fix(webfinger): restrict valid identities
This commit is contained in:
parent
0aad6fff30
commit
76b0da1983
|
@ -2,7 +2,6 @@ import { Status } from "https://deno.land/std@0.136.0/http/http_status.ts";
|
||||||
import type { Context } from "https://edge.netlify.com";
|
import type { Context } from "https://edge.netlify.com";
|
||||||
|
|
||||||
export default async (request: Request, context: Context) => {
|
export default async (request: Request, context: Context) => {
|
||||||
const re = /acct:(.*)@msfjarvis.dev/;
|
|
||||||
const url = new URL(request.url);
|
const url = new URL(request.url);
|
||||||
const resourceParam = url.searchParams.get("resource");
|
const resourceParam = url.searchParams.get("resource");
|
||||||
if (resourceParam === null) {
|
if (resourceParam === null) {
|
||||||
|
@ -14,10 +13,10 @@ export default async (request: Request, context: Context) => {
|
||||||
status: Status.BadRequest,
|
status: Status.BadRequest,
|
||||||
}
|
}
|
||||||
);
|
);
|
||||||
} else if (resourceParam.match(re) === null) {
|
} else if (resourceParam !== "acct:harsh@msfjarvis.dev") {
|
||||||
return context.json(
|
return context.json(
|
||||||
{
|
{
|
||||||
error: "This domain only works for @msfjarvis.dev requests",
|
error: "An invalid identity was requested",
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
status: Status.BadRequest,
|
status: Status.BadRequest,
|
||||||
|
|
Loading…
Reference in New Issue