diff options
| author | tamaina <tamaina@hotmail.co.jp> | 2024-02-17 12:41:19 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-02-17 12:41:19 +0900 |
| commit | 9a70ce8f5ea9df00001894809f5ce7bc69b14c8a (patch) | |
| tree | f615d85b9fa8298d5009abc3f1dec7561ac82ec1 /packages/backend/src/core/HttpRequestService.ts | |
| parent | 2024.2.0-beta.13 (diff) | |
| download | sharkey-9a70ce8f5ea9df00001894809f5ce7bc69b14c8a.tar.gz sharkey-9a70ce8f5ea9df00001894809f5ce7bc69b14c8a.tar.bz2 sharkey-9a70ce8f5ea9df00001894809f5ce7bc69b14c8a.zip | |
Merge pull request from GHSA-qqrm-9grj-6v32
* maybe ok
* fix
* test wip
* :v:
* fix
* if (res.ok)
* validateContentTypeSetAsJsonLD
* 条件を考慮し直す
* その他の+json接尾辞が付いているメディアタイプも受け容れる
* https://github.com/misskey-dev/misskey-ghsa-qqrm-9grj-6v32/pull/1#discussion_r1490999009
* add `; profile="https://www.w3.org/ns/activitystreams"`
* application/ld+json;
Diffstat (limited to 'packages/backend/src/core/HttpRequestService.ts')
| -rw-r--r-- | packages/backend/src/core/HttpRequestService.ts | 55 |
1 files changed, 44 insertions, 11 deletions
diff --git a/packages/backend/src/core/HttpRequestService.ts b/packages/backend/src/core/HttpRequestService.ts index b36b9f6e3c..7f3cac7c58 100644 --- a/packages/backend/src/core/HttpRequestService.ts +++ b/packages/backend/src/core/HttpRequestService.ts @@ -14,9 +14,16 @@ import { DI } from '@/di-symbols.js'; import type { Config } from '@/config.js'; import { StatusError } from '@/misc/status-error.js'; import { bindThis } from '@/decorators.js'; +import { validateContentTypeSetAsActivityPub } from '@/core/activitypub/misc/validator.js'; +import type { IObject } from '@/core/activitypub/type.js'; import type { Response } from 'node-fetch'; import type { URL } from 'node:url'; +export type HttpRequestSendOptions = { + throwErrorWhenResponseNotOk: boolean; + validators?: ((res: Response) => void)[]; +}; + @Injectable() export class HttpRequestService { /** @@ -105,6 +112,23 @@ export class HttpRequestService { } @bindThis + public async getActivityJson(url: string): Promise<IObject> { + const res = await this.send(url, { + method: 'GET', + headers: { + Accept: 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams"', + }, + timeout: 5000, + size: 1024 * 256, + }, { + throwErrorWhenResponseNotOk: true, + validators: [validateContentTypeSetAsActivityPub], + }); + + return await res.json() as IObject; + } + + @bindThis public async getJson<T = unknown>(url: string, accept = 'application/json, */*', headers?: Record<string, string>): Promise<T> { const res = await this.send(url, { method: 'GET', @@ -132,17 +156,20 @@ export class HttpRequestService { } @bindThis - public async send(url: string, args: { - method?: string, - body?: string, - headers?: Record<string, string>, - timeout?: number, - size?: number, - } = {}, extra: { - throwErrorWhenResponseNotOk: boolean; - } = { - throwErrorWhenResponseNotOk: true, - }): Promise<Response> { + public async send( + url: string, + args: { + method?: string, + body?: string, + headers?: Record<string, string>, + timeout?: number, + size?: number, + } = {}, + extra: HttpRequestSendOptions = { + throwErrorWhenResponseNotOk: true, + validators: [], + }, + ): Promise<Response> { const timeout = args.timeout ?? 5000; const controller = new AbortController(); @@ -166,6 +193,12 @@ export class HttpRequestService { throw new StatusError(`${res.status} ${res.statusText}`, res.status, res.statusText); } + if (res.ok) { + for (const validator of (extra.validators ?? [])) { + validator(res); + } + } + return res; } } |