From 9a8b7efcd67584d8ab1ee6d42bcc2152d0a01f98 Mon Sep 17 00:00:00 2001
From: Laura Hausmann <laura@hausmann.dev>
Date: Sun, 28 Jul 2024 17:00:00 +0200
Subject: [PATCH] [backend] Improve JSON-LD context size limiter

---
 .../src/remote/activitypub/misc/ld-signature.ts      | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/packages/backend/src/remote/activitypub/misc/ld-signature.ts b/packages/backend/src/remote/activitypub/misc/ld-signature.ts
index b654e8976..c57e3ae47 100644
--- a/packages/backend/src/remote/activitypub/misc/ld-signature.ts
+++ b/packages/backend/src/remote/activitypub/misc/ld-signature.ts
@@ -122,11 +122,12 @@ export class LdSignature {
 	}
 
 	private async fetchDocument(url: string) {
-		const json = await fetch(url, {
+		const ctrl = new AbortController();
+		return await fetch(url, {
 			headers: {
 				Accept: "application/ld+json, application/json",
 			},
-			size: 1024 * 1024, // 1MiB
+			signal: ctrl.signal,
 			// TODO
 			//timeout: this.loderTimeout,
 			agent: (u) => (u.protocol === "http:" ? httpAgent : httpsAgent),
@@ -134,11 +135,12 @@ export class LdSignature {
 			if (!res.ok) {
 				throw new Error(`${res.status} ${res.statusText}`);
 			} else {
-				return res.json();
+				if (res.size < 1024 * 1024) // 1MiB
+					return res.json();
+				ctrl.abort();
+				throw new Error('Size exceeded 1MiB');
 			}
 		});
-
-		return json;
 	}
 
 	public sha256(data: string): string {