FoundKeyGang/FoundKey
FoundKeyGang/FoundKey
7
19
Fork 22
Code Issues 37 Pull requests 4 Releases Activity

server: add wildcard matching to blocked hosts #260

Merged
norm merged 4 commits from wildcard-block-v2 into main 2022-12-01 20:12:18 +00:00
Conversation 0 Commits 4 Files changed 5 +46 -26
norm commented 2022-12-01 09:22:50 +00:00
Owner
Copy link

This adds in wildcard matching. For instance:

  • *.bad.tld will match: very.bad.tld
  • bad.* will match: bad.something
  • *.bad.* will match: very.bad.evil

Changelog: Changed

Supercedes: #259

This adds in wildcard matching. For instance: - `*.bad.tld` will match: `very.bad.tld` - `bad.*` will match: `bad.something` - `*.bad.*` will match: `very.bad.evil` Changelog: Changed --- Supercedes: https://akkoma.dev/FoundKeyGang/FoundKey/pulls/259
Johann150 reviewed 2022-12-01 16:17:32 +00:00
locales/en-US.yml Outdated
@ -188,3 +188,3 @@
blockedInstances: "Blocked Instances"
blockedInstancesDescription: "List the hostnames of the instances that you want to\
\ block. Listed instances will no longer be able to communicate with this instance."
\ block. Listed instances will no longer be able to communicate with this instance. Supports wildcard patterns."
Johann150 commented 2022-12-01 16:13:19 +00:00
Owner
Copy link

I think the wildcards should be described, i.e.

You can use an asterisk (*) as a placeholder for zero or more character(s).
I think the wildcards should be described, i.e. ``` You can use an asterisk (*) as a placeholder for zero or more character(s). ```
Johann150 commented 2022-12-01 16:16:47 +00:00
Owner
Copy link

Maybe we should note that admins have to use punicoded domains. Or maybe a better idea to fix that in the backend?

Maybe we should note that admins have to use punicoded domains. Or maybe a better idea to fix that in the backend?
norm commented 2022-12-01 16:53:42 +00:00
Author
Owner
Copy link

Seems like punycode doesn't play nicely when the wildcard is within a segment instead of on its own segment...

  • 點看.xyz -> xn--c1yn36f.xyz
  • 點看*.xyz -> xn--*-et3cu64i.xyz
  • 點看.*.xyz -> xn--c1yn36f.*.xyz

Wondering if we should only allow wildcards on their own domain segments...

Seems like punycode doesn't play nicely when the wildcard is within a segment instead of on its own segment... - `點看.xyz` -> `xn--c1yn36f.xyz` - `點看*.xyz` -> `xn--*-et3cu64i.xyz` - `點看.*.xyz` -> `xn--c1yn36f.*.xyz` Wondering if we should only allow wildcards on their own domain segments...
norm marked this conversation as resolved
packages/backend/src/misc/skipped-instances.ts Outdated
@ -33,3 +54,3 @@
// don't check hosts again that we already know are suspended
// also avoids adding duplicates to the list
hosts.filter(host => !skipped.includes(host) && !host.includes(',')).join(','),
hosts.filter(host => !skipped.some(blockedHost => matchHost(host, blockedHost)) && !host.includes(',')).join(','),
Johann150 commented 2022-12-01 16:10:24 +00:00
Owner
Copy link

I think this matchHost is not necessary because neither hosts nor skipped will contain wild cards.

I think this `matchHost` is not necessary because neither `hosts` nor `skipped` will contain wild cards.
norm marked this conversation as resolved
norm force-pushed wildcard-block-v2 from 6d02286bd8 to a35c98bbd5 2022-12-01 16:34:23 +00:00 Compare
norm added 1 commit 2022-12-01 17:08:28 +00:00
require punycode conversion beforehand for admins
Some checks failed
ci/woodpecker/push/lint-client Pipeline was successful
Details
ci/woodpecker/push/lint-backend Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/push/test Pipeline was successful
Details
ci/woodpecker/pr/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/pr/lint-backend Pipeline failed
Details
ci/woodpecker/pr/build Pipeline was successful
Details
ci/woodpecker/pr/lint-client Pipeline failed
Details
ci/woodpecker/pr/test Pipeline failed
Details
b3e34795c0
Johann150 added 1 commit 2022-12-01 19:46:59 +00:00
fixup: remove unused import
Some checks failed
ci/woodpecker/push/test Pipeline was successful
Details
ci/woodpecker/push/lint-backend Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/push/lint-client Pipeline was successful
Details
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/pr/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/pr/lint-backend Pipeline failed
Details
ci/woodpecker/pr/build Pipeline was successful
Details
ci/woodpecker/pr/lint-client Pipeline failed
Details
ci/woodpecker/pr/test Pipeline failed
Details
721a327192
Johann150 approved these changes 2022-12-01 19:47:13 +00:00
norm merged commit e10700a2be into main 2022-12-01 20:12:18 +00:00
norm deleted branch wildcard-block-v2 2022-12-01 20:12:18 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Johann150
Labels
Clear labels   
feature

task that proposes new feature(s)

  
fix

task to fix behavioral problems in the FoundKey codebase

  
upkeep

task that should make FoundKey smaller and more maintainable

No labels
feature
fix
upkeep
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: FoundKeyGang/FoundKey#260
No description provided.
Delete branch "wildcard-block-v2"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?