fix: refuse proxying valid json documents
this to avoid impersonation. this should usually be a cheap check, as most media won't be starting with valid json characters, so from_slice() should just check 1 byte most of the times
This commit is contained in:
parent
ab46e23ef9
commit
d9d7acbe98
GPG key ID:
A4895B84D311642C
1 changed files with 9 additions and 5 deletions
|
|
@ -3,7 +3,7 @@ use axum::{extract::{Path, Query, State}, http::HeaderMap, response::{IntoRespon
|
||||||
use reqwest::Method;
|
use reqwest::Method;
|
||||||
use upub::{traits::{Cloaker, Fetcher}, Context};
|
use upub::{traits::{Cloaker, Fetcher}, Context};
|
||||||
|
|
||||||
use crate::{builders::JsonLD, ApiError, AuthIdentity, Identity};
|
use crate::{builders::JsonLD, ApiError, ApiResult, AuthIdentity, Identity};
|
||||||
|
|
||||||
|
|
||||||
pub async fn view(
|
pub async fn view(
|
||||||
|
|
@ -86,9 +86,13 @@ pub async fn cloak_proxy(
|
||||||
)
|
)
|
||||||
.await?
|
.await?
|
||||||
.error_for_status()?;
|
.error_for_status()?;
|
||||||
|
|
||||||
|
let headers = resp.headers().clone();
|
||||||
|
let body = resp.bytes().await?.to_vec();
|
||||||
|
|
||||||
Ok((
|
if serde_json::from_slice::<serde_json::Value>(&body).is_ok() {
|
||||||
resp.headers().clone(),
|
return Err(ApiError::forbidden());
|
||||||
resp.bytes().await?.to_vec(),
|
}
|
||||||
))
|
|
||||||
|
Ok((headers, body))
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue