diff options
| author | Hazelnoot <acomputerdog@gmail.com> | 2025-05-05 09:56:28 -0400 |
|---|---|---|
| committer | Hazelnoot <acomputerdog@gmail.com> | 2025-05-08 11:05:15 -0400 |
| commit | c05aa7a28181b64669fb9e23c5e40b162292bef2 (patch) | |
| tree | cf01f365f9657493a5742bec4cf80b4a4f1c6271 /packages/backend/src/server/web | |
| parent | validate more URLs in UrlPreviewService.ts (diff) | |
| download | sharkey-c05aa7a28181b64669fb9e23c5e40b162292bef2.tar.gz sharkey-c05aa7a28181b64669fb9e23c5e40b162292bef2.tar.bz2 sharkey-c05aa7a28181b64669fb9e23c5e40b162292bef2.zip | |
softer URL preview validation: remove unsupported URLs instead of rejecting the whole preview
Diffstat (limited to 'packages/backend/src/server/web')
| -rw-r--r-- | packages/backend/src/server/web/UrlPreviewService.ts | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/packages/backend/src/server/web/UrlPreviewService.ts b/packages/backend/src/server/web/UrlPreviewService.ts index fe03583270..0bd3eff3ba 100644 --- a/packages/backend/src/server/web/UrlPreviewService.ts +++ b/packages/backend/src/server/web/UrlPreviewService.ts @@ -231,28 +231,32 @@ export class UrlPreviewService { if (summary.player.url) { const playerScheme = this.utilityService.getUrlScheme(summary.player.url); if (playerScheme !== 'http:' && playerScheme !== 'https:') { - throw new Error(`unsupported scheme in player URL: "${playerScheme}"`); + this.logger.warn(`Redacting preview for ${summary.url}: player URL has unsupported scheme "${playerScheme}"`); + summary.player.url = null; } } if (summary.icon) { const iconScheme = this.utilityService.getUrlScheme(summary.icon); if (iconScheme !== 'http:' && iconScheme !== 'https:') { - throw new Error(`unsupported scheme in icon URL: "${iconScheme}"`); + this.logger.warn(`Redacting preview for ${summary.url}: icon URL has unsupported scheme "${iconScheme}"`); + summary.icon = null; } } if (summary.thumbnail) { const thumbnailScheme = this.utilityService.getUrlScheme(summary.thumbnail); if (thumbnailScheme !== 'http:' && thumbnailScheme !== 'https:') { - throw new Error(`unsupported scheme in thumbnail URL: "${thumbnailScheme}"`); + this.logger.warn(`Redacting preview for ${summary.url}: thumbnail URL has unsupported scheme "${thumbnailScheme}"`); + summary.thumbnail = null; } } if (summary.activityPub) { const activityPubScheme = this.utilityService.getUrlScheme(summary.activityPub); if (activityPubScheme !== 'http:' && activityPubScheme !== 'https:') { - throw new Error(`unsupported scheme in ActivityPub URL: "${activityPubScheme}"`); + this.logger.warn(`Redacting preview for ${summary.url}: ActivityPub URL has unsupported scheme "${activityPubScheme}"`); + summary.activityPub = null; } } } |