router: require oauth_read for searching

Search calls are generally expensive and allow unauthenticated users to
crawl the instance for user profiles or posts which contain specified
keywords.  An adversary can build a distributed search engine which not
only will consume significant instance resources, but also can be used
for undesirable purposes such as datamining.

Accordingly, require authenticated access to use the search API endpoints.
This acts as a nice balance as it allows guest users to make use of most
functionality available in Pleroma FE while ensuring that Pleroma
instances are reasonably protected from resource exhaustion.  It also
removes Pleroma as a potential vector in distributed search engines.
This commit is contained in:
William Pitcock 2019-05-29 10:58:45 +00:00
parent 26e7613824
commit 0159a6dbe9

View file

@ -414,7 +414,12 @@ defmodule Pleroma.Web.Router do
get("/trends", MastodonAPIController, :empty_array) get("/trends", MastodonAPIController, :empty_array)
get("/accounts/search", MastodonAPIController, :account_search) scope [] do
pipe_through(:oauth_read)
get("/search", MastodonAPIController, :search)
get("/accounts/search", MastodonAPIController, :account_search)
end
scope [] do scope [] do
pipe_through(:oauth_read_or_public) pipe_through(:oauth_read_or_public)
@ -431,14 +436,12 @@ defmodule Pleroma.Web.Router do
get("/accounts/:id/following", MastodonAPIController, :following) get("/accounts/:id/following", MastodonAPIController, :following)
get("/accounts/:id", MastodonAPIController, :user) get("/accounts/:id", MastodonAPIController, :user)
get("/search", MastodonAPIController, :search)
get("/pleroma/accounts/:id/favourites", MastodonAPIController, :user_favourites) get("/pleroma/accounts/:id/favourites", MastodonAPIController, :user_favourites)
end end
end end
scope "/api/v2", Pleroma.Web.MastodonAPI do scope "/api/v2", Pleroma.Web.MastodonAPI do
pipe_through([:api, :oauth_read_or_public]) pipe_through([:api, :oauth_read])
get("/search", MastodonAPIController, :search2) get("/search", MastodonAPIController, :search2)
end end
@ -480,9 +483,14 @@ defmodule Pleroma.Web.Router do
get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status) get("/statuses/show/:id", TwitterAPI.Controller, :fetch_status)
get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation) get("/statusnet/conversation/:id", TwitterAPI.Controller, :fetch_conversation)
get("/search", TwitterAPI.Controller, :search)
get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline) get("/statusnet/tags/timeline/:tag", TwitterAPI.Controller, :public_and_external_timeline)
end end
scope [] do
pipe_through(:oauth_read)
get("/search", TwitterAPI.Controller, :search)
end
end end
scope "/api", Pleroma.Web do scope "/api", Pleroma.Web do
@ -500,7 +508,7 @@ defmodule Pleroma.Web.Router do
end end
scope "/api", Pleroma.Web, as: :twitter_api_search do scope "/api", Pleroma.Web, as: :twitter_api_search do
pipe_through([:api, :oauth_read_or_public]) pipe_through([:api, :oauth_read])
get("/pleroma/search_user", TwitterAPI.Controller, :search_user) get("/pleroma/search_user", TwitterAPI.Controller, :search_user)
end end