diff options
Diffstat (limited to 'packages/backend/src/misc')
| -rw-r--r-- | packages/backend/src/misc/captcha-error.ts | 18 | ||||
| -rw-r--r-- | packages/backend/src/misc/render-inline-error.ts | 2 | ||||
| -rw-r--r-- | packages/backend/src/misc/verify-field-link.ts | 3 |
3 files changed, 21 insertions, 2 deletions
diff --git a/packages/backend/src/misc/captcha-error.ts b/packages/backend/src/misc/captcha-error.ts new file mode 100644 index 0000000000..217018ec68 --- /dev/null +++ b/packages/backend/src/misc/captcha-error.ts @@ -0,0 +1,18 @@ +/* + * SPDX-FileCopyrightText: syuilo and misskey-project + * SPDX-License-Identifier: AGPL-3.0-only + */ + +import type { CaptchaErrorCode } from '@/core/CaptchaService.js'; + +export class CaptchaError extends Error { + public readonly code: CaptchaErrorCode; + public readonly cause?: unknown; + + constructor(code: CaptchaErrorCode, message: string, cause?: unknown) { + super(message, cause ? { cause } : undefined); + this.code = code; + this.cause = cause; + this.name = 'CaptchaError'; + } +} diff --git a/packages/backend/src/misc/render-inline-error.ts b/packages/backend/src/misc/render-inline-error.ts index 07f9f3068e..886efcb86e 100644 --- a/packages/backend/src/misc/render-inline-error.ts +++ b/packages/backend/src/misc/render-inline-error.ts @@ -5,7 +5,7 @@ import { IdentifiableError } from '@/misc/identifiable-error.js'; import { StatusError } from '@/misc/status-error.js'; -import { CaptchaError } from '@/core/CaptchaService.js'; +import { CaptchaError } from '@/misc/captcha-error.js'; export function renderInlineError(err: unknown): string { const parts: string[] = []; diff --git a/packages/backend/src/misc/verify-field-link.ts b/packages/backend/src/misc/verify-field-link.ts index 6a3c950059..31a356be37 100644 --- a/packages/backend/src/misc/verify-field-link.ts +++ b/packages/backend/src/misc/verify-field-link.ts @@ -10,8 +10,9 @@ type Field = { name: string, value: string }; export async function verifyFieldLinks(fields: Field[], profileUrls: string[], httpRequestService: HttpRequestService): Promise<string[]> { const verified_links = []; - for (const field_url of fields.filter(x => URL.canParse(x.value) && ['http:', 'https:'].includes((new URL(x.value).protocol)))) { + for (const field_url of fields) { try { + // getHtml validates the input URL, so we can safely pass in untrusted values const html = await httpRequestService.getHtml(field_url.value); const doc = cheerio(html); |