summaryrefslogtreecommitdiff
path: root/src/server
diff options
context:
space:
mode:
Diffstat (limited to 'src/server')
-rw-r--r--src/server/api/endpoints/i/update.ts8
-rw-r--r--src/server/api/endpoints/messaging/messages/create.ts2
-rw-r--r--src/server/api/endpoints/username/available.ts2
-rw-r--r--src/server/api/endpoints/users/search.ts2
-rw-r--r--src/server/api/private/signup.ts4
-rw-r--r--src/server/proxy/proxy-media.ts2
-rw-r--r--src/server/web/url-preview.ts2
7 files changed, 12 insertions, 10 deletions
diff --git a/src/server/api/endpoints/i/update.ts b/src/server/api/endpoints/i/update.ts
index 2951072cf6..10521d12d8 100644
--- a/src/server/api/endpoints/i/update.ts
+++ b/src/server/api/endpoints/i/update.ts
@@ -29,14 +29,14 @@ export const meta = {
params: {
name: {
- validator: $.optional.nullable.str.pipe(Users.isValidName),
+ validator: $.optional.nullable.use(Users.validateName),
desc: {
'ja-JP': '名前(ハンドルネームやニックネーム)'
}
},
description: {
- validator: $.optional.nullable.str.pipe(Users.isValidDescription),
+ validator: $.optional.nullable.use(Users.validateDescription),
desc: {
'ja-JP': 'アカウントの説明や自己紹介'
}
@@ -50,14 +50,14 @@ export const meta = {
},
location: {
- validator: $.optional.nullable.str.pipe(Users.isValidLocation),
+ validator: $.optional.nullable.use(Users.validateLocation),
desc: {
'ja-JP': '住んでいる地域、所在'
}
},
birthday: {
- validator: $.optional.nullable.str.pipe(Users.isValidBirthday),
+ validator: $.optional.nullable.use(Users.validateBirthday),
desc: {
'ja-JP': '誕生日 (YYYY-MM-DD形式)'
}
diff --git a/src/server/api/endpoints/messaging/messages/create.ts b/src/server/api/endpoints/messaging/messages/create.ts
index f5d7cf2b38..feffc9a0c6 100644
--- a/src/server/api/endpoints/messaging/messages/create.ts
+++ b/src/server/api/endpoints/messaging/messages/create.ts
@@ -44,7 +44,7 @@ export const meta = {
},
text: {
- validator: $.optional.str.pipe(MessagingMessages.isValidText)
+ validator: $.optional.str.pipe(MessagingMessages.validateText)
},
fileId: {
diff --git a/src/server/api/endpoints/username/available.ts b/src/server/api/endpoints/username/available.ts
index 42ab176652..724bb3a0c3 100644
--- a/src/server/api/endpoints/username/available.ts
+++ b/src/server/api/endpoints/username/available.ts
@@ -9,7 +9,7 @@ export const meta = {
params: {
username: {
- validator: $.str.pipe(Users.validateUsername)
+ validator: $.use(Users.validateLocalUsername)
}
}
};
diff --git a/src/server/api/endpoints/users/search.ts b/src/server/api/endpoints/users/search.ts
index 2809465fd7..5c413defbc 100644
--- a/src/server/api/endpoints/users/search.ts
+++ b/src/server/api/endpoints/users/search.ts
@@ -66,7 +66,7 @@ export const meta = {
};
export default define(meta, async (ps, me) => {
- const isUsername = Users.validateUsername(ps.query.replace('@', ''), !ps.localOnly);
+ const isUsername = ps.localOnly ? Users.validateLocalUsername.ok(ps.query.replace('@', '')) : Users.validateRemoteUsername.ok(ps.query.replace('@', ''));
let users: User[] = [];
diff --git a/src/server/api/private/signup.ts b/src/server/api/private/signup.ts
index c75f8fb296..ca197a6611 100644
--- a/src/server/api/private/signup.ts
+++ b/src/server/api/private/signup.ts
@@ -58,13 +58,13 @@ export default async (ctx: Koa.BaseContext) => {
}
// Validate username
- if (!Users.validateUsername(username)) {
+ if (!Users.validateLocalUsername.ok(username)) {
ctx.status = 400;
return;
}
// Validate password
- if (!Users.validatePassword(password)) {
+ if (!Users.validatePassword.ok(password)) {
ctx.status = 400;
return;
}
diff --git a/src/server/proxy/proxy-media.ts b/src/server/proxy/proxy-media.ts
index e16665f6cd..4535a0fb5d 100644
--- a/src/server/proxy/proxy-media.ts
+++ b/src/server/proxy/proxy-media.ts
@@ -17,6 +17,8 @@ export async function proxyMedia(ctx: Koa.BaseContext) {
const [type, ext] = await detectMine(path);
+ if (!type.startsWith('image/')) throw 403;
+
let image: IImage;
if ('static' in ctx.query && ['image/png', 'image/gif'].includes(type)) {
diff --git a/src/server/web/url-preview.ts b/src/server/web/url-preview.ts
index cdb6f13f59..e5b9ff6244 100644
--- a/src/server/web/url-preview.ts
+++ b/src/server/web/url-preview.ts
@@ -36,7 +36,7 @@ module.exports = async (ctx: Koa.BaseContext) => {
ctx.body = summary;
} catch (e) {
- logger.error(`Failed to get preview of ${ctx.query.url}: ${e}`);
+ logger.warn(`Failed to get preview of ${ctx.query.url}: ${e}`);
ctx.status = 200;
ctx.set('Cache-Control', 'max-age=86400, immutable');
ctx.body = '{}';
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-11 12:57:43 +0000