diff options
| author | rinpatch <rinpatch@sdf.org> | 2020-09-17 19:09:10 +0000 |
|---|---|---|
| committer | rinpatch <rinpatch@sdf.org> | 2020-09-17 19:09:10 +0000 |
| commit | a0f5e8b27edbe2224d9c2c3997ad5b8ea484244b (patch) | |
| tree | 4a7a0f02e5880b7dff3ac20eaf59d71c7b584e5e /lib/pleroma/web/rich_media | |
| parent | 425324aae3d4534bc045466a1cc15653ddfa27d2 (diff) | |
| parent | 34afc2b0745b39861d9381e69cdb4b9c158f86ee (diff) | |
| download | pleroma-2.1.2.tar.gz | |
Merge branch 'release/2.1.2' into 'stable'v2.1.2
Release/2.1.2
See merge request pleroma/secteam/pleroma!17
Diffstat (limited to 'lib/pleroma/web/rich_media')
| -rw-r--r-- | lib/pleroma/web/rich_media/helpers.ex | 46 | ||||
| -rw-r--r-- | lib/pleroma/web/rich_media/parser.ex | 8 |
2 files changed, 53 insertions, 1 deletions
diff --git a/lib/pleroma/web/rich_media/helpers.ex b/lib/pleroma/web/rich_media/helpers.ex index 752ca9f81..b7852c6e3 100644 --- a/lib/pleroma/web/rich_media/helpers.ex +++ b/lib/pleroma/web/rich_media/helpers.ex @@ -96,6 +96,50 @@ defmodule Pleroma.Web.RichMedia.Helpers do @rich_media_options end - Pleroma.HTTP.get(url, headers, adapter: options) + head_check = + case Pleroma.HTTP.head(url, headers, adapter: options) do + # If the HEAD request didn't reach the server for whatever reason, + # we assume the GET that comes right after won't either + {:error, _} = e -> + e + + {:ok, %Tesla.Env{status: 200, headers: headers}} -> + with :ok <- check_content_type(headers), + :ok <- check_content_length(headers), + do: :ok + + _ -> + :ok + end + + with :ok <- head_check, do: Pleroma.HTTP.get(url, headers, adapter: options) + end + + defp check_content_type(headers) do + case List.keyfind(headers, "content-type", 0) do + {_, content_type} -> + case Plug.Conn.Utils.media_type(content_type) do + {:ok, "text", "html", _} -> :ok + _ -> {:error, {:content_type, content_type}} + end + + _ -> + :ok + end + end + + @max_body @rich_media_options[:max_body] + defp check_content_length(headers) do + case List.keyfind(headers, "content-length", 0) do + {_, maybe_content_length} -> + case Integer.parse(maybe_content_length) do + {content_length, ""} when content_length <= @max_body -> :ok + {_, ""} -> {:error, :body_too_large} + _ -> :ok + end + + _ -> + :ok + end end end diff --git a/lib/pleroma/web/rich_media/parser.ex b/lib/pleroma/web/rich_media/parser.ex index e98c743ca..569249f51 100644 --- a/lib/pleroma/web/rich_media/parser.ex +++ b/lib/pleroma/web/rich_media/parser.ex @@ -31,6 +31,14 @@ defmodule Pleroma.Web.RichMedia.Parser do {:ok, _data} = res -> res + {:error, :body_too_large} = e -> + e + + {:error, {:content_type, _}} = e -> + e + + # The TTL is not set for the errors above, since they are unlikely to change + # with time {:error, _} = e -> ttl = Pleroma.Config.get([:rich_media, :failure_backoff], 60_000) Cachex.expire(:rich_media_cache, url, ttl) |