msfjarvis
/
msfjarvis.dev
mirror of https://github.com/msfjarvis/msfjarvis.dev.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix(webfinger): restrict valid identities

This commit is contained in:
Harsh Shandilya 2022-11-16 14:27:40 +05:30
parent 0aad6fff30
commit 76b0da1983
No known key found for this signature in database
1 changed files with 2 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
netlify/edge-functions/webfinger/webfinger.ts
View File

@ -2,7 +2,6 @@ import { Status } from "https://deno.land/std@0.136.0/http/http_status.ts";
import type { Context } from "https://edge.netlify.com";
export default async (request: Request, context: Context) => {
const re = /acct:(.*)@msfjarvis.dev/;
const url = new URL(request.url);
const resourceParam = url.searchParams.get("resource");
if (resourceParam === null) {
@ -14,10 +13,10 @@ export default async (request: Request, context: Context) => {
status: Status.BadRequest,
}
);
} else if (resourceParam.match(re) === null) {
} else if (resourceParam !== "acct:harsh@msfjarvis.dev") {
return context.json(
{
error: "This domain only works for @msfjarvis.dev requests",
error: "An invalid identity was requested",
},
{
status: Status.BadRequest,