refactor
This commit is contained in:
parent
d53795184c
commit
cfd1888969
@ -4,7 +4,7 @@ export const USER_ACTIVE_THRESHOLD = 1000 * 60 * 60 * 24 * 3; // 3days
|
|||||||
// ブラウザで直接表示することを許可するファイルの種類のリスト
|
// ブラウザで直接表示することを許可するファイルの種類のリスト
|
||||||
// ここに含まれないものは application/octet-stream としてレスポンスされる
|
// ここに含まれないものは application/octet-stream としてレスポンスされる
|
||||||
// SVGはXSSを生むので許可しない
|
// SVGはXSSを生むので許可しない
|
||||||
export const FILE_TYPE_WHITELIST = [
|
export const FILE_TYPE_BROWSERSAFE = [
|
||||||
'image/png',
|
'image/png',
|
||||||
'image/gif',
|
'image/gif',
|
||||||
'image/jpeg',
|
'image/jpeg',
|
||||||
|
@ -14,7 +14,7 @@ import { detectType } from '@/misc/get-file-info';
|
|||||||
import { convertToJpeg, convertToPngOrJpeg } from '@/services/drive/image-processor';
|
import { convertToJpeg, convertToPngOrJpeg } from '@/services/drive/image-processor';
|
||||||
import { GenerateVideoThumbnail } from '@/services/drive/generate-video-thumbnail';
|
import { GenerateVideoThumbnail } from '@/services/drive/generate-video-thumbnail';
|
||||||
import { StatusError } from '@/misc/fetch';
|
import { StatusError } from '@/misc/fetch';
|
||||||
import { FILE_TYPE_WHITELIST } from '@/const';
|
import { FILE_TYPE_BROWSERSAFE } from '@/const';
|
||||||
|
|
||||||
//const _filename = fileURLToPath(import.meta.url);
|
//const _filename = fileURLToPath(import.meta.url);
|
||||||
const _filename = __filename;
|
const _filename = __filename;
|
||||||
@ -83,7 +83,7 @@ export default async function(ctx: Koa.Context) {
|
|||||||
|
|
||||||
const image = await convertFile();
|
const image = await convertFile();
|
||||||
ctx.body = image.data;
|
ctx.body = image.data;
|
||||||
ctx.set('Content-Type', FILE_TYPE_WHITELIST.includes(image.type) ? image.type : 'application/octet-stream');
|
ctx.set('Content-Type', FILE_TYPE_BROWSERSAFE.includes(image.type) ? image.type : 'application/octet-stream');
|
||||||
ctx.set('Cache-Control', 'max-age=31536000, immutable');
|
ctx.set('Cache-Control', 'max-age=31536000, immutable');
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
serverLogger.error(`${e}`);
|
serverLogger.error(`${e}`);
|
||||||
@ -114,14 +114,14 @@ export default async function(ctx: Koa.Context) {
|
|||||||
}).toString();
|
}).toString();
|
||||||
|
|
||||||
ctx.body = InternalStorage.read(key);
|
ctx.body = InternalStorage.read(key);
|
||||||
ctx.set('Content-Type', FILE_TYPE_WHITELIST.includes(mime) ? mime : 'application/octet-stream');
|
ctx.set('Content-Type', FILE_TYPE_BROWSERSAFE.includes(mime) ? mime : 'application/octet-stream');
|
||||||
ctx.set('Cache-Control', 'max-age=31536000, immutable');
|
ctx.set('Cache-Control', 'max-age=31536000, immutable');
|
||||||
ctx.set('Content-Disposition', contentDisposition('inline', filename));
|
ctx.set('Content-Disposition', contentDisposition('inline', filename));
|
||||||
} else {
|
} else {
|
||||||
const readable = InternalStorage.read(file.accessKey!);
|
const readable = InternalStorage.read(file.accessKey!);
|
||||||
readable.on('error', commonReadableHandlerGenerator(ctx));
|
readable.on('error', commonReadableHandlerGenerator(ctx));
|
||||||
ctx.body = readable;
|
ctx.body = readable;
|
||||||
ctx.set('Content-Type', FILE_TYPE_WHITELIST.includes(file.type) ? file.type : 'application/octet-stream');
|
ctx.set('Content-Type', FILE_TYPE_BROWSERSAFE.includes(file.type) ? file.type : 'application/octet-stream');
|
||||||
ctx.set('Cache-Control', 'max-age=31536000, immutable');
|
ctx.set('Cache-Control', 'max-age=31536000, immutable');
|
||||||
ctx.set('Content-Disposition', contentDisposition('inline', file.name));
|
ctx.set('Content-Disposition', contentDisposition('inline', file.name));
|
||||||
}
|
}
|
||||||
|
@ -6,7 +6,7 @@ import { createTemp } from '@/misc/create-temp';
|
|||||||
import { downloadUrl } from '@/misc/download-url';
|
import { downloadUrl } from '@/misc/download-url';
|
||||||
import { detectType } from '@/misc/get-file-info';
|
import { detectType } from '@/misc/get-file-info';
|
||||||
import { StatusError } from '@/misc/fetch';
|
import { StatusError } from '@/misc/fetch';
|
||||||
import { FILE_TYPE_WHITELIST } from '@/const';
|
import { FILE_TYPE_BROWSERSAFE } from '@/const';
|
||||||
|
|
||||||
export async function proxyMedia(ctx: Koa.Context) {
|
export async function proxyMedia(ctx: Koa.Context) {
|
||||||
const url = 'url' in ctx.query ? ctx.query.url : 'https://' + ctx.params.url;
|
const url = 'url' in ctx.query ? ctx.query.url : 'https://' + ctx.params.url;
|
||||||
@ -19,7 +19,7 @@ export async function proxyMedia(ctx: Koa.Context) {
|
|||||||
|
|
||||||
const { mime, ext } = await detectType(path);
|
const { mime, ext } = await detectType(path);
|
||||||
|
|
||||||
if (!FILE_TYPE_WHITELIST.includes(mime)) throw 403;
|
if (!FILE_TYPE_BROWSERSAFE.includes(mime)) throw 403;
|
||||||
|
|
||||||
let image: IImage;
|
let image: IImage;
|
||||||
|
|
||||||
|
@ -20,7 +20,7 @@ import { isDuplicateKeyValueError } from '@/misc/is-duplicate-key-value-error';
|
|||||||
import * as S3 from 'aws-sdk/clients/s3';
|
import * as S3 from 'aws-sdk/clients/s3';
|
||||||
import { getS3 } from './s3';
|
import { getS3 } from './s3';
|
||||||
import * as sharp from 'sharp';
|
import * as sharp from 'sharp';
|
||||||
import { FILE_TYPE_WHITELIST } from '@/const';
|
import { FILE_TYPE_BROWSERSAFE } from '@/const';
|
||||||
|
|
||||||
const logger = driveLogger.createSubLogger('register', 'yellow');
|
const logger = driveLogger.createSubLogger('register', 'yellow');
|
||||||
|
|
||||||
@ -242,7 +242,7 @@ export async function generateAlts(path: string, type: string, generateWeb: bool
|
|||||||
*/
|
*/
|
||||||
async function upload(key: string, stream: fs.ReadStream | Buffer, type: string, filename?: string) {
|
async function upload(key: string, stream: fs.ReadStream | Buffer, type: string, filename?: string) {
|
||||||
if (type === 'image/apng') type = 'image/png';
|
if (type === 'image/apng') type = 'image/png';
|
||||||
if (!FILE_TYPE_WHITELIST.includes(type)) type = 'application/octet-stream';
|
if (!FILE_TYPE_BROWSERSAFE.includes(type)) type = 'application/octet-stream';
|
||||||
|
|
||||||
const meta = await fetchMeta();
|
const meta = await fetchMeta();
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user