diff options
Diffstat (limited to 'server/helpers')
5 files changed, 31 insertions, 7 deletions
diff --git a/server/helpers/custom-validators/activitypub/account.ts b/server/helpers/custom-validators/activitypub/account.ts index 8a7d1b7fe..acd2b8058 100644 --- a/server/helpers/custom-validators/activitypub/account.ts +++ b/server/helpers/custom-validators/activitypub/account.ts | |||
| @@ -3,6 +3,7 @@ import * as validator from 'validator' | |||
| 3 | import { exists, isUUIDValid } from '../misc' | 3 | import { exists, isUUIDValid } from '../misc' |
| 4 | import { isActivityPubUrlValid } from './misc' | 4 | import { isActivityPubUrlValid } from './misc' |
| 5 | import { isUserUsernameValid } from '../users' | 5 | import { isUserUsernameValid } from '../users' |
| 6 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' | ||
| 6 | 7 | ||
| 7 | function isAccountEndpointsObjectValid (endpointObject: any) { | 8 | function isAccountEndpointsObjectValid (endpointObject: any) { |
| 8 | return isAccountSharedInboxValid(endpointObject.sharedInbox) | 9 | return isAccountSharedInboxValid(endpointObject.sharedInbox) |
| @@ -34,7 +35,8 @@ function isAccountPublicKeyValid (publicKey: string) { | |||
| 34 | return exists(publicKey) && | 35 | return exists(publicKey) && |
| 35 | typeof publicKey === 'string' && | 36 | typeof publicKey === 'string' && |
| 36 | publicKey.startsWith('-----BEGIN PUBLIC KEY-----') && | 37 | publicKey.startsWith('-----BEGIN PUBLIC KEY-----') && |
| 37 | publicKey.endsWith('-----END PUBLIC KEY-----') | 38 | publicKey.endsWith('-----END PUBLIC KEY-----') && |
| 39 | validator.isLength(publicKey, CONSTRAINTS_FIELDS.ACCOUNTS.PUBLIC_KEY) | ||
| 38 | } | 40 | } |
| 39 | 41 | ||
| 40 | function isAccountIdValid (id: string) { | 42 | function isAccountIdValid (id: string) { |
| @@ -73,7 +75,8 @@ function isAccountPrivateKeyValid (privateKey: string) { | |||
| 73 | return exists(privateKey) && | 75 | return exists(privateKey) && |
| 74 | typeof privateKey === 'string' && | 76 | typeof privateKey === 'string' && |
| 75 | privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') && | 77 | privateKey.startsWith('-----BEGIN RSA PRIVATE KEY-----') && |
| 76 | privateKey.endsWith('-----END RSA PRIVATE KEY-----') | 78 | privateKey.endsWith('-----END RSA PRIVATE KEY-----') && |
| 79 | validator.isLength(privateKey, CONSTRAINTS_FIELDS.ACCOUNTS.PRIVATE_KEY) | ||
| 77 | } | 80 | } |
| 78 | 81 | ||
| 79 | function isRemoteAccountValid (remoteAccount: any) { | 82 | function isRemoteAccountValid (remoteAccount: any) { |
diff --git a/server/helpers/custom-validators/activitypub/misc.ts b/server/helpers/custom-validators/activitypub/misc.ts index f049f5a8c..a94c36b51 100644 --- a/server/helpers/custom-validators/activitypub/misc.ts +++ b/server/helpers/custom-validators/activitypub/misc.ts | |||
| @@ -1,4 +1,7 @@ | |||
| 1 | import * as validator from 'validator' | ||
| 1 | import { exists } from '../misc' | 2 | import { exists } from '../misc' |
| 3 | import { isTestInstance } from '../../core-utils' | ||
| 4 | import { CONSTRAINTS_FIELDS } from '../../../initializers/constants' | ||
| 2 | 5 | ||
| 3 | function isActivityPubUrlValid (url: string) { | 6 | function isActivityPubUrlValid (url: string) { |
| 4 | const isURLOptions = { | 7 | const isURLOptions = { |
| @@ -9,7 +12,12 @@ function isActivityPubUrlValid (url: string) { | |||
| 9 | protocols: [ 'http', 'https' ] | 12 | protocols: [ 'http', 'https' ] |
| 10 | } | 13 | } |
| 11 | 14 | ||
| 12 | return exists(url) && validator.isURL(url, isURLOptions) | 15 | // We validate 'localhost', so we don't have the top level domain |
| 16 | if (isTestInstance()) { | ||
| 17 | isURLOptions.require_tld = false | ||
| 18 | } | ||
| 19 | |||
| 20 | return exists(url) && validator.isURL(url, isURLOptions) && validator.isLength(url, CONSTRAINTS_FIELDS.ACCOUNTS.URL) | ||
| 13 | } | 21 | } |
| 14 | 22 | ||
| 15 | function isBaseActivityValid (activity: any, type: string) { | 23 | function isBaseActivityValid (activity: any, type: string) { |
diff --git a/server/helpers/custom-validators/activitypub/videos.ts b/server/helpers/custom-validators/activitypub/videos.ts index 9233a1359..8f6d50f50 100644 --- a/server/helpers/custom-validators/activitypub/videos.ts +++ b/server/helpers/custom-validators/activitypub/videos.ts | |||
| @@ -10,7 +10,8 @@ import { | |||
| 10 | isVideoTruncatedDescriptionValid, | 10 | isVideoTruncatedDescriptionValid, |
| 11 | isVideoDurationValid, | 11 | isVideoDurationValid, |
| 12 | isVideoNameValid, | 12 | isVideoNameValid, |
| 13 | isVideoTagValid | 13 | isVideoTagValid, |
| 14 | isVideoUrlValid | ||
| 14 | } from '../videos' | 15 | } from '../videos' |
| 15 | import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels' | 16 | import { isVideoChannelDescriptionValid, isVideoChannelNameValid } from '../video-channels' |
| 16 | import { isBaseActivityValid } from './misc' | 17 | import { isBaseActivityValid } from './misc' |
| @@ -93,7 +94,7 @@ function isRemoteVideoContentValid (mediaType: string, content: string) { | |||
| 93 | 94 | ||
| 94 | function isRemoteVideoIconValid (icon: any) { | 95 | function isRemoteVideoIconValid (icon: any) { |
| 95 | return icon.type === 'Image' && | 96 | return icon.type === 'Image' && |
| 96 | validator.isURL(icon.url) && | 97 | isVideoUrlValid(icon.url) && |
| 97 | icon.mediaType === 'image/jpeg' && | 98 | icon.mediaType === 'image/jpeg' && |
| 98 | validator.isInt(icon.width, { min: 0 }) && | 99 | validator.isInt(icon.width, { min: 0 }) && |
| 99 | validator.isInt(icon.height, { min: 0 }) | 100 | validator.isInt(icon.height, { min: 0 }) |
| @@ -111,7 +112,7 @@ function setValidRemoteVideoUrls (video: any) { | |||
| 111 | function isRemoteVideoUrlValid (url: any) { | 112 | function isRemoteVideoUrlValid (url: any) { |
| 112 | return url.type === 'Link' && | 113 | return url.type === 'Link' && |
| 113 | ACTIVITY_PUB.VIDEO_URL_MIME_TYPES.indexOf(url.mimeType) !== -1 && | 114 | ACTIVITY_PUB.VIDEO_URL_MIME_TYPES.indexOf(url.mimeType) !== -1 && |
| 114 | validator.isURL(url.url) && | 115 | isVideoUrlValid(url.url) && |
| 115 | validator.isInt(url.width, { min: 0 }) && | 116 | validator.isInt(url.width, { min: 0 }) && |
| 116 | validator.isInt(url.size, { min: 0 }) | 117 | validator.isInt(url.size, { min: 0 }) |
| 117 | } | 118 | } |
diff --git a/server/helpers/custom-validators/video-channels.ts b/server/helpers/custom-validators/video-channels.ts index acc42f4a4..5787c3850 100644 --- a/server/helpers/custom-validators/video-channels.ts +++ b/server/helpers/custom-validators/video-channels.ts | |||
| @@ -8,9 +8,14 @@ import { database as db, CONSTRAINTS_FIELDS } from '../../initializers' | |||
| 8 | import { VideoChannelInstance } from '../../models' | 8 | import { VideoChannelInstance } from '../../models' |
| 9 | import { logger } from '../logger' | 9 | import { logger } from '../logger' |
| 10 | import { exists } from './misc' | 10 | import { exists } from './misc' |
| 11 | import { isActivityPubUrlValid } from './index' | ||
| 11 | 12 | ||
| 12 | const VIDEO_CHANNELS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_CHANNELS | 13 | const VIDEO_CHANNELS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_CHANNELS |
| 13 | 14 | ||
| 15 | function isVideoChannelUrlValid (value: string) { | ||
| 16 | return isActivityPubUrlValid(value) | ||
| 17 | } | ||
| 18 | |||
| 14 | function isVideoChannelDescriptionValid (value: string) { | 19 | function isVideoChannelDescriptionValid (value: string) { |
| 15 | return value === null || validator.isLength(value, VIDEO_CHANNELS_CONSTRAINTS_FIELDS.DESCRIPTION) | 20 | return value === null || validator.isLength(value, VIDEO_CHANNELS_CONSTRAINTS_FIELDS.DESCRIPTION) |
| 16 | } | 21 | } |
| @@ -53,5 +58,6 @@ export { | |||
| 53 | isVideoChannelDescriptionValid, | 58 | isVideoChannelDescriptionValid, |
| 54 | isVideoChannelNameValid, | 59 | isVideoChannelNameValid, |
| 55 | isVideoChannelUUIDValid, | 60 | isVideoChannelUUIDValid, |
| 56 | checkVideoChannelExists | 61 | checkVideoChannelExists, |
| 62 | isVideoChannelUrlValid | ||
| 57 | } | 63 | } |
diff --git a/server/helpers/custom-validators/videos.ts b/server/helpers/custom-validators/videos.ts index 487b3d646..715119cf6 100644 --- a/server/helpers/custom-validators/videos.ts +++ b/server/helpers/custom-validators/videos.ts | |||
| @@ -19,6 +19,7 @@ import { isArray, exists } from './misc' | |||
| 19 | import { VideoInstance } from '../../models' | 19 | import { VideoInstance } from '../../models' |
| 20 | import { logger } from '../../helpers' | 20 | import { logger } from '../../helpers' |
| 21 | import { VideoRateType } from '../../../shared' | 21 | import { VideoRateType } from '../../../shared' |
| 22 | import { isActivityPubUrlValid } from './activitypub/misc' | ||
| 22 | 23 | ||
| 23 | const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS | 24 | const VIDEOS_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEOS |
| 24 | const VIDEO_ABUSES_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_ABUSES | 25 | const VIDEO_ABUSES_CONSTRAINTS_FIELDS = CONSTRAINTS_FIELDS.VIDEO_ABUSES |
| @@ -33,6 +34,10 @@ function isRemoteVideoCategoryValid (value: string) { | |||
| 33 | return validator.isInt('' + value) | 34 | return validator.isInt('' + value) |
| 34 | } | 35 | } |
| 35 | 36 | ||
| 37 | function isVideoUrlValid (value: string) { | ||
| 38 | return isActivityPubUrlValid(value) | ||
| 39 | } | ||
| 40 | |||
| 36 | function isVideoLicenceValid (value: number) { | 41 | function isVideoLicenceValid (value: number) { |
| 37 | return VIDEO_LICENCES[value] !== undefined | 42 | return VIDEO_LICENCES[value] !== undefined |
| 38 | } | 43 | } |
| @@ -219,5 +224,6 @@ export { | |||
| 219 | isVideoTagValid, | 224 | isVideoTagValid, |
| 220 | isRemoteVideoCategoryValid, | 225 | isRemoteVideoCategoryValid, |
| 221 | isRemoteVideoLicenceValid, | 226 | isRemoteVideoLicenceValid, |
| 227 | isVideoUrlValid, | ||
| 222 | isRemoteVideoLanguageValid | 228 | isRemoteVideoLanguageValid |
| 223 | } | 229 | } |