aboutsummaryrefslogtreecommitdiffhomepage
path: root/server.ts
diff options
context:
space:
mode:
Diffstat (limited to 'server.ts')
-rw-r--r--server.ts9
1 files changed, 7 insertions, 2 deletions
diff --git a/server.ts b/server.ts
index 51aa67638..f3514cf9c 100644
--- a/server.ts
+++ b/server.ts
@@ -28,7 +28,7 @@ import { checkMissedConfig, checkFFmpeg } from './server/initializers/checker-be
28 28
29// Do not use barrels because we don't want to load all modules here (we need to initialize database first) 29// Do not use barrels because we don't want to load all modules here (we need to initialize database first)
30import { logger } from './server/helpers/logger' 30import { logger } from './server/helpers/logger'
31import { API_VERSION, CONFIG, CACHE } from './server/initializers/constants' 31import { API_VERSION, CONFIG, CACHE, HTTP_SIGNATURE } from './server/initializers/constants'
32 32
33const missed = checkMissedConfig() 33const missed = checkMissedConfig()
34if (missed.length !== 0) { 34if (missed.length !== 0) {
@@ -96,6 +96,7 @@ import { RemoveOldJobsScheduler } from './server/lib/schedulers/remove-old-jobs-
96import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler' 96import { UpdateVideosScheduler } from './server/lib/schedulers/update-videos-scheduler'
97import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler' 97import { YoutubeDlUpdateScheduler } from './server/lib/schedulers/youtube-dl-update-scheduler'
98import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler' 98import { VideosRedundancyScheduler } from './server/lib/schedulers/videos-redundancy-scheduler'
99import { isHTTPSignatureDigestValid } from './server/helpers/peertube-crypto'
99 100
100// ----------- Command line ----------- 101// ----------- Command line -----------
101 102
@@ -131,7 +132,11 @@ app.use(morgan('combined', {
131app.use(bodyParser.urlencoded({ extended: false })) 132app.use(bodyParser.urlencoded({ extended: false }))
132app.use(bodyParser.json({ 133app.use(bodyParser.json({
133 type: [ 'application/json', 'application/*+json' ], 134 type: [ 'application/json', 'application/*+json' ],
134 limit: '500kb' 135 limit: '500kb',
136 verify: (req: express.Request, _, buf: Buffer, encoding: string) => {
137 const valid = isHTTPSignatureDigestValid(buf, req)
138 if (valid !== true) throw new Error('Invalid digest')
139 }
135})) 140}))
136// Cookies 141// Cookies
137app.use(cookieParser()) 142app.use(cookieParser())