mirrors/barkey
1
0
Fork 0
mirror of https://codeberg.org/yeentown/barkey.git synced 2025-11-04 07:24:13 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

merge: bugfix auth-fetch ask to never cache responses (#284)

Browse source 
Reviewed-on: https://git.joinsharkey.org/Sharkey/Sharkey/pulls/284
This commit is contained in:
Marie 2023-12-31 19:24:29 +01:00
commit 4f2fa60a72
1 changed files with 23 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
packages/backend/src/server/ActivityPubServerService.ts
View file

@ -129,6 +129,13 @@ export class ActivityPubServerService {
this is also inspired by FireFish's `checkFetch` this is also inspired by FireFish's `checkFetch`
*/ */
/* tell any caching proxy that they should not cache these
responses: we wouldn't want the proxy to return a 403 to
someone presenting a valid signature, or return a cached
response body to someone we've blocked!
*/
reply.header('Cache-Control', 'private, max-age=0, must-revalidate');
/* we always allow requests about our instance actor, because when /* we always allow requests about our instance actor, because when
a remote instance needs to check our signature on a request we a remote instance needs to check our signature on a request we
sent, it will need to fetch information about the user that sent, it will need to fetch information about the user that
@ -322,11 +329,11 @@ export class ActivityPubServerService {
if (profile.followersVisibility === 'private') { if (profile.followersVisibility === 'private') {
reply.code(403); reply.code(403);
reply.header('Cache-Control', 'public, max-age=30'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=30');
return; return;
} else if (profile.followersVisibility === 'followers') { } else if (profile.followersVisibility === 'followers') {
reply.code(403); reply.code(403);
reply.header('Cache-Control', 'public, max-age=30'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=30');
return; return;
} }
//#endregion //#endregion
@ -378,7 +385,7 @@ export class ActivityPubServerService {
user.followersCount, user.followersCount,
`${partOf}?page=true`, `${partOf}?page=true`,
); );
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(rendered)); return (this.apRendererService.addContext(rendered));
} }
@ -416,11 +423,11 @@ export class ActivityPubServerService {
if (profile.followingVisibility === 'private') { if (profile.followingVisibility === 'private') {
reply.code(403); reply.code(403);
reply.header('Cache-Control', 'public, max-age=30'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=30');
return; return;
} else if (profile.followingVisibility === 'followers') { } else if (profile.followingVisibility === 'followers') {
reply.code(403); reply.code(403);
reply.header('Cache-Control', 'public, max-age=30'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=30');
return; return;
} }
//#endregion //#endregion
@ -472,7 +479,7 @@ export class ActivityPubServerService {
user.followingCount, user.followingCount,
`${partOf}?page=true`, `${partOf}?page=true`,
); );
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(rendered)); return (this.apRendererService.addContext(rendered));
} }
@ -513,7 +520,7 @@ export class ActivityPubServerService {
renderedNotes, renderedNotes,
); );
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(rendered)); return (this.apRendererService.addContext(rendered));
} }
@ -604,7 +611,7 @@ export class ActivityPubServerService {
`${partOf}?page=true`, `${partOf}?page=true`,
`${partOf}?page=true&since_id=000000000000000000000000`, `${partOf}?page=true&since_id=000000000000000000000000`,
); );
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(rendered)); return (this.apRendererService.addContext(rendered));
} }
@ -617,7 +624,7 @@ export class ActivityPubServerService {
return; return;
} }
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(await this.apRendererService.renderPerson(user as MiLocalUser))); return (this.apRendererService.addContext(await this.apRendererService.renderPerson(user as MiLocalUser)));
} }
@ -707,7 +714,7 @@ export class ActivityPubServerService {
return; return;
} }
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return this.apRendererService.addContext(await this.apRendererService.renderNote(note, false)); return this.apRendererService.addContext(await this.apRendererService.renderNote(note, false));
}); });
@ -730,7 +737,7 @@ export class ActivityPubServerService {
return; return;
} }
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(await this.packActivity(note))); return (this.apRendererService.addContext(await this.packActivity(note)));
}); });
@ -775,7 +782,7 @@ export class ActivityPubServerService {
const keypair = await this.userKeypairService.getUserKeypair(user.id); const keypair = await this.userKeypairService.getUserKeypair(user.id);
if (this.userEntityService.isLocalUser(user)) { if (this.userEntityService.isLocalUser(user)) {
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(this.apRendererService.renderKey(user, keypair))); return (this.apRendererService.addContext(this.apRendererService.renderKey(user, keypair)));
} else { } else {
@ -825,7 +832,7 @@ export class ActivityPubServerService {
return; return;
} }
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(await this.apRendererService.renderEmoji(emoji))); return (this.apRendererService.addContext(await this.apRendererService.renderEmoji(emoji)));
}); });
@ -848,7 +855,7 @@ export class ActivityPubServerService {
return; return;
} }
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(await this.apRendererService.renderLike(reaction, note))); return (this.apRendererService.addContext(await this.apRendererService.renderLike(reaction, note)));
}); });
@ -876,7 +883,7 @@ export class ActivityPubServerService {
return; return;
} }
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(this.apRendererService.renderFollow(follower, followee))); return (this.apRendererService.addContext(this.apRendererService.renderFollow(follower, followee)));
}); });
@ -913,7 +920,7 @@ export class ActivityPubServerService {
return; return;
} }
reply.header('Cache-Control', 'public, max-age=180'); if (!this.config.checkActivityPubGetSignature) reply.header('Cache-Control', 'public, max-age=180');
this.setResponseType(request, reply); this.setResponseType(request, reply);
return (this.apRendererService.addContext(this.apRendererService.renderFollow(follower, followee))); return (this.apRendererService.addContext(this.apRendererService.renderFollow(follower, followee)));
}); });