mirror of
https://codeberg.org/keyoxide/keyoxide-web.git
synced 2024-12-22 14:59:29 -07:00
feat: escape parameters
This commit is contained in:
Yarmo Mackenbach
parent
785647bbb8
commit
255e99af39
1 changed files with 97 additions and 74 deletions
|
|
@ -28,6 +28,7 @@ if any, to sign a "copyright disclaimer" for the program, if necessary. For
|
|||
more information on this, and how to apply and follow the GNU AGPL, see <https://www.gnu.org/licenses/>.
|
||||
*/
|
||||
import express from 'express'
|
||||
import { param } from 'express-validator'
|
||||
import bodyParserImport from 'body-parser'
|
||||
import { rateLimit } from 'express-rate-limit'
|
||||
import { generateSignatureProfile, utils, generateWKDProfile, generateHKPProfile, generateAutoProfile, generateKeybaseProfile } from '../server/index.js'
|
||||
|
|
@ -60,11 +61,16 @@ if (process.env.ENABLE_EXPERIMENTAL_RATE_LIMITER) {
|
|||
{ component: 'profile_rate_limiter', action: 'start' })
|
||||
}
|
||||
|
||||
router.get('/sig', profileRateLimiter, (req, res) => {
|
||||
router.get('/sig',
|
||||
profileRateLimiter,
|
||||
(req, res) => {
|
||||
res.render('profile', { isSignature: true, signature: null, meta: getMetaFromReq(req) })
|
||||
})
|
||||
})
|
||||
|
||||
router.post('/sig', profileRateLimiter, bodyParser, async (req, res) => {
|
||||
router.post('/sig',
|
||||
profileRateLimiter,
|
||||
bodyParser,
|
||||
async (req, res) => {
|
||||
const data = await generateSignatureProfile(req.body.signature)
|
||||
const title = utils.generatePageTitle('profile', data)
|
||||
res.set('ariadne-identity-proof', data.identifier)
|
||||
|
|
@ -77,9 +83,12 @@ router.post('/sig', profileRateLimiter, bodyParser, async (req, res) => {
|
|||
enable_signature_verification: false,
|
||||
meta: getMetaFromReq(req)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
router.get('/wkd/:id', profileRateLimiter, async (req, res) => {
|
||||
router.get('/wkd/:id',
|
||||
profileRateLimiter,
|
||||
param('id').escape(),
|
||||
async (req, res) => {
|
||||
const data = await generateWKDProfile(req.params.id)
|
||||
const title = utils.generatePageTitle('profile', data)
|
||||
res.set('ariadne-identity-proof', data.identifier)
|
||||
|
|
@ -90,9 +99,12 @@ router.get('/wkd/:id', profileRateLimiter, async (req, res) => {
|
|||
enable_signature_verification: false,
|
||||
meta: getMetaFromReq(req)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
router.get('/hkp/:id', profileRateLimiter, async (req, res) => {
|
||||
router.get('/hkp/:id',
|
||||
profileRateLimiter,
|
||||
param('id').escape(),
|
||||
async (req, res) => {
|
||||
const data = await generateHKPProfile(req.params.id)
|
||||
const title = utils.generatePageTitle('profile', data)
|
||||
res.set('ariadne-identity-proof', data.identifier)
|
||||
|
|
@ -103,9 +115,13 @@ router.get('/hkp/:id', profileRateLimiter, async (req, res) => {
|
|||
enable_signature_verification: false,
|
||||
meta: getMetaFromReq(req)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
router.get('/hkp/:server/:id', profileRateLimiter, async (req, res) => {
|
||||
router.get('/hkp/:server/:id',
|
||||
profileRateLimiter,
|
||||
param('server').escape(),
|
||||
param('id').escape(),
|
||||
async (req, res) => {
|
||||
const data = await generateHKPProfile(req.params.id, req.params.server)
|
||||
const title = utils.generatePageTitle('profile', data)
|
||||
res.set('ariadne-identity-proof', data.identifier)
|
||||
|
|
@ -116,9 +132,13 @@ router.get('/hkp/:server/:id', profileRateLimiter, async (req, res) => {
|
|||
enable_signature_verification: false,
|
||||
meta: getMetaFromReq(req)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
router.get('/keybase/:username/:fingerprint', profileRateLimiter, async (req, res) => {
|
||||
router.get('/keybase/:username/:fingerprint',
|
||||
profileRateLimiter,
|
||||
param('username').escape(),
|
||||
param('fingerprint').escape(),
|
||||
async (req, res) => {
|
||||
const data = await generateKeybaseProfile(req.params.username, req.params.fingerprint)
|
||||
const title = utils.generatePageTitle('profile', data)
|
||||
res.set('ariadne-identity-proof', data.identifier)
|
||||
|
|
@ -129,9 +149,12 @@ router.get('/keybase/:username/:fingerprint', profileRateLimiter, async (req, re
|
|||
enable_signature_verification: false,
|
||||
meta: getMetaFromReq(req)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
router.get('/:id', profileRateLimiter, async (req, res) => {
|
||||
router.get('/:id',
|
||||
profileRateLimiter,
|
||||
param('id').escape(),
|
||||
async (req, res) => {
|
||||
const data = await generateAutoProfile(req.params.id)
|
||||
const theme = generateProfileTheme(data)
|
||||
const title = utils.generatePageTitle('profile', data)
|
||||
|
|
@ -144,6 +167,6 @@ router.get('/:id', profileRateLimiter, async (req, res) => {
|
|||
theme,
|
||||
meta: getMetaFromReq(req)
|
||||
})
|
||||
})
|
||||
})
|
||||
|
||||
export default router
|
||||
|
|
|
|||
Loading…
Reference in a new issue