From 225a89c2afbbe53cf39ffa7ea0cd485095a1d5f5 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Thu, 21 Dec 2017 09:56:59 +0100 Subject: Sanitize url to not end with implicit ports --- server/initializers/constants.ts | 87 ++++++++++++------------ server/initializers/migrations/0140-actor-url.ts | 42 ++++++++++++ 2 files changed, 86 insertions(+), 43 deletions(-) create mode 100644 server/initializers/migrations/0140-actor-url.ts (limited to 'server/initializers') diff --git a/server/initializers/constants.ts b/server/initializers/constants.ts index 2ea2aa6b9..100a77622 100644 --- a/server/initializers/constants.ts +++ b/server/initializers/constants.ts @@ -1,15 +1,15 @@ import * as config from 'config' import { join } from 'path' import { JobCategory, JobState, VideoRateType } from '../../shared/models' -import { FollowState } from '../../shared/models/actors' import { ActivityPubActorType } from '../../shared/models/activitypub' +import { FollowState } from '../../shared/models/actors' import { VideoPrivacy } from '../../shared/models/videos' // Do not use barrels, remain constants as independent as possible -import { isTestInstance, root } from '../helpers/core-utils' +import { isTestInstance, root, sanitizeHost, sanitizeUrl } from '../helpers/core-utils' // --------------------------------------------------------------------------- -const LAST_MIGRATION_VERSION = 135 +const LAST_MIGRATION_VERSION = 140 // --------------------------------------------------------------------------- @@ -38,6 +38,44 @@ const OAUTH_LIFETIME = { // --------------------------------------------------------------------------- +// Number of points we add/remove from a friend after a successful/bad request +const SERVERS_SCORE = { + PENALTY: -10, + BONUS: 10, + BASE: 100, + MAX: 1000 +} + +const FOLLOW_STATES: { [ id: string ]: FollowState } = { + PENDING: 'pending', + ACCEPTED: 'accepted' +} + +const REMOTE_SCHEME = { + HTTP: 'https', + WS: 'wss' +} + +const JOB_STATES: { [ id: string ]: JobState } = { + PENDING: 'pending', + PROCESSING: 'processing', + ERROR: 'error', + SUCCESS: 'success' +} +const JOB_CATEGORIES: { [ id: string ]: JobCategory } = { + TRANSCODING: 'transcoding', + ACTIVITYPUB_HTTP: 'activitypub-http' +} +// How many maximum jobs we fetch from the database per cycle +const JOBS_FETCH_LIMIT_PER_CYCLE = { + transcoding: 10, + httpRequest: 20 +} +// 1 minutes +let JOBS_FETCHING_INTERVAL = 60000 + +// --------------------------------------------------------------------------- + const CONFIG = { LISTEN: { PORT: config.get('listen.port') @@ -93,8 +131,6 @@ const CONFIG = { } } } -CONFIG.WEBSERVER.URL = CONFIG.WEBSERVER.SCHEME + '://' + CONFIG.WEBSERVER.HOSTNAME + ':' + CONFIG.WEBSERVER.PORT -CONFIG.WEBSERVER.HOST = CONFIG.WEBSERVER.HOSTNAME + ':' + CONFIG.WEBSERVER.PORT const AVATARS_DIR = { ACCOUNT: join(CONFIG.STORAGE.AVATARS_DIR, 'account') @@ -238,44 +274,6 @@ const ACTIVITY_PUB_ACTOR_TYPES: { [ id: string ]: ActivityPubActorType } = { // --------------------------------------------------------------------------- -// Number of points we add/remove from a friend after a successful/bad request -const SERVERS_SCORE = { - PENALTY: -10, - BONUS: 10, - BASE: 100, - MAX: 1000 -} - -const FOLLOW_STATES: { [ id: string ]: FollowState } = { - PENDING: 'pending', - ACCEPTED: 'accepted' -} - -const REMOTE_SCHEME = { - HTTP: 'https', - WS: 'wss' -} - -const JOB_STATES: { [ id: string ]: JobState } = { - PENDING: 'pending', - PROCESSING: 'processing', - ERROR: 'error', - SUCCESS: 'success' -} -const JOB_CATEGORIES: { [ id: string ]: JobCategory } = { - TRANSCODING: 'transcoding', - ACTIVITYPUB_HTTP: 'activitypub-http' -} -// How many maximum jobs we fetch from the database per cycle -const JOBS_FETCH_LIMIT_PER_CYCLE = { - transcoding: 10, - httpRequest: 20 -} -// 1 minutes -let JOBS_FETCHING_INTERVAL = 60000 - -// --------------------------------------------------------------------------- - const PRIVATE_RSA_KEY_SIZE = 2048 // Password encryption @@ -334,6 +332,9 @@ if (isTestInstance() === true) { ACTIVITY_PUB.COLLECTION_ITEMS_PER_PAGE = 2 } +CONFIG.WEBSERVER.URL = sanitizeUrl(CONFIG.WEBSERVER.SCHEME + '://' + CONFIG.WEBSERVER.HOSTNAME + ':' + CONFIG.WEBSERVER.PORT) +CONFIG.WEBSERVER.HOST = sanitizeHost(CONFIG.WEBSERVER.HOSTNAME + ':' + CONFIG.WEBSERVER.PORT, REMOTE_SCHEME.HTTP) + // --------------------------------------------------------------------------- export { diff --git a/server/initializers/migrations/0140-actor-url.ts b/server/initializers/migrations/0140-actor-url.ts new file mode 100644 index 000000000..626f3c444 --- /dev/null +++ b/server/initializers/migrations/0140-actor-url.ts @@ -0,0 +1,42 @@ +import * as Sequelize from 'sequelize' +import { DataType } from 'sequelize-typescript' +import { createPrivateAndPublicKeys } from '../../helpers' +import { CONFIG } from '../constants' + +async function up (utils: { + transaction: Sequelize.Transaction, + queryInterface: Sequelize.QueryInterface, + sequelize: Sequelize.Sequelize +}): Promise { + const toReplace = CONFIG.WEBSERVER.HOSTNAME + ':443' + const by = CONFIG.WEBSERVER.HOST + const replacer = column => `replace("${column}", '${toReplace}', '${by}')` + + { + const query = `UPDATE video SET url = ${replacer('url')}` + await utils.sequelize.query(query) + } + + { + const query = ` + UPDATE actor SET url = ${replacer('url')}, "inboxUrl" = ${replacer('inboxUrl')}, "outboxUrl" = ${replacer('outboxUrl')}, + "sharedInboxUrl" = ${replacer('sharedInboxUrl')}, "followersUrl" = ${replacer('followersUrl')}, + "followingUrl" = ${replacer('followingUrl')} + ` + await utils.sequelize.query(query) + } + + { + const query = `UPDATE server SET host = replace(host, ':443', '')` + await utils.sequelize.query(query) + } +} + +function down (options) { + throw new Error('Not implemented.') +} + +export { + up, + down +} -- cgit v1.2.3