DevComp/fxtwitter-docker
1
0
Fork 0
mirror of https://github.com/CompeyDev/fxtwitter-docker.git synced 2025-04-05 02:20:54 +01:00
Code Issues Projects Releases Packages Wiki Activity

Wrap foreign links (Fix #574?)

Browse source
This commit is contained in:
dangered wolf 2024-04-02 00:01:58 -04:00
parent 349fa39b2c
commit be165eae17
No known key found for this signature in database
GPG key ID: 41E4D37680ED8B58
3 changed files with 42 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
src/realms/api/hit.ts Normal file
View file

@ -0,0 +1,15 @@
import { Context } from "hono";
export const linkHitRequest = async (c: Context) => {
// eslint-disable-next-line sonarjs/no-duplicate-string
const userAgent = c.req.header('User-Agent') || '';
if (userAgent.includes('Telegram')) {
c.status(403);
}
// If param `url` exists, 302 redirect to it
if (typeof c.req.query('url') === 'string') {
const url = new URL(c.req.query('url') as string);
return c.redirect(url.href, 302);
}
}

4
src/realms/api/router.ts
View file

@ -3,6 +3,7 @@ import { statusRequest } from '../twitter/routes/status';
import { profileRequest } from '../twitter/routes/profile';
import { Strings } from '../../strings';
import { Constants } from '../../constants';
import { linkHitRequest } from './hit';
export const api = new Hono();
@ -16,6 +17,9 @@ api.use('*', async (c, next) => {
}
await next();
});
api.get('/2/hit', linkHitRequest);
/* Current v1 API endpoints. Currently, these still go through the Twitter embed requests. API v2+ won't do this. */
api.get('/status/:id', statusRequest);
api.get('/status/:id/', statusRequest);

25
src/render/instantview.ts
View file

@ -60,7 +60,7 @@ const formatDate = (date: Date): string => {
const htmlifyLinks = (input: string): string => {
const urlPattern = /\bhttps?:\/\/[\w.-]+\.\w+[/\w.-]*\w/g;
return input.replace(urlPattern, url => {
return `<a href="${url}">${url}</a>`;
return `<a href="${wrapForeignLinks(url)}">${url}</a>`;
});
};
@ -117,6 +117,27 @@ const truncateSocialCount = (count: number): string => {
}
};
const wrapForeignLinks = (url: string) => {
let unwrap = false;
const whitelistedDomains = [
'twitter.com',
'x.com',
't.me',
'telegram.me'
]
try {
const urlObj = new URL(url);
if (!whitelistedDomains.includes(urlObj.hostname)) {
unwrap = true;
}
} catch (error) {
unwrap = true;
}
return unwrap ? `https://${Constants.API_HOST_LIST[0]}/2/hit?url=${encodeURIComponent(url)}` : url;
}
const generateStatusFooter = (status: APIStatus, isQuote = false): string => {
const { author } = status;
@ -153,7 +174,7 @@ const generateStatusFooter = (status: APIStatus, isQuote = false): string => {
}'s profile picture" />`,
location: author.location ? `📌 ${author.location}` : '',
website: author.website
? `🔗 <a href=${author.website.url}>${author.website.display_url}</a>`
? `🔗 <a rel="nofollow" href="${wrapForeignLinks(author.website.url)}">${author.website.display_url}</a>`
: '',
joined: author.joined ? `📆 ${formatDate(new Date(author.joined))}` : '',
following: truncateSocialCount(author.following),