diff options
| author | Julia <julia@insertdomain.name> | 2024-11-05 03:59:23 +0000 |
|---|---|---|
| committer | Julia <julia@insertdomain.name> | 2024-11-05 03:59:23 +0000 |
| commit | 680e3ac7a3084313ed4857ffca2c582c5b3c7348 (patch) | |
| tree | 5621986847b8390b7c4f8e2f63cc53b180982b67 /packages/backend/src/server/FileServerService.ts | |
| parent | merge: Bump version (!635) (diff) | |
| parent | comment out sharkey-specific crowdin link (diff) | |
| download | sharkey-680e3ac7a3084313ed4857ffca2c582c5b3c7348.tar.gz sharkey-680e3ac7a3084313ed4857ffca2c582c5b3c7348.tar.bz2 sharkey-680e3ac7a3084313ed4857ffca2c582c5b3c7348.zip | |
merge: release 2024.9.1 (!733)
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/733
Approved-by: Marie <github@yuugi.dev>
Approved-by: Julia <julia@insertdomain.name>
Diffstat (limited to 'packages/backend/src/server/FileServerService.ts')
| -rw-r--r-- | packages/backend/src/server/FileServerService.ts | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/packages/backend/src/server/FileServerService.ts b/packages/backend/src/server/FileServerService.ts index 65a8218174..1a4d0cb48f 100644 --- a/packages/backend/src/server/FileServerService.ts +++ b/packages/backend/src/server/FileServerService.ts @@ -80,7 +80,7 @@ export class FileServerService { .catch(err => this.errorHandler(request, reply, err)); }); fastify.get<{ Params: { key: string; } }>('/files/:key/*', async (request, reply) => { - return await reply.redirect(301, `${this.config.url}/files/${request.params.key}`); + return await reply.redirect(`${this.config.url}/files/${request.params.key}`, 301); }); done(); }); @@ -145,12 +145,12 @@ export class FileServerService { url.searchParams.set('static', '1'); file.cleanup(); - return await reply.redirect(301, url.toString()); + return await reply.redirect(url.toString(), 301); } else if (file.mime.startsWith('video/')) { const externalThumbnail = this.videoProcessingService.getExternalVideoThumbnailUrl(file.url); if (externalThumbnail) { file.cleanup(); - return await reply.redirect(301, externalThumbnail); + return await reply.redirect(externalThumbnail, 301); } image = await this.videoProcessingService.generateVideoThumbnail(file.path); @@ -165,7 +165,7 @@ export class FileServerService { url.searchParams.set('url', file.url); file.cleanup(); - return await reply.redirect(301, url.toString()); + return await reply.redirect(url.toString(), 301); } } @@ -312,11 +312,17 @@ export class FileServerService { } return await reply.redirect( - 301, url.toString(), + 301, ); } + if (!request.headers['user-agent']) { + throw new StatusError('User-Agent is required', 400, 'User-Agent is required'); + } else if (request.headers['user-agent'].toLowerCase().indexOf('misskey/') !== -1) { + throw new StatusError('Refusing to proxy a request from another proxy', 403, 'Proxy is recursive'); + } + // Create temp file const file = await this.getStreamAndTypeFromUrl(url); if (file === '404') { |