TudbuT/conduit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

freeze remote media via legacy endpoints

Browse source 
Signed-off-by: Jason Volk <jason@zemos.net>
This commit is contained in:
Jason Volk 2024-08-28 09:16:41 +00:00
parent 1638be0339
commit a934a7f687
2 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/core/config/mod.rs
View file

@ -292,6 +292,8 @@ pub struct Config {
#[serde(default = "true_fn")]
pub allow_legacy_media: bool,
#[serde(default = "true_fn")]
pub freeze_legacy_media: bool,
#[serde(default = "true_fn")]
pub media_startup_check: bool,
#[serde(default)]
pub media_compat_file_link: bool,
@ -748,6 +750,7 @@ impl fmt::Display for Config {
line("Media compatibility filesystem links", &self.media_compat_file_link.to_string());
line("Prune missing media from database", &self.prune_missing_media.to_string());
line("Allow legacy (unauthenticated) media", &self.allow_legacy_media.to_string());
line("Freeze legacy (unauthenticated) media", &self.freeze_legacy_media.to_string());
line("Prevent Media Downloads From", {
let mut lst = vec![];
for domain in &self.prevent_media_downloads_from {

12
src/service/media/remote.rs
View file

@ -310,6 +310,7 @@ pub async fn fetch_remote_thumbnail_legacy(
media_id: &body.media_id,
};
self.check_legacy_freeze()?;
self.check_fetch_authorized(&mxc)?;
let reponse = self
.services
@ -342,6 +343,7 @@ pub async fn fetch_remote_thumbnail_legacy(
pub async fn fetch_remote_content_legacy(
&self, mxc: &Mxc<'_>, allow_redirect: bool, timeout_ms: Duration,
) -> Result<media::get_content::v3::Response, Error> {
self.check_legacy_freeze()?;
self.check_fetch_authorized(mxc)?;
let response = self
.services
@ -391,3 +393,13 @@ fn check_fetch_authorized(&self, mxc: &Mxc<'_>) -> Result<()> {
Ok(())
}
#[implement(super::Service)]
fn check_legacy_freeze(&self) -> Result<()> {
self.services
.server
.config
.freeze_legacy_media
.then_some(())
.ok_or(err!(Request(NotFound("Remote media is frozen."))))
}