Merge pull request 'Fix StealEmoji’s max size check' (#793) from Oneric/akkoma:emojistealer_contentlength into develop
Reviewed-on: #793
This commit is contained in:
commit
b03edb4ff4
3 changed files with 21 additions and 6 deletions
|
@ -101,10 +101,19 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
|
|||
end
|
||||
end
|
||||
|
||||
defp get_int_header(headers, header_name, default \\ nil) do
|
||||
with rawval when rawval != :undefined <- :proplists.get_value(header_name, headers),
|
||||
{int, ""} <- Integer.parse(rawval) do
|
||||
int
|
||||
else
|
||||
_ -> default
|
||||
end
|
||||
end
|
||||
|
||||
defp is_remote_size_within_limit?(url) do
|
||||
with {:ok, %{status: status, headers: headers} = _response} when status in 200..299 <-
|
||||
Pleroma.HTTP.request(:head, url, nil, [], []) do
|
||||
content_length = :proplists.get_value("content-length", headers, nil)
|
||||
content_length = get_int_header(headers, "content-length")
|
||||
size_limit = Config.get([:mrf_steal_emoji, :size_limit], @size_limit)
|
||||
|
||||
accept_unknown =
|
||||
|
@ -172,7 +181,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
|
|||
description: <<_::272, _::_*256>>,
|
||||
key: :hosts | :rejected_shortcodes | :size_limit,
|
||||
suggestions: [any(), ...],
|
||||
type: {:list, :string} | {:list, :string} | :integer
|
||||
type: {:list, :string} | {:list, :string} | :integer | :boolean
|
||||
},
|
||||
...
|
||||
],
|
||||
|
@ -209,6 +218,12 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
|
|||
type: :integer,
|
||||
description: "File size limit (in bytes), checked before an emoji is saved to the disk",
|
||||
suggestions: ["100000"]
|
||||
},
|
||||
%{
|
||||
key: :download_unknown_size,
|
||||
type: :boolean,
|
||||
description: "Whether to download emoji if size can't be determined ahead of time",
|
||||
suggestions: [false, true]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
|
|
@ -110,7 +110,7 @@ defmodule Pleroma.SignatureTest do
|
|||
|
||||
headers = %{
|
||||
host: "test.test",
|
||||
"content-length": 100
|
||||
"content-length": "100"
|
||||
}
|
||||
|
||||
assert_signature_equal(
|
||||
|
@ -127,7 +127,7 @@ defmodule Pleroma.SignatureTest do
|
|||
|
||||
assert Signature.sign(
|
||||
user,
|
||||
%{host: "test.test", "content-length": 100}
|
||||
%{host: "test.test", "content-length": "100"}
|
||||
) == {:error, []}
|
||||
end
|
||||
end
|
||||
|
|
|
@ -202,7 +202,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
|
|||
|
||||
test "reject too large content-size before download", %{message: message} do
|
||||
clear_config([:mrf_steal_emoji, :download_unknown_size], false)
|
||||
mock_tesla("https://example.org/emoji/firedfox.png", 200, [{"content-length", 2 ** 30}])
|
||||
mock_tesla("https://example.org/emoji/firedfox.png", 200, [{"content-length", "#{2 ** 30}"}])
|
||||
|
||||
refute "firedfox" in installed()
|
||||
|
||||
|
@ -216,7 +216,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicyTest do
|
|||
|
||||
test "accepts content-size below limit", %{message: message} do
|
||||
clear_config([:mrf_steal_emoji, :download_unknown_size], false)
|
||||
mock_tesla("https://example.org/emoji/firedfox.png", 200, [{"content-length", 2}])
|
||||
mock_tesla("https://example.org/emoji/firedfox.png", 200, [{"content-length", "2"}])
|
||||
|
||||
refute "firedfox" in installed()
|
||||
|
||||
|
|
Loading…
Reference in a new issue