diff options
Diffstat (limited to 'server/helpers')
-rw-r--r-- | server/helpers/activitypub.ts | 13 | ||||
-rw-r--r-- | server/helpers/core-utils.ts | 2 | ||||
-rw-r--r-- | server/helpers/custom-validators/activitypub/videos.ts | 26 |
3 files changed, 31 insertions, 10 deletions
diff --git a/server/helpers/activitypub.ts b/server/helpers/activitypub.ts index 239d8291d..9f9e8fba7 100644 --- a/server/helpers/activitypub.ts +++ b/server/helpers/activitypub.ts | |||
@@ -2,11 +2,11 @@ import * as Bluebird from 'bluebird' | |||
2 | import validator from 'validator' | 2 | import validator from 'validator' |
3 | import { ResultList } from '../../shared/models' | 3 | import { ResultList } from '../../shared/models' |
4 | import { Activity } from '../../shared/models/activitypub' | 4 | import { Activity } from '../../shared/models/activitypub' |
5 | import { ACTIVITY_PUB } from '../initializers/constants' | 5 | import { ACTIVITY_PUB, REMOTE_SCHEME } from '../initializers/constants' |
6 | import { signJsonLDObject } from './peertube-crypto' | 6 | import { signJsonLDObject } from './peertube-crypto' |
7 | import { pageToStartAndCount } from './core-utils' | 7 | import { pageToStartAndCount } from './core-utils' |
8 | import { parse } from 'url' | 8 | import { parse } from 'url' |
9 | import { MActor } from '../typings/models' | 9 | import { MActor, MVideoAccountLight } from '../typings/models' |
10 | 10 | ||
11 | function activityPubContextify <T> (data: T) { | 11 | function activityPubContextify <T> (data: T) { |
12 | return Object.assign(data, { | 12 | return Object.assign(data, { |
@@ -167,6 +167,12 @@ function checkUrlsSameHost (url1: string, url2: string) { | |||
167 | return idHost && actorHost && idHost.toLowerCase() === actorHost.toLowerCase() | 167 | return idHost && actorHost && idHost.toLowerCase() === actorHost.toLowerCase() |
168 | } | 168 | } |
169 | 169 | ||
170 | function buildRemoteVideoBaseUrl (video: MVideoAccountLight, path: string) { | ||
171 | const host = video.VideoChannel.Account.Actor.Server.host | ||
172 | |||
173 | return REMOTE_SCHEME.HTTP + '://' + host + path | ||
174 | } | ||
175 | |||
170 | // --------------------------------------------------------------------------- | 176 | // --------------------------------------------------------------------------- |
171 | 177 | ||
172 | export { | 178 | export { |
@@ -174,5 +180,6 @@ export { | |||
174 | getAPId, | 180 | getAPId, |
175 | activityPubContextify, | 181 | activityPubContextify, |
176 | activityPubCollectionPagination, | 182 | activityPubCollectionPagination, |
177 | buildSignedActivity | 183 | buildSignedActivity, |
184 | buildRemoteVideoBaseUrl | ||
178 | } | 185 | } |
diff --git a/server/helpers/core-utils.ts b/server/helpers/core-utils.ts index 7e8252aa4..519dc83d0 100644 --- a/server/helpers/core-utils.ts +++ b/server/helpers/core-utils.ts | |||
@@ -199,6 +199,8 @@ function sha1 (str: string | Buffer, encoding: HexBase64Latin1Encoding = 'hex') | |||
199 | return createHash('sha1').update(str).digest(encoding) | 199 | return createHash('sha1').update(str).digest(encoding) |
200 | } | 200 | } |
201 | 201 | ||
202 | |||
203 | |||
202 | function execShell (command: string, options?: ExecOptions) { | 204 | function execShell (command: string, options?: ExecOptions) { |
203 | return new Promise<{ err?: Error, stdout: string, stderr: string }>((res, rej) => { | 205 | return new Promise<{ err?: Error, stdout: string, stderr: string }>((res, rej) => { |
204 | exec(command, options, (err, stdout, stderr) => { | 206 | exec(command, options, (err, stdout, stderr) => { |
diff --git a/server/helpers/custom-validators/activitypub/videos.ts b/server/helpers/custom-validators/activitypub/videos.ts index 224f03f4e..22b5e14a2 100644 --- a/server/helpers/custom-validators/activitypub/videos.ts +++ b/server/helpers/custom-validators/activitypub/videos.ts | |||
@@ -51,6 +51,10 @@ function sanitizeAndCheckVideoTorrentObject (video: any) { | |||
51 | logger.debug('Video has invalid captions', { video }) | 51 | logger.debug('Video has invalid captions', { video }) |
52 | return false | 52 | return false |
53 | } | 53 | } |
54 | if (!setValidRemoteIcon(video)) { | ||
55 | logger.debug('Video has invalid icons', { video }) | ||
56 | return false | ||
57 | } | ||
54 | 58 | ||
55 | // Default attributes | 59 | // Default attributes |
56 | if (!isVideoStateValid(video.state)) video.state = VideoState.PUBLISHED | 60 | if (!isVideoStateValid(video.state)) video.state = VideoState.PUBLISHED |
@@ -73,7 +77,6 @@ function sanitizeAndCheckVideoTorrentObject (video: any) { | |||
73 | isDateValid(video.updated) && | 77 | isDateValid(video.updated) && |
74 | (!video.originallyPublishedAt || isDateValid(video.originallyPublishedAt)) && | 78 | (!video.originallyPublishedAt || isDateValid(video.originallyPublishedAt)) && |
75 | (!video.content || isRemoteVideoContentValid(video.mediaType, video.content)) && | 79 | (!video.content || isRemoteVideoContentValid(video.mediaType, video.content)) && |
76 | isRemoteVideoIconValid(video.icon) && | ||
77 | video.url.length !== 0 && | 80 | video.url.length !== 0 && |
78 | video.attributedTo.length !== 0 | 81 | video.attributedTo.length !== 0 |
79 | } | 82 | } |
@@ -132,6 +135,8 @@ function setValidRemoteCaptions (video: any) { | |||
132 | if (Array.isArray(video.subtitleLanguage) === false) return false | 135 | if (Array.isArray(video.subtitleLanguage) === false) return false |
133 | 136 | ||
134 | video.subtitleLanguage = video.subtitleLanguage.filter(caption => { | 137 | video.subtitleLanguage = video.subtitleLanguage.filter(caption => { |
138 | if (!isActivityPubUrlValid(caption.url)) caption.url = null | ||
139 | |||
135 | return isRemoteStringIdentifierValid(caption) | 140 | return isRemoteStringIdentifierValid(caption) |
136 | }) | 141 | }) |
137 | 142 | ||
@@ -150,12 +155,19 @@ function isRemoteVideoContentValid (mediaType: string, content: string) { | |||
150 | return mediaType === 'text/markdown' && isVideoTruncatedDescriptionValid(content) | 155 | return mediaType === 'text/markdown' && isVideoTruncatedDescriptionValid(content) |
151 | } | 156 | } |
152 | 157 | ||
153 | function isRemoteVideoIconValid (icon: any) { | 158 | function setValidRemoteIcon (video: any) { |
154 | return icon.type === 'Image' && | 159 | if (video.icon && !isArray(video.icon)) video.icon = [ video.icon ] |
155 | isActivityPubUrlValid(icon.url) && | 160 | if (!video.icon) video.icon = [] |
156 | icon.mediaType === 'image/jpeg' && | 161 | |
157 | validator.isInt(icon.width + '', { min: 0 }) && | 162 | video.icon = video.icon.filter(icon => { |
158 | validator.isInt(icon.height + '', { min: 0 }) | 163 | return icon.type === 'Image' && |
164 | isActivityPubUrlValid(icon.url) && | ||
165 | icon.mediaType === 'image/jpeg' && | ||
166 | validator.isInt(icon.width + '', { min: 0 }) && | ||
167 | validator.isInt(icon.height + '', { min: 0 }) | ||
168 | }) | ||
169 | |||
170 | return video.icon.length !== 0 | ||
159 | } | 171 | } |
160 | 172 | ||
161 | function setValidRemoteVideoUrls (video: any) { | 173 | function setValidRemoteVideoUrls (video: any) { |