mirror of
https://gitlab.com/famedly/conduit.git
synced 2025-07-22 17:18:35 +00:00
Get rid of allowlist check allocs
This commit is contained in:
Steven Vergenz
parent
6a4cff1661
commit
6789ed336e
2 changed files with 23 additions and 31 deletions
|
|
@ -242,37 +242,29 @@ async fn get_url_preview(url: &Url) -> Result<UrlPreviewData> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/// Verify that the given URL's host is in the allow list.
|
||||||
fn url_preview_allowed(url: &Url) -> bool {
|
fn url_preview_allowed(url: &Url) -> bool {
|
||||||
const DEFAULT_ALLOWLIST: &[&str] = &[
|
// host's existence is already verified in get_media_preview_route, unwrap is safe
|
||||||
"matrix.org",
|
let host = url.host_str().unwrap().to_lowercase();
|
||||||
"mastodon.social",
|
let host_parts_iter = host
|
||||||
"youtube.com",
|
.char_indices()
|
||||||
"wikipedia.org",
|
.filter_map(|(i, c)| {
|
||||||
];
|
if i == 0 {
|
||||||
|
Some(host.as_str())
|
||||||
|
}
|
||||||
|
else if c == '.' {
|
||||||
|
Some(&host[i+1..])
|
||||||
|
}
|
||||||
|
else {
|
||||||
|
None
|
||||||
|
}
|
||||||
|
})
|
||||||
|
.rev().skip(1); // don't match TLDs
|
||||||
|
|
||||||
let mut host = match url.host_str() {
|
let ret = ["*"].into_iter().chain(host_parts_iter).any(|nld| {
|
||||||
None => return false,
|
services().globals.url_preview_allowlist().any(|a| a == nld)
|
||||||
Some(h) => h.to_lowercase(),
|
});
|
||||||
};
|
ret // temp variable to avoid returning from the closure
|
||||||
|
|
||||||
let allowlist = services().globals.url_preview_allowlist();
|
|
||||||
if allowlist.contains(&"*".to_owned()) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
while !host.is_empty() {
|
|
||||||
if allowlist.contains(&host) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
if allowlist.contains(&"default".to_owned()) && DEFAULT_ALLOWLIST.contains(&host.as_str()) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
/* also check higher level domains, so that e.g. `en.m.wikipedia.org` is matched by `wikipedia.org` on allowlist. */
|
|
||||||
host = match host.split_once('.') {
|
|
||||||
None => return false,
|
|
||||||
Some((_, domain)) => domain.to_owned(),
|
|
||||||
}
|
|
||||||
}
|
|
||||||
false
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/// # `GET /_matrix/media/r0/preview_url`
|
/// # `GET /_matrix/media/r0/preview_url`
|
||||||
|
|
|
||||||
|
|
@ -324,8 +324,8 @@ impl Service {
|
||||||
self.config.allow_federation
|
self.config.allow_federation
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn url_preview_allowlist(&self) -> &Vec<String> {
|
pub fn url_preview_allowlist(&self) -> impl Iterator<Item=&str> {
|
||||||
&self.config.url_preview_allowlist
|
self.config.url_preview_allowlist.iter().map(|x| x.as_str())
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn allow_room_creation(&self) -> bool {
|
pub fn allow_room_creation(&self) -> bool {
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue