mirror of
https://git.joinsharkey.org/Sharkey/Sharkey.git
synced 2024-11-23 05:13:07 +02:00
fix(server): validate url from ap to improve security
This commit is contained in:
parent
650187deaf
commit
0da0cc80b9
1 changed files with 4 additions and 0 deletions
|
@ -48,6 +48,10 @@ export class ApImageService {
|
||||||
throw new Error('invalid image: url not privided');
|
throw new Error('invalid image: url not privided');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!image.url.startsWith('https://')) {
|
||||||
|
throw new Error('invalid image: unexpected shcema of url: ' + image.url);
|
||||||
|
}
|
||||||
|
|
||||||
this.logger.info(`Creating the Image: ${image.url}`);
|
this.logger.info(`Creating the Image: ${image.url}`);
|
||||||
|
|
||||||
const instance = await this.metaService.fetch();
|
const instance = await this.metaService.fetch();
|
||||||
|
|
Loading…
Reference in a new issue