misskey-dev/media-proxy
1
0
Fork 0
mirror of https://github.com/misskey-dev/media-proxy.git synced 2025-04-29 02:47:26 +09:00
Code Issues Packages Projects Releases Wiki Activity

FILE_TYPE_BROWSERSAFE規制を復活

Browse Source
This commit is contained in:
tamaina 2023-02-09 12:43:07 +00:00
parent 0ca08c2c50
commit b415f59b72
3 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
built/index.js
View File

@ -3,6 +3,7 @@ import { fileURLToPath } from 'node:url';
import { dirname } from 'node:path'; import { dirname } from 'node:path';
import fastifyStatic from '@fastify/static'; import fastifyStatic from '@fastify/static';
import { createTemp } from './create-temp.js'; import { createTemp } from './create-temp.js';
import { FILE_TYPE_BROWSERSAFE } from './const.js';
import { convertToWebpStream, webpDefault } from './image-processor.js'; import { convertToWebpStream, webpDefault } from './image-processor.js';
import { detectType, isMimeImage } from './file-info.js'; import { detectType, isMimeImage } from './file-info.js';
import sharp from 'sharp'; import sharp from 'sharp';
@ -148,6 +149,9 @@ async function proxyHandler(request, reply) {
else if (file.mime === 'image/svg+xml') { else if (file.mime === 'image/svg+xml') {
image = convertToWebpStream(file.path, 2048, 2048); image = convertToWebpStream(file.path, 2048, 2048);
} }
else if (!file.mime.startsWith('image/') || !FILE_TYPE_BROWSERSAFE.includes(file.mime)) {
throw new StatusError('Rejected type', 403, 'Rejected type');
}
if (!image) { if (!image) {
image = { image = {
data: fs.createReadStream(file.path), data: fs.createReadStream(file.path),

2
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "misskey-media-proxy", "name": "misskey-media-proxy",
"version": "0.0.6", "version": "0.0.9",
"description": "The Media Proxy for Misskey", "description": "The Media Proxy for Misskey",
"main": "built/index.js", "main": "built/index.js",
"packageManager": "pnpm@7.26.0", "packageManager": "pnpm@7.26.0",

2
src/index.ts
View File

@ -191,6 +191,8 @@ async function proxyHandler(request: FastifyRequest<{ Params: { url: string; };
}; };
} else if (file.mime === 'image/svg+xml') { } else if (file.mime === 'image/svg+xml') {
image = convertToWebpStream(file.path, 2048, 2048); image = convertToWebpStream(file.path, 2048, 2048);
} else if (!file.mime.startsWith('image/') || !FILE_TYPE_BROWSERSAFE.includes(file.mime)) {
throw new StatusError('Rejected type', 403, 'Rejected type');
} }
if (!image) { if (!image) {