mirrors/firefish
1
0
Fork 1
mirror of https://git.joinfirefish.org/firefish/firefish.git synced 2024-05-18 10:51:11 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix (backend): check redirect url

Browse source
This commit is contained in:
naskya 2024-03-28 15:35:51 +09:00
parent e753b313da
commit b3668f67a0
No known key found for this signature in database
GPG key ID: 712D413B3A9FED5C
1 changed files with 3 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
packages/backend/src/misc/fetch.ts
View file

@ -83,6 +83,9 @@ export async function getResponse(args: {
});
if (args.redirect === "manual" && [301, 302, 307, 308].includes(res.status)) {
if (!isValidUrl(res.url)) {
throw new StatusError("Invalid URL", 400);
}
return res;
}
@ -94,10 +97,6 @@ export async function getResponse(args: {
);
}
if (res.redirected && !isValidUrl(res.url)) {
throw new StatusError("Invalid URL", 400);
}
return res;
}