAndCount, 136 pageToStartAndCount,
137 sanitizeUrl,
138 sanitizeHost,
117 139
118 promisify0, 140 promisify0,
119 promisify1, 141 promisify1,
diff --git a/server/helpers/custom-validators/webfinger.ts b/server/helpers/custom-validators/webfinger.ts
index 1b9aad444..46f1ac210 100644
--- a/server/helpers/custom-validators/webfinger.ts
+++ b/server/helpers/custom-validators/webfinger.ts
@@ -1,4 +1,5 @@
1import { CONFIG } from '../../initializers' 1import { CONFIG, REMOTE_SCHEME } from '../../initializers'
2import { sanitizeHost } from '../core-utils'
2import { exists } from './misc' 3import { exists } from './misc'
3 4
4function isWebfingerResourceValid (value: string) { 5function isWebfingerResourceValid (value: string) {
@@ -11,7 +12,7 @@ function isWebfingerResourceValid (value: string) {
11 12
12 const host = actorParts[1] 13 const host = actorParts[1]
13 14
14 return host === CONFIG.WEBSERVER.HOSTNAME || host === CONFIG.WEBSERVER.HOST 15 return sanitizeHost(host, REMOTE_SCHEME.HTTP) === CONFIG.WEBSERVER.HOSTNAME
15} 16}
16 17
17// --------------------------------------------------------------------------- 18// ---------------------------------------------------------------------------