aboutsummaryrefslogtreecommitdiffhomepage
path: root/server/helpers/custom-validators/activitypub
diff options
context:
space:
mode:
Diffstat (limited to 'server/helpers/custom-validators/activitypub')
-rw-r--r--server/helpers/custom-validators/activitypub/account.ts7
-rw-r--r--server/helpers/custom-validators/activitypub/misc.ts10
-rw-r--r--server/helpers/custom-validators/activitypub/videos.ts7
3 files changed, 18 insertions, 6 deletions
diff --git a/server/helpers/custom-validators/activitypub/account.ts b/server/helpers/custom-validators/activitypub/account.ts
index 8a7d1b7fe..acd2b8058 100644
--- a/server/helpers/custom-validators/activitypub/account.ts
+++ b/server/helpers/custom-validators/activitypub/account.ts
@@ -3,6 +3,7 @@ import * as validator from 'validator'
3import { exists, isUUIDValid } from '../misc' 3import { exists, isUUIDValid } from '../misc'
4import { isActivityPubUrlValid } from './misc' 4import { isActivityPubUrlValid } from './misc'
5import { isUserUsernameValid } from '../users' 5import { isUserUsernameValid } from '../users'
6import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
6 7
7function isAccountEndpointsObjectValid (endpointObject: any) { 8function isAccountEndpointsObjectValid (endpointObject: any) {
8 return isAccountSharedInboxValid(endpointObject.sharedInbox) 9 return isAccountSharedInboxValid(endpointObject.sharedInbox)
@@ -34,7 +35,8 @@ function isAccountPublicKeyValid (publicKey: string) {
34 return exists(publicKey) && 35 return exists(publicKey) &&
35 typeof publicKey === 'string' && 36 typeof publicKey === 'string' &&
36 publicKey.startsWith('-----BEGIN PUBLIC KEY-----') && 37 publicKey.startsWith('-----BEGIN PUBLIC KEY-----') &&
37 publicKey.endsWith('-----END PUBLIC KEY-----') 38 publicKey.endsWith('-----END PUBLIC KEY-----') &&
39 validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACCOUNTS.PUBLIC_KEY)
38} 40}
39 41
40function isAccountIdValid (id: string) { 42function isAccountIdValid (id: string) {
@@ -73,7 +75,8 @@ function isAccountPrivateKeyValid (privateKey: string) {
73 return exists(privateKey) && 75 return exists(privateKey) &&
74 typeof privateKey === 'string' && 76 typeof privateKey === 'string' &&
75 privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') && 77 privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') &&
76 privateKey.endsWith('-----END RSA PRIVATE KEY-----') 78 privateKey.endsWith('-----END RSA PRIVATE KEY-----') &&
79 validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACCOUNTS.PRIVATE_KEY)
77} 80}
78 81
79function isRemoteAccountValid (remoteAccount: any) { 82function isRemoteAccountValid (remoteAccount: any) {
diff --git a/server/helpers/custom-validators/activitypub/misc.ts b/server/helpers/custom-validators/activitypub/misc.ts
index f049f5a8c..a94c36b51 100644
--- a/server/helpers/custom-validators/activitypub/misc.ts
+++ b/server/helpers/custom-validators/activitypub/misc.ts
@@ -1,4 +1,7 @@
1import * as validator from 'validator'
1import { exists } from '../misc' 2import { exists } from '../misc'
3import { isTestInstance } from '../../core-utils'
4import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
2 5
3function isActivityPubUrlValid (url: string) { 6function isActivityPubUrlValid (url: string) {
4 const isURLOptions = { 7 const isURLOptions = {
@@ -9,7 +12,12 @@ function isActivityPubUrlValid (url: string) {
9 protocols: [ 'http', 'https' ] 12 protocols: [ 'http', 'https' ]
10 } 13 }
11 14
12 return exists(url) && validator.isURL(url, isURLOptions) 15 // We validate 'localhost', so we don't have the top level domain
16 if (isTestInstance()) {
17 isURLOptions.require_tld = false
18 }
19
20 return exists(url) && validator.isURL(url, isURLOptions) && validator.isLength(url, CONSTRAINTS_FIELDS.ACCOUNTS.URL)
13} 21}
14 22
15function isBaseActivityValid (activity: any, type: string) { 23function isBaseActivityValid (activity: any, type: string) {
diff --git a/server/helpers/custom-validators/activitypub/videos.ts b/server/helpers/custom-validators/activitypub/videos.ts
index 9233a1359..8f6d50f50 100644
--- a/server/helpers/custom-validators/activitypub/videos.ts
+++ b/server/helpers/custom-validators/activitypub/videos.ts
@@ -10,7 +10,8 @@ import {
10 isVideoTruncatedDescriptionValid, 10 isVideoTruncatedDescriptionValid,
11 isVideoDurationValid, 11 isVideoDurationValid,
12 isVideoNameValid, 12 isVideoNameValid,
13 isVideoTagValid 13 isVideoTagValid,
14 isVideoUrlValid
14} from '../videos' 15} from '../videos'
15import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels' 16import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels'
16import { isBaseActivityValid } from './misc' 17import { isBaseActivityValid } from './misc'
@@ -93,7 +94,7 @@ function isRemoteVideoContentValid (mediaType: string, content: string) {
93 94
94function isRemoteVideoIconValid (icon: any) { 95function isRemoteVideoIconValid (icon: any) {
95 return icon.type === 'Image' && 96 return icon.type === 'Image' &&
96 validator.isURL(icon.url) && 97 isVideoUrlValid(icon.url) &&
97 icon.mediaType === 'image/jpeg' && 98 icon.mediaType === 'image/jpeg' &&
98 validator.isInt(icon.width, { min: 0 }) && 99 validator.isInt(icon.width, { min: 0 }) &&
99 validator.isInt(icon.height, { min: 0 }) 100 validator.isInt(icon.height, { min: 0 })
@@ -111,7 +112,7 @@ function setValidRemoteVideoUrls (video: any) {
111function isRemoteVideoUrlValid (url: any) { 112function isRemoteVideoUrlValid (url: any) {
112 return url.type === 'Link' && 113 return url.type === 'Link' &&
113 ACTIVITY_PUB.VIDEO_URL_MIME_TYPES.indexOf(url.mimeType) !== -1 && 114 ACTIVITY_PUB.VIDEO_URL_MIME_TYPES.indexOf(url.mimeType) !== -1 &&
114 validator.isURL(url.url) && 115 isVideoUrlValid(url.url) &&
115 validator.isInt(url.width, { min: 0 }) && 116 validator.isInt(url.width, { min: 0 }) &&
116 validator.isInt(url.size, { min: 0 }) 117 validator.isInt(url.size, { min: 0 })
117} 118}