forked from AkkomaGang/akkoma
MRF: ensure that subdomain_match calls are case-insensitive
This commit is contained in:
parent
25c818ed6f
commit
4d0dd04653
3 changed files with 21 additions and 6 deletions
|
@ -11,6 +11,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Templates: properly style anchor tags
|
- Templates: properly style anchor tags
|
||||||
- Objects being re-embedded to activities after being updated (e.g faved/reposted). Running 'mix pleroma.database prune_objects' again is advised.
|
- Objects being re-embedded to activities after being updated (e.g faved/reposted). Running 'mix pleroma.database prune_objects' again is advised.
|
||||||
- Not being able to access the Mastodon FE login page on private instances
|
- Not being able to access the Mastodon FE login page on private instances
|
||||||
|
- MRF: ensure that subdomain_match calls are case-insensitive
|
||||||
|
|
||||||
### Added
|
### Added
|
||||||
- Relays: Added a task to list relay subscriptions.
|
- Relays: Added a task to list relay subscriptions.
|
||||||
|
|
|
@ -28,7 +28,7 @@ defmodule Pleroma.Web.ActivityPub.MRF do
|
||||||
|
|
||||||
@spec subdomains_regex([String.t()]) :: [Regex.t()]
|
@spec subdomains_regex([String.t()]) :: [Regex.t()]
|
||||||
def subdomains_regex(domains) when is_list(domains) do
|
def subdomains_regex(domains) when is_list(domains) do
|
||||||
for domain <- domains, do: ~r(^#{String.replace(domain, "*.", "(.*\\.)*")}$)
|
for domain <- domains, do: ~r(^#{String.replace(domain, "*.", "(.*\\.)*")}$)i
|
||||||
end
|
end
|
||||||
|
|
||||||
@spec subdomain_match?([Regex.t()], String.t()) :: boolean()
|
@spec subdomain_match?([Regex.t()], String.t()) :: boolean()
|
||||||
|
|
|
@ -4,8 +4,8 @@ defmodule Pleroma.Web.ActivityPub.MRFTest do
|
||||||
|
|
||||||
test "subdomains_regex/1" do
|
test "subdomains_regex/1" do
|
||||||
assert MRF.subdomains_regex(["unsafe.tld", "*.unsafe.tld"]) == [
|
assert MRF.subdomains_regex(["unsafe.tld", "*.unsafe.tld"]) == [
|
||||||
~r/^unsafe.tld$/,
|
~r/^unsafe.tld$/i,
|
||||||
~r/^(.*\.)*unsafe.tld$/
|
~r/^(.*\.)*unsafe.tld$/i
|
||||||
]
|
]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -13,7 +13,7 @@ defmodule Pleroma.Web.ActivityPub.MRFTest do
|
||||||
test "common domains" do
|
test "common domains" do
|
||||||
regexes = MRF.subdomains_regex(["unsafe.tld", "unsafe2.tld"])
|
regexes = MRF.subdomains_regex(["unsafe.tld", "unsafe2.tld"])
|
||||||
|
|
||||||
assert regexes == [~r/^unsafe.tld$/, ~r/^unsafe2.tld$/]
|
assert regexes == [~r/^unsafe.tld$/i, ~r/^unsafe2.tld$/i]
|
||||||
|
|
||||||
assert MRF.subdomain_match?(regexes, "unsafe.tld")
|
assert MRF.subdomain_match?(regexes, "unsafe.tld")
|
||||||
assert MRF.subdomain_match?(regexes, "unsafe2.tld")
|
assert MRF.subdomain_match?(regexes, "unsafe2.tld")
|
||||||
|
@ -24,7 +24,7 @@ defmodule Pleroma.Web.ActivityPub.MRFTest do
|
||||||
test "wildcard domains with one subdomain" do
|
test "wildcard domains with one subdomain" do
|
||||||
regexes = MRF.subdomains_regex(["*.unsafe.tld"])
|
regexes = MRF.subdomains_regex(["*.unsafe.tld"])
|
||||||
|
|
||||||
assert regexes == [~r/^(.*\.)*unsafe.tld$/]
|
assert regexes == [~r/^(.*\.)*unsafe.tld$/i]
|
||||||
|
|
||||||
assert MRF.subdomain_match?(regexes, "unsafe.tld")
|
assert MRF.subdomain_match?(regexes, "unsafe.tld")
|
||||||
assert MRF.subdomain_match?(regexes, "sub.unsafe.tld")
|
assert MRF.subdomain_match?(regexes, "sub.unsafe.tld")
|
||||||
|
@ -35,12 +35,26 @@ defmodule Pleroma.Web.ActivityPub.MRFTest do
|
||||||
test "wildcard domains with two subdomains" do
|
test "wildcard domains with two subdomains" do
|
||||||
regexes = MRF.subdomains_regex(["*.unsafe.tld"])
|
regexes = MRF.subdomains_regex(["*.unsafe.tld"])
|
||||||
|
|
||||||
assert regexes == [~r/^(.*\.)*unsafe.tld$/]
|
assert regexes == [~r/^(.*\.)*unsafe.tld$/i]
|
||||||
|
|
||||||
assert MRF.subdomain_match?(regexes, "unsafe.tld")
|
assert MRF.subdomain_match?(regexes, "unsafe.tld")
|
||||||
assert MRF.subdomain_match?(regexes, "sub.sub.unsafe.tld")
|
assert MRF.subdomain_match?(regexes, "sub.sub.unsafe.tld")
|
||||||
refute MRF.subdomain_match?(regexes, "sub.anotherunsafe.tld")
|
refute MRF.subdomain_match?(regexes, "sub.anotherunsafe.tld")
|
||||||
refute MRF.subdomain_match?(regexes, "sub.unsafe.tldanother")
|
refute MRF.subdomain_match?(regexes, "sub.unsafe.tldanother")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "matches are case-insensitive" do
|
||||||
|
regexes = MRF.subdomains_regex(["UnSafe.TLD", "UnSAFE2.Tld"])
|
||||||
|
|
||||||
|
assert regexes == [~r/^UnSafe.TLD$/i, ~r/^UnSAFE2.Tld$/i]
|
||||||
|
|
||||||
|
assert MRF.subdomain_match?(regexes, "UNSAFE.TLD")
|
||||||
|
assert MRF.subdomain_match?(regexes, "UNSAFE2.TLD")
|
||||||
|
assert MRF.subdomain_match?(regexes, "unsafe.tld")
|
||||||
|
assert MRF.subdomain_match?(regexes, "unsafe2.tld")
|
||||||
|
|
||||||
|
refute MRF.subdomain_match?(regexes, "EXAMPLE.COM")
|
||||||
|
refute MRF.subdomain_match?(regexes, "example.com")
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue