MRF: Log sensible error for subdomains_regex
This commit is contained in:
parent
47e00524f7
commit
6af49270a9
1
changelog.d/mrf-regex-error.fix
Normal file
1
changelog.d/mrf-regex-error.fix
Normal file
@ -0,0 +1 @@
|
|||||||
|
MRF: Log sensible error for subdomains_regex
|
@ -1,5 +1,5 @@
|
|||||||
# Pleroma: A lightweight social networking server
|
# Pleroma: A lightweight social networking server
|
||||||
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
|
# Copyright © 2017-2023 Pleroma Authors <https://pleroma.social/>
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.ActivityPub.MRF do
|
defmodule Pleroma.Web.ActivityPub.MRF do
|
||||||
@ -139,7 +139,16 @@ defmodule Pleroma.Web.ActivityPub.MRF do
|
|||||||
|
|
||||||
@spec subdomains_regex([String.t()]) :: [Regex.t()]
|
@spec subdomains_regex([String.t()]) :: [Regex.t()]
|
||||||
def subdomains_regex(domains) when is_list(domains) do
|
def subdomains_regex(domains) when is_list(domains) do
|
||||||
for domain <- domains, do: ~r(^#{String.replace(domain, "*.", "(.*\\.)*")}$)i
|
for domain <- domains do
|
||||||
|
try do
|
||||||
|
target = String.replace(domain, "*.", "(.*\\.)*")
|
||||||
|
~r<^#{target}$>i
|
||||||
|
rescue
|
||||||
|
e ->
|
||||||
|
Logger.error("MRF: Invalid subdomain Regex: #{domain}")
|
||||||
|
reraise e, __STACKTRACE__
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
@spec subdomain_match?([Regex.t()], String.t()) :: boolean()
|
@spec subdomain_match?([Regex.t()], String.t()) :: boolean()
|
||||||
|
@ -1,10 +1,13 @@
|
|||||||
# Pleroma: A lightweight social networking server
|
# Pleroma: A lightweight social networking server
|
||||||
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
|
# Copyright © 2017-2023 Pleroma Authors <https://pleroma.social/>
|
||||||
# SPDX-License-Identifier: AGPL-3.0-only
|
# SPDX-License-Identifier: AGPL-3.0-only
|
||||||
|
|
||||||
defmodule Pleroma.Web.ActivityPub.MRFTest do
|
defmodule Pleroma.Web.ActivityPub.MRFTest do
|
||||||
use ExUnit.Case
|
use ExUnit.Case
|
||||||
use Pleroma.Tests.Helpers
|
use Pleroma.Tests.Helpers
|
||||||
|
|
||||||
|
import ExUnit.CaptureLog
|
||||||
|
|
||||||
alias Pleroma.Web.ActivityPub.MRF
|
alias Pleroma.Web.ActivityPub.MRF
|
||||||
|
|
||||||
test "subdomains_regex/1" do
|
test "subdomains_regex/1" do
|
||||||
@ -61,6 +64,14 @@ defmodule Pleroma.Web.ActivityPub.MRFTest do
|
|||||||
refute MRF.subdomain_match?(regexes, "EXAMPLE.COM")
|
refute MRF.subdomain_match?(regexes, "EXAMPLE.COM")
|
||||||
refute MRF.subdomain_match?(regexes, "example.com")
|
refute MRF.subdomain_match?(regexes, "example.com")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@tag capture_log: true
|
||||||
|
test "logs sensible error on accidental wildcard" do
|
||||||
|
assert_raise Regex.CompileError, fn ->
|
||||||
|
assert capture_log(MRF.subdomains_regex(["*unsafe.tld"])) =~
|
||||||
|
"MRF: Invalid subdomain Regex: *unsafe.tld"
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "instance_list_from_tuples/1" do
|
describe "instance_list_from_tuples/1" do
|
||||||
|
Loading…
Reference in New Issue
Block a user