[backend] Limit node-fetch responses to a reasonable length in all places

This commit is contained in:
Laura Hausmann 2024-07-28 19:15:37 +02:00
parent 5c659b1306
commit 630d6bdbe5
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
5 changed files with 11 additions and 2 deletions

View file

@ -88,7 +88,6 @@ export async function getResponse(args: {
body?: string;
headers: Record<string, string>;
timeout?: number;
size?: number;
redirect?: RequestRedirect;
}) {
const timeout = args.timeout || 10 * 1000;
@ -103,7 +102,7 @@ export async function getResponse(args: {
headers: args.headers,
body: args.body,
timeout,
size: args.size || 10 * 1024 * 1024,
size: 10 * 1024 * 1024,
agent: getAgentByUrl,
signal: controller.signal,
redirect: args.redirect

View file

@ -56,6 +56,8 @@ import {
import { RecursionLimiter } from "@/models/repositories/user-profile.js";
import { UserConverter } from "@/server/api/mastodon/converters/user.js";
import fetch from "node-fetch";
const logger = apLogger;
const nameLength = 128;
@ -271,6 +273,7 @@ export async function createPerson(
try {
let data = await fetch(person.followers, {
headers: { Accept: "application/json" },
size: 1024 * 1024
});
let json_data = JSON.parse(await data.text());
@ -286,6 +289,7 @@ export async function createPerson(
try {
let data = await fetch(person.following, {
headers: { Accept: "application/json" },
size: 1024 * 1024
});
let json_data = JSON.parse(await data.text());
@ -529,6 +533,7 @@ export async function updatePerson(
try {
let data = await fetch(person.followers, {
headers: { Accept: "application/json" },
size: 1024 * 1024
});
let json_data = JSON.parse(await data.text());
@ -544,6 +549,7 @@ export async function updatePerson(
try {
let data = await fetch(person.following, {
headers: { Accept: "application/json" },
size: 1024 * 1024
});
let json_data = JSON.parse(await data.text());

View file

@ -81,6 +81,7 @@ export default define(meta, paramDef, async (ps, user) => {
},
body: JSON.stringify(jsonBody),
agent: getAgentByUrl,
size: 10 * 1024 * 1024
});
const json = (await res.json()) as {
@ -114,6 +115,7 @@ export default define(meta, paramDef, async (ps, user) => {
Accept: "application/json, */*",
},
body: params,
size: 10 * 1024 * 1024,
// TODO
//timeout: 10000,
agent: getAgentByUrl,

View file

@ -199,6 +199,7 @@ async function fetchFaviconUrl(
// TODO
//timeout: 10000,
agent: getAgentByUrl,
size: 1024 * 1024
});
if (favicon.ok) {

View file

@ -85,6 +85,7 @@ export const request = async (
headers: {
"Content-Type": "application/json",
},
size: 10 * 1024 * 1024,
body: JSON.stringify(Object.assign(auth, params)),
});