From 712cdef6c727fd0c21583079008591536f82ca12 Mon Sep 17 00:00:00 2001 From: strawberry Date: Sat, 30 Mar 2024 15:29:56 -0400 Subject: [PATCH] drop url_preview_max_spider_size to 384KB Signed-off-by: strawberry --- conduwuit-example.toml | 4 ++-- src/config/mod.rs | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/conduwuit-example.toml b/conduwuit-example.toml index 62df54e3..1848098b 100644 --- a/conduwuit-example.toml +++ b/conduwuit-example.toml @@ -236,8 +236,8 @@ url_preview_domain_explicit_allowlist = [] # Setting this to "*" will allow all URL previews. Please note that this opens up significant attack surface to your server, you are expected to be aware of the risks by doing so. url_preview_url_contains_allowlist = [] -# Maximum amount of bytes allowed in a URL preview body size when spidering. Defaults to 1MB (1_000_000 bytes) -url_preview_max_spider_size = 1_000_000 +# Maximum amount of bytes allowed in a URL preview body size when spidering. Defaults to 384KB (384_000 bytes) +url_preview_max_spider_size = 384_000 # Option to decide whether you would like to run the domain allowlist checks (contains and explicit) on the root domain or not. Does not apply to URL contains allowlist. Defaults to false. # Example: If this is enabled and you have "wikipedia.org" allowed in the explicit and/or contains domain allowlist, it will allow all subdomains under "wikipedia.org" such as "en.m.wikipedia.org" as the root domain is checked and matched. diff --git a/src/config/mod.rs b/src/config/mod.rs index fc538522..ed008e0c 100644 --- a/src/config/mod.rs +++ b/src/config/mod.rs @@ -721,7 +721,7 @@ fn default_ip_range_denylist() -> Vec { } fn default_url_preview_max_spider_size() -> usize { - 1_000_000 // 1MB + 384_000 // 384KB } fn default_new_user_displayname_suffix() -> String { "🏳️‍⚧️".to_owned() }