Drop mode and add special allowlist entries '*' and 'default'

2025-07-02 16:38:36 +00:00 · 2023-07-29 23:15:16 +02:00 · 2023-07-29 23:15:16 +02:00 · 8f147379ea
commit 8f147379ea
parent 61fd9166f6
5 changed files with 31 additions and 53 deletions
--- a/src/api/client_server/media.rs
+++ b/src/api/client_server/media.rs
@ -11,7 +11,6 @@ use ruma::api::client::{

 #[cfg(feature = "url_preview")]
 use {
-    crate::config::UrlPreviewMode,
    crate::service::media::UrlPreviewData,
    webpage::HTML,
    reqwest::Url,
@ -190,7 +189,7 @@ async fn get_url_preview(url: &str) -> Result<UrlPreviewData> {
                    .url_preview_requests
                    .write()
                    .unwrap()
-                    .insert(url.to_string(), notifier.clone());
+                    .insert(url.to_owned(), notifier.clone());
            }

            let data = request_url_preview(url).await;
@ -222,6 +221,13 @@ async fn get_url_preview(url: &str) -> Result<UrlPreviewData> {

 #[cfg(feature = "url_preview")]
 fn url_preview_allowed(url_str: &str) -> bool {
+    const DEFAULT_ALLOWLIST: &[&str] = &[
+        "matrix.org",
+        "mastodon.social",
+        "youtube.com",
+        "wikipedia.org",
+    ];
+
    let url = match Url::parse(url_str) {
        Ok(u) => u,
        Err(_) => return false,
@ -229,18 +235,29 @@ fn url_preview_allowed(url_str: &str) -> bool {
    if ["http", "https"].iter().all(|&scheme| scheme != url.scheme().to_lowercase()) {
        return false;
    }
-    match services().globals.url_preview_mode() {
-        UrlPreviewMode::All => true,
-        UrlPreviewMode::None => false,
-        UrlPreviewMode::Allowlist => {
-            match url.host_str() {
-                None => false,
-                Some(host) => {
-                    services().globals.url_preview_allowlist().contains(&host.to_string())
-                }
-            }
+    let mut host = match url.host_str() {
+        None => return false,
+        Some(h) => h.to_lowercase(),
+    };
+
+    let allowlist = services().globals.url_preview_allowlist();
+    if allowlist.contains(&"*".to_owned()) {
+        return true;
+    }
+    while !host.is_empty() {
+        if allowlist.contains(&host) {
+            return true;
+        }
+        if allowlist.contains(&"default".to_owned()) && DEFAULT_ALLOWLIST.contains(&host.as_str()) {
+            return true;
+        }
+        /* also check higher level domains, so that e.g. `en.m.wikipedia.org` is matched by `wikipedia.org` on allowlist. */
+        host = match host.split_once('.') {
+            None => return false,
+            Some((_, domain)) => domain.to_owned(),
        }
    }
+    false
 }

 /// # `GET /_matrix/media/r0/preview_url`