refactor: remove regex

This commit is contained in:
Namekuji 2023-08-18 05:51:41 -04:00
parent c3944f49ef
commit ad93bc80f8
No known key found for this signature in database
GPG Key ID: 1D62332C07FBA532
2 changed files with 3 additions and 9 deletions

View File

@ -92,7 +92,7 @@ export async function downloadUrl(url: string, path: string): Promise<void> {
logger.succ(`Download finished: ${chalk.cyan(url)}`); logger.succ(`Download finished: ${chalk.cyan(url)}`);
} }
function isPrivateIp(ip: string): boolean { export function isPrivateIp(ip: string): boolean {
for (const net of config.allowedPrivateNetworks || []) { for (const net of config.allowedPrivateNetworks || []) {
const cidr = new IPCIDR(net); const cidr = new IPCIDR(net);
if (cidr.contains(ip)) { if (cidr.contains(ip)) {

View File

@ -1,7 +1,7 @@
import { URL } from "node:url"; import { URL } from "node:url";
import type { User } from "@/models/entities/user.js"; import type { User } from "@/models/entities/user.js";
import { createTemp } from "@/misc/create-temp.js"; import { createTemp } from "@/misc/create-temp.js";
import { downloadUrl } from "@/misc/download-url.js"; import { downloadUrl, isPrivateIp } from "@/misc/download-url.js";
import type { DriveFolder } from "@/models/entities/drive-folder.js"; import type { DriveFolder } from "@/models/entities/drive-folder.js";
import type { DriveFile } from "@/models/entities/drive-file.js"; import type { DriveFile } from "@/models/entities/drive-file.js";
import { DriveFiles } from "@/models/index.js"; import { DriveFiles } from "@/models/index.js";
@ -23,10 +23,6 @@ type Args = {
requestHeaders?: Record<string, string> | null; requestHeaders?: Record<string, string> | null;
}; };
const PRIVATE_IPV4 =
/(^127\.)|(^10\.)|(^172\.1[6-9]\.)|(^172\.2[0-9]\.)|(^172\.3[0-1]\.)|(^192\.168\.)|(^0\.)/;
const PRIVATE_IPV6 = /(f[c-e][0-9a-f][0-9a-f]:)|(F[C-E][0-9A-F][0-9A-F]:)|(::)/;
export async function uploadFromUrl({ export async function uploadFromUrl({
url, url,
user, user,
@ -42,9 +38,7 @@ export async function uploadFromUrl({
const parsedUrl = new URL(url); const parsedUrl = new URL(url);
if ( if (
process.env.NODE_ENV === "production" && process.env.NODE_ENV === "production" &&
(PRIVATE_IPV4.test(parsedUrl.hostname) || isPrivateIp(parsedUrl.hostname)
PRIVATE_IPV6.test(parsedUrl.hostname) ||
parsedUrl.hostname.includes("localhost"))
) { ) {
throw new Error("Private IP is not allowed"); throw new Error("Private IP is not allowed");
} }