@de-otio/trellis 0.10.8 → 0.10.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1 +1 @@
1
- {"version":3,"file":"pre-signup.d.ts","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAyB,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAOjF,eAAO,MAAM,OAAO,EAAE,uBA+BrB,CAAC"}
1
+ {"version":3,"file":"pre-signup.d.ts","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAyB,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAOjF,eAAO,MAAM,OAAO,EAAE,uBAuCrB,CAAC"}
@@ -23,9 +23,17 @@ export const handler = async (event) => {
23
23
  if (invitation.ttl && invitation.ttl < Math.floor(Date.now() / 1000)) {
24
24
  throw new Error("This invitation code has expired.");
25
25
  }
26
- // Auto-confirm and auto-verify for invited users
27
- event.response.autoConfirmUser = false;
28
- event.response.autoVerifyEmail = false;
26
+ // Auto-confirm and auto-verify invited users.
27
+ //
28
+ // Registration is passwordless (magic-link CUSTOM_AUTH). An UNCONFIRMED user
29
+ // cannot initiate that flow, so without auto-confirm an invited sign-up would
30
+ // create an account that can never sign in. This is safe because:
31
+ // - entry is already gated by a single-use invitation code (checked above);
32
+ // - access still requires answering the magic-link challenge, i.e. receiving
33
+ // and clicking a link sent to this exact address — the link, not this
34
+ // flag, is the real proof of email ownership and the access gate.
35
+ event.response.autoConfirmUser = true;
36
+ event.response.autoVerifyEmail = true;
29
37
  return event;
30
38
  };
31
39
  //# sourceMappingURL=pre-signup.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"pre-signup.js","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAE9D,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;AACtE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,cAAe,CAAC;AAE1C,MAAM,CAAC,MAAM,OAAO,GAA4B,KAAK,EAAE,KAAK,EAAE,EAAE;IAC9D,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,uBAAuB,CAAC;QACrD,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,cAAc,CAAuB,CAAC;IAE5F,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IAED,oCAAoC;IACpC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC;QAClD,SAAS,EAAE,KAAK;QAChB,GAAG,EAAE,QAAQ,CAAC,EAAE,EAAE,EAAE,eAAe,cAAc,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;KAChE,CAAC,CAAC,CAAC;IAEJ,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3C,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACrE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,iDAAiD;IACjD,KAAK,CAAC,QAAQ,CAAC,eAAe,GAAG,KAAK,CAAC;IACvC,KAAK,CAAC,QAAQ,CAAC,eAAe,GAAG,KAAK,CAAC;IAEvC,OAAO,KAAK,CAAC;AACf,CAAC,CAAC"}
1
+ {"version":3,"file":"pre-signup.js","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAE9D,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;AACtE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,cAAe,CAAC;AAE1C,MAAM,CAAC,MAAM,OAAO,GAA4B,KAAK,EAAE,KAAK,EAAE,EAAE;IAC9D,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,uBAAuB,CAAC;QACrD,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,cAAc,CAAuB,CAAC;IAE5F,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IAED,oCAAoC;IACpC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC;QAClD,SAAS,EAAE,KAAK;QAChB,GAAG,EAAE,QAAQ,CAAC,EAAE,EAAE,EAAE,eAAe,cAAc,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;KAChE,CAAC,CAAC,CAAC;IAEJ,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3C,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACrE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,8CAA8C;IAC9C,EAAE;IACF,6EAA6E;IAC7E,8EAA8E;IAC9E,kEAAkE;IAClE,8EAA8E;IAC9E,+EAA+E;IAC/E,0EAA0E;IAC1E,sEAAsE;IACtE,KAAK,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;IACtC,KAAK,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;IAEtC,OAAO,KAAK,CAAC;AACf,CAAC,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"remote-fetch-service.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAYtC;;GAEG;AACH,qBAAa,kBAAkB;IAC7B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAW;IAEpD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,KAAK,CAAqC;IAEzD;;;;;;;OAOG;WACU,UAAU,CACrB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA2FzB;;;;;;;OAOG;WACU,WAAW,CACtB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0FzB;;;;;;;OAOG;WACU,aAAa,CACxB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkBzB;;;;;;;OAOG;WACU,iBAAiB,CAC5B,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0BzB;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO;IAKlD;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAShD;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,UAAU;IASzB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IA4B3B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAiB5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAexB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAiBxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAS3B;;OAEG;IACH,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAIzC;;OAEG;IACH,MAAM,CAAC,UAAU,IAAI,IAAI;CAG1B"}
1
+ {"version":3,"file":"remote-fetch-service.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAYtC;;GAEG;AACH,qBAAa,kBAAkB;IAC7B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAW;IAEpD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,KAAK,CAAqC;IAEzD;;;;;;;OAOG;WACU,UAAU,CACrB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA2FzB;;;;;;;OAOG;WACU,WAAW,CACtB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0FzB;;;;;;;OAOG;WACU,aAAa,CACxB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkBzB;;;;;;;OAOG;WACU,iBAAiB,CAC5B,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0BzB;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO;IAYlD;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAShD;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,UAAU;IASzB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IA4B3B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAiB5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAexB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAiBxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAS3B;;OAEG;IACH,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAIzC;;OAEG;IACH,MAAM,CAAC,UAAU,IAAI,IAAI;CAG1B"}
@@ -233,7 +233,15 @@ export class RemoteFetchService {
233
233
  */
234
234
  static isRemoteUri(uri, env) {
235
235
  const baseUrl = env.ACTIVITYPUB_BASE_URL || "https://example.com";
236
- return !uri.startsWith(baseUrl);
236
+ // Compare parsed origins rather than a string prefix, so a host like
237
+ // "example.com.attacker.com" cannot masquerade as local.
238
+ try {
239
+ return new URL(uri).origin !== new URL(baseUrl).origin;
240
+ }
241
+ catch {
242
+ // Unparseable URI — treat as remote (untrusted).
243
+ return true;
244
+ }
237
245
  }
238
246
  /**
239
247
  * Extract domain from URI
@@ -1 +1 @@
1
- {"version":3,"file":"remote-fetch-service.js","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAU5E;;GAEG;AACH,MAAM,OAAO,kBAAkB;IAC7B;;OAEG;IACK,MAAM,CAAU,iBAAiB,GAAG,OAAO,CAAC,CAAC,yBAAyB;IAE9E;;;OAGG;IACK,MAAM,CAAC,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAEzD;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,UAAU,CACrB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,2CAA2C,QAAQ,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC;YAChC,6DAA6D;YAC7D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,kDAAkD,QAAQ,EAAE,CAC7D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,+EAA+E,QAAQ,EAAE,CAC1F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,uBAAuB;YACvB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;gBACrC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;gBACD,yDAAyD;aAC1D,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,8CAA8C,QAAQ,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACpG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE7C,0BAA0B;YAC1B,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,gDAAgD,QAAQ,EAAE,CAC3D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,cAAc;YACd,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAe,CAAC,CAAC;YAE1C,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,8CAA8C,QAAQ,EAAE,CAAC,CAAC;YACxE,CAAC;YAED,OAAO,KAAe,CAAC;QACzB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,6CAA6C,QAAQ,GAAG,EACxD,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,WAAW,CACtB,SAAiB,EACjB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAChC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,4CAA4C,SAAS,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mCAAmC;QACnC,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC;YACjC,8DAA8D;YAC9D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,mDAAmD,SAAS,EAAE,CAC/D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,gFAAgF,SAAS,EAAE,CAC5F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,6CAA6C,SAAS,EAAE,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,wBAAwB;YACxB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;gBACtC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,+CAA+C,SAAS,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACtG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,GAAG,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE3C,2BAA2B;YAC3B,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,iDAAiD,SAAS,EAAE,CAC7D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,eAAe;YACf,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,GAAa,CAAC,CAAC;YAEzC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,+CAA+C,SAAS,EAAE,CAAC,CAAC;YAC1E,CAAC;YAED,OAAO,GAAa,CAAC;QACvB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,8CAA8C,SAAS,GAAG,EAC1D,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAI,KAAa,CAAC,KAAK,CAAC;QACnC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAK,KAAa,CAAC,EAAE,EAAE,CAAC;YACrE,OAAQ,KAAa,CAAC,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAC5B,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAI,KAAa,CAAC,SAAS,CAAC;QAC3C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,sCAAsC;QACtC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YACxD,kDAAkD;YAClD,IAAK,SAAiB,CAAC,YAAY,EAAE,CAAC;gBACpC,OAAQ,SAAiB,CAAC,YAAY,CAAC;YACzC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAW,EAAE,GAAQ;QACtC,MAAM,OAAO,GAAG,GAAG,CAAC,oBAAoB,IAAI,qBAAqB,CAAC;QAClE,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAClC,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAAC,GAAW;QAC9B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YACzB,OAAO,GAAG,CAAC,QAAQ,CAAC;QACtB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CAAC,GAAW;QACnC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YACzB,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC;QAC/D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY,CAAC,KAAU;QACpC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,gCAAgC;QAChC,MAAM,UAAU,GAAG;YACjB,QAAQ;YACR,OAAO;YACP,cAAc;YACd,SAAS;YACT,aAAa;SACd,CAAC;QACF,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,OAAO,KAAK,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,aAAa,CAAC,GAAQ;QACnC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CAAC,GAAW;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mBAAmB;QACnB,IAAI,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CACtB,GAAW,EACX,QAAgB,EAChB,MAAc,IAAI,CAAC,iBAAiB;QAEpC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,QAAQ;YACR,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG;SAC1B,CAAC,CAAC;QAEH,0DAA0D;QAC1D,kEAAkE;QAClE,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,EAAE,CAAC;YAC3B,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YAChD,IAAI,KAAK,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;gBACxB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,eAAe,CAAC,GAAW;QAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,UAAU;QACf,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC"}
1
+ {"version":3,"file":"remote-fetch-service.js","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAU5E;;GAEG;AACH,MAAM,OAAO,kBAAkB;IAC7B;;OAEG;IACK,MAAM,CAAU,iBAAiB,GAAG,OAAO,CAAC,CAAC,yBAAyB;IAE9E;;;OAGG;IACK,MAAM,CAAC,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAEzD;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,UAAU,CACrB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,2CAA2C,QAAQ,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC;YAChC,6DAA6D;YAC7D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,kDAAkD,QAAQ,EAAE,CAC7D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,+EAA+E,QAAQ,EAAE,CAC1F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,uBAAuB;YACvB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;gBACrC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;gBACD,yDAAyD;aAC1D,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,8CAA8C,QAAQ,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACpG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE7C,0BAA0B;YAC1B,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,gDAAgD,QAAQ,EAAE,CAC3D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,cAAc;YACd,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAe,CAAC,CAAC;YAE1C,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,8CAA8C,QAAQ,EAAE,CAAC,CAAC;YACxE,CAAC;YAED,OAAO,KAAe,CAAC;QACzB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,6CAA6C,QAAQ,GAAG,EACxD,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,WAAW,CACtB,SAAiB,EACjB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAChC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,4CAA4C,SAAS,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mCAAmC;QACnC,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC;YACjC,8DAA8D;YAC9D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,mDAAmD,SAAS,EAAE,CAC/D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,gFAAgF,SAAS,EAAE,CAC5F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,6CAA6C,SAAS,EAAE,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,wBAAwB;YACxB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;gBACtC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,+CAA+C,SAAS,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACtG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,GAAG,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE3C,2BAA2B;YAC3B,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,iDAAiD,SAAS,EAAE,CAC7D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,eAAe;YACf,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,GAAa,CAAC,CAAC;YAEzC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,+CAA+C,SAAS,EAAE,CAAC,CAAC;YAC1E,CAAC;YAED,OAAO,GAAa,CAAC;QACvB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,8CAA8C,SAAS,GAAG,EAC1D,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAI,KAAa,CAAC,KAAK,CAAC;QACnC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAK,KAAa,CAAC,EAAE,EAAE,CAAC;YACrE,OAAQ,KAAa,CAAC,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAC5B,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAI,KAAa,CAAC,SAAS,CAAC;QAC3C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,sCAAsC;QACtC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YACxD,kDAAkD;YAClD,IAAK,SAAiB,CAAC,YAAY,EAAE,CAAC;gBACpC,OAAQ,SAAiB,CAAC,YAAY,CAAC;YACzC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAW,EAAE,GAAQ;QACtC,MAAM,OAAO,GAAG,GAAG,CAAC,oBAAoB,IAAI,qBAAqB,CAAC;QAClE,qEAAqE;QACrE,yDAAyD;QACzD,IAAI,CAAC;YACH,OAAO,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;YACjD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAAC,GAAW;QAC9B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YACzB,OAAO,GAAG,CAAC,QAAQ,CAAC;QACtB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CAAC,GAAW;QACnC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YACzB,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC;QAC/D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY,CAAC,KAAU;QACpC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,gCAAgC;QAChC,MAAM,UAAU,GAAG;YACjB,QAAQ;YACR,OAAO;YACP,cAAc;YACd,SAAS;YACT,aAAa;SACd,CAAC;QACF,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,OAAO,KAAK,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,aAAa,CAAC,GAAQ;QACnC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CAAC,GAAW;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mBAAmB;QACnB,IAAI,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CACtB,GAAW,EACX,QAAgB,EAChB,MAAc,IAAI,CAAC,iBAAiB;QAEpC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,QAAQ;YACR,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG;SAC1B,CAAC,CAAC;QAEH,0DAA0D;QAC1D,kEAAkE;QAClE,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,EAAE,CAAC;YAC3B,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YAChD,IAAI,KAAK,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;gBACxB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,eAAe,CAAC,GAAW;QAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,UAAU;QACf,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"standalone-mode.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAWnD;;;;;;;;;;;;GAYG;AACH,wBAAsB,uBAAuB,CAC3C,GAAG,EAAE,GAAG,EACR,EAAE,CAAC,EAAE,YAAY,EACjB,OAAO,CAAC,EAAE,OAAO,GAChB,OAAO,CAAC,OAAO,CAAC,CA8ClB;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CAoB1D"}
1
+ {"version":3,"file":"standalone-mode.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAWnD;;;;;;;;;;;;GAYG;AACH,wBAAsB,uBAAuB,CAC3C,GAAG,EAAE,GAAG,EACR,EAAE,CAAC,EAAE,YAAY,EACjB,OAAO,CAAC,EAAE,OAAO,GAChB,OAAO,CAAC,OAAO,CAAC,CA8ClB;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CA2B1D"}
@@ -85,6 +85,14 @@ export function isRemoteUri(uri, env) {
85
85
  // Invalid URL, use default
86
86
  }
87
87
  }
88
- return !uri.startsWith(baseUrl);
88
+ // Compare parsed origins rather than a string prefix, so a host like
89
+ // "example.com.attacker.com" cannot masquerade as local.
90
+ try {
91
+ return new URL(uri).origin !== new URL(baseUrl).origin;
92
+ }
93
+ catch {
94
+ // Unparseable URI — treat as remote (untrusted).
95
+ return true;
96
+ }
89
97
  }
90
98
  //# sourceMappingURL=standalone-mode.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"standalone-mode.js","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,SAAS,EAAU,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,+BAA+B,EAAE,MAAM,mCAAmC,CAAC;AACpF,OAAO,EACL,wBAAwB,EACxB,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,MAAM,0BAA0B,GAAG,qCAAqC,CAAC;AAEzE;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,GAAQ,EACR,EAAiB,EACjB,OAAiB;IAEjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,yDAAyD;QACzD,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,EAAE,CAAC,CAAC;YACnD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC;QAED,iEAAiE;QACjE,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/D,MAAM,SAAS,GAAG,+BAA+B,CAAC;QAElD,MAAM,MAAM,GAAG,MAAM,wBAAwB,CAC3C,SAAS,EACT,MAAM,EACN,GAAG,EACH,KAAK,EAAE,MAAM,EAAE,EAAE;YACf,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,MAAM,CAAC,CAAC;YACvD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC,EACD;YACE,GAAG,mBAAmB,CAAC,QAAQ,EAAE,sBAAsB;YACvD,YAAY,EAAE,KAAK,EAAE,uDAAuD;YAC5E,OAAO,EAAE;gBACP,SAAS,EAAE,qBAAqB;aACjC;SACF,CACF,CAAC;QAEF,OAAO,MAAM,IAAI,KAAK,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CACV,yDAAyD,EACzD,KAAK,CACN,CAAC;QACF,4DAA4D;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,GAAQ;IAC/C,gEAAgE;IAChE,gEAAgE;IAChE,IAAI,OAAO,GAAG,qBAAqB,CAAC;IACpC,IAAI,GAAG,CAAC,oBAAoB,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAC9C,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACpC,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;AAClC,CAAC"}
1
+ {"version":3,"file":"standalone-mode.js","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,SAAS,EAAU,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,+BAA+B,EAAE,MAAM,mCAAmC,CAAC;AACpF,OAAO,EACL,wBAAwB,EACxB,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,MAAM,0BAA0B,GAAG,qCAAqC,CAAC;AAEzE;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,GAAQ,EACR,EAAiB,EACjB,OAAiB;IAEjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,yDAAyD;QACzD,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,EAAE,CAAC,CAAC;YACnD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC;QAED,iEAAiE;QACjE,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/D,MAAM,SAAS,GAAG,+BAA+B,CAAC;QAElD,MAAM,MAAM,GAAG,MAAM,wBAAwB,CAC3C,SAAS,EACT,MAAM,EACN,GAAG,EACH,KAAK,EAAE,MAAM,EAAE,EAAE;YACf,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,MAAM,CAAC,CAAC;YACvD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC,EACD;YACE,GAAG,mBAAmB,CAAC,QAAQ,EAAE,sBAAsB;YACvD,YAAY,EAAE,KAAK,EAAE,uDAAuD;YAC5E,OAAO,EAAE;gBACP,SAAS,EAAE,qBAAqB;aACjC;SACF,CACF,CAAC;QAEF,OAAO,MAAM,IAAI,KAAK,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CACV,yDAAyD,EACzD,KAAK,CACN,CAAC;QACF,4DAA4D;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,GAAQ;IAC/C,gEAAgE;IAChE,gEAAgE;IAChE,IAAI,OAAO,GAAG,qBAAqB,CAAC;IACpC,IAAI,GAAG,CAAC,oBAAoB,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAC9C,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACpC,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IACD,qEAAqE;IACrE,yDAAyD;IACzD,IAAI,CAAC;QACH,OAAO,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,iDAAiD;QACjD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"input-sanitizer.d.ts","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,qBAAa,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAyC1C;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAsC1C;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,GAAG,GAAG,GAAG;IAiCnC;;;;;;;;OAQG;IACH,MAAM,CAAC,aAAa,CAClB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,KAAK,EAAE,MAAM,EACb,SAAS,GAAE,OAAe,GACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IAiBtB;;;;;;;OAOG;IACH,MAAM,CAAC,cAAc,CACnB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EAAE,EAChB,SAAS,GAAE,OAAe,GACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;CAgBvB"}
1
+ {"version":3,"file":"input-sanitizer.d.ts","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,qBAAa,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAuD1C;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAsC1C;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,GAAG,GAAG,GAAG;IAiCnC;;;;;;;;OAQG;IACH,MAAM,CAAC,aAAa,CAClB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,KAAK,EAAE,MAAM,EACb,SAAS,GAAE,OAAe,GACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IAiBtB;;;;;;;OAOG;IACH,MAAM,CAAC,cAAc,CACnB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EAAE,EAChB,SAAS,GAAE,OAAe,GACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;CAgBvB"}
@@ -31,14 +31,27 @@ export class InputSanitizer {
31
31
  return "";
32
32
  }
33
33
  }
34
- // First, remove script tags and their content (most dangerous)
35
- // This regex matches <script>...</script> including all content between tags
36
- let sanitized = input.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, "");
37
- // Remove style tags and their content
38
- sanitized = sanitized.replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, "");
39
- // Remove all other HTML tags using regex (safe for Cloudflare Workers)
40
- // This regex matches any HTML tag including attributes
41
- sanitized = sanitized.replace(/<[^>]*>/g, "");
34
+ // Strip a pattern repeatedly until the string stops changing. A single
35
+ // pass can be defeated by nesting (e.g. "<scr<script>ipt>" collapses to
36
+ // "<script>"), so we apply the replacement to a fixed point.
37
+ const stripUntilStable = (value, pattern) => {
38
+ let current = value;
39
+ let previous;
40
+ do {
41
+ previous = current;
42
+ current = current.replace(pattern, "");
43
+ } while (current !== previous);
44
+ return current;
45
+ };
46
+ // First, remove script tags and their content (most dangerous).
47
+ // The end tag uses [^>]* (not just \s*) because browsers close on any
48
+ // junk before the ">", e.g. "</script\n foo>" — so the filter must too.
49
+ let sanitized = stripUntilStable(input, /<script\b[^<]*(?:(?!<\/script[^>]*>)<[^<]*)*<\/script[^>]*>/gi);
50
+ // Remove style tags and their content (same end-tag tolerance)
51
+ sanitized = stripUntilStable(sanitized, /<style\b[^<]*(?:(?!<\/style[^>]*>)<[^<]*)*<\/style[^>]*>/gi);
52
+ // Remove all other HTML tags using regex (safe for Cloudflare Workers).
53
+ // Looped to a fixed point so nested/partial tags cannot survive a pass.
54
+ sanitized = stripUntilStable(sanitized, /<[^>]*>/g);
42
55
  // Remove all HTML entities (numeric and named) for security
43
56
  // This prevents XSS attacks via encoded entities
44
57
  sanitized = sanitized.replace(/&#\d+;/g, "");
@@ -1 +1 @@
1
- {"version":3,"file":"input-sanitizer.js","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,OAAO,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,iCAAiC;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,kEAAkE;YAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,yCAAyC;YACzC,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;YAAC,MAAM,CAAC;gBACP,2CAA2C;gBAC3C,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,6EAA6E;QAC7E,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAC3B,qDAAqD,EACrD,EAAE,CACH,CAAC;QAEF,sCAAsC;QACtC,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,kDAAkD,EAClD,EAAE,CACH,CAAC;QAEF,uEAAuE;QACvE,uDAAuD;QACvD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;QAE9C,4DAA4D;QAC5D,iDAAiD;QACjD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC7C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QAElD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,iCAAiC;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,kEAAkE;YAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,yCAAyC;YACzC,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;YAAC,MAAM,CAAC;gBACP,2CAA2C;gBAC3C,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,iDAAiD;QACjD,kEAAkE;QAClE,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/D,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEjD,6CAA6C;QAC7C,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAC3B,IAAI,MAAM,CAAC,aAAa,kBAAkB,mBAAmB,EAAE,IAAI,CAAC,EACpE,EAAE,CACH,CAAC;QAEF,gEAAgE;QAChE,WAAW,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC1B,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAI,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,IAAI,CAAC,EACrC,IAAI,GAAG,GAAG,CACX,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,IAAS;QAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,+CAA+C;QAC/C,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,SAAS,GAAQ,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChD,sEAAsE;gBACtE,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;oBAC5B,SAAS;gBACX,CAAC;gBACD,gCAAgC;gBAChC,MAAM,YAAY,GAChB,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBACzD,SAAS,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;YACrD,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,yEAAyE;QACzE,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;OAQG;IACH,MAAM,CAAC,aAAa,CAClB,IAAyB,EACzB,KAAa,EACb,YAAqB,KAAK;QAE1B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,KAAK,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;YACrD,OAAO;gBACL,GAAG,IAAI;gBACP,CAAC,KAAK,CAAC,EAAE,SAAS;oBAChB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBAChC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACnC,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,cAAc,CACnB,IAAyB,EACzB,MAAgB,EAChB,YAAqB,KAAK;QAE1B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;QAC9B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,IAAI,SAAS,IAAI,OAAO,SAAS,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC/D,SAAS,CAAC,KAAK,CAAC,GAAG,SAAS;oBAC1B,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;oBACrC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}
1
+ {"version":3,"file":"input-sanitizer.js","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,OAAO,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,iCAAiC;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,kEAAkE;YAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,yCAAyC;YACzC,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;YAAC,MAAM,CAAC;gBACP,2CAA2C;gBAC3C,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,uEAAuE;QACvE,wEAAwE;QACxE,6DAA6D;QAC7D,MAAM,gBAAgB,GAAG,CAAC,KAAa,EAAE,OAAe,EAAU,EAAE;YAClE,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,IAAI,QAAgB,CAAC;YACrB,GAAG,CAAC;gBACF,QAAQ,GAAG,OAAO,CAAC;gBACnB,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACzC,CAAC,QAAQ,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,OAAO,CAAC;QACjB,CAAC,CAAC;QAEF,gEAAgE;QAChE,sEAAsE;QACtE,wEAAwE;QACxE,IAAI,SAAS,GAAG,gBAAgB,CAC9B,KAAK,EACL,+DAA+D,CAChE,CAAC;QAEF,+DAA+D;QAC/D,SAAS,GAAG,gBAAgB,CAC1B,SAAS,EACT,4DAA4D,CAC7D,CAAC;QAEF,wEAAwE;QACxE,wEAAwE;QACxE,SAAS,GAAG,gBAAgB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;QAEpD,4DAA4D;QAC5D,iDAAiD;QACjD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC7C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QAElD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,iCAAiC;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,kEAAkE;YAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,yCAAyC;YACzC,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;YAAC,MAAM,CAAC;gBACP,2CAA2C;gBAC3C,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,iDAAiD;QACjD,kEAAkE;QAClE,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/D,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEjD,6CAA6C;QAC7C,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAC3B,IAAI,MAAM,CAAC,aAAa,kBAAkB,mBAAmB,EAAE,IAAI,CAAC,EACpE,EAAE,CACH,CAAC;QAEF,gEAAgE;QAChE,WAAW,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC1B,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAI,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,IAAI,CAAC,EACrC,IAAI,GAAG,GAAG,CACX,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,IAAS;QAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,+CAA+C;QAC/C,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,SAAS,GAAQ,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChD,sEAAsE;gBACtE,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;oBAC5B,SAAS;gBACX,CAAC;gBACD,gCAAgC;gBAChC,MAAM,YAAY,GAChB,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBACzD,SAAS,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;YACrD,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,yEAAyE;QACzE,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;OAQG;IACH,MAAM,CAAC,aAAa,CAClB,IAAyB,EACzB,KAAa,EACb,YAAqB,KAAK;QAE1B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,KAAK,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;YACrD,OAAO;gBACL,GAAG,IAAI;gBACP,CAAC,KAAK,CAAC,EAAE,SAAS;oBAChB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBAChC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACnC,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,cAAc,CACnB,IAAyB,EACzB,MAAgB,EAChB,YAAqB,KAAK;QAE1B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;QAC9B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,IAAI,SAAS,IAAI,OAAO,SAAS,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC/D,SAAS,CAAC,KAAK,CAAC,GAAG,SAAS;oBAC1B,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;oBACrC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@de-otio/trellis",
3
- "version": "0.10.8",
3
+ "version": "0.10.9",
4
4
  "license": "AGPL-3.0-or-later",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
@@ -49,53 +49,53 @@
49
49
  "@aws-lambda-powertools/logger": "^2.32.0",
50
50
  "@aws-lambda-powertools/metrics": "^2.32.0",
51
51
  "@aws-lambda-powertools/parameters": "^2.32.0",
52
- "@aws-sdk/client-cloudwatch": "^3.1014.0",
53
- "@aws-sdk/client-cloudwatch-logs": "^3.0.0",
54
- "@aws-sdk/client-cognito-identity-provider": "^3.1009.0",
55
- "@aws-sdk/client-dynamodb": "^3.0.0",
56
- "@aws-sdk/client-kms": "^3.0.0",
57
- "@aws-sdk/client-s3": "^3.0.0",
58
- "@aws-sdk/client-secrets-manager": "^3.0.0",
59
- "@aws-sdk/client-ses": "^3.0.0",
60
- "@aws-sdk/client-sns": "^3.1012.0",
61
- "@aws-sdk/client-sqs": "^3.0.0",
62
- "@aws-sdk/client-ssm": "^3.0.0",
63
- "@aws-sdk/s3-request-presigner": "^3.0.0",
64
- "@aws-sdk/util-dynamodb": "^3.0.0",
52
+ "@aws-sdk/client-cloudwatch": "^3.1066.0",
53
+ "@aws-sdk/client-cloudwatch-logs": "^3.1066.0",
54
+ "@aws-sdk/client-cognito-identity-provider": "^3.1066.0",
55
+ "@aws-sdk/client-dynamodb": "^3.1066.0",
56
+ "@aws-sdk/client-kms": "^3.1066.0",
57
+ "@aws-sdk/client-s3": "^3.1066.0",
58
+ "@aws-sdk/client-secrets-manager": "^3.1066.0",
59
+ "@aws-sdk/client-ses": "^3.1066.0",
60
+ "@aws-sdk/client-sns": "^3.1066.0",
61
+ "@aws-sdk/client-sqs": "^3.1066.0",
62
+ "@aws-sdk/client-ssm": "^3.1066.0",
63
+ "@aws-sdk/s3-request-presigner": "^3.1066.0",
64
+ "@aws-sdk/util-dynamodb": "^3.996.4",
65
65
  "@de-otio/saas-foundation": "^0.3.0",
66
66
  "@de-otio/trellis-extension-api": "^0.3.0",
67
67
  "@de-otio/vestibulum": "^0.3.0",
68
- "@fedify/fedify": "2.2.4",
68
+ "@fedify/fedify": "2.2.5",
69
69
  "@prisma/adapter-pg": "^7.8.0",
70
70
  "@prisma/client": "^7.8.0",
71
71
  "cockatiel": "^4.0.0",
72
72
  "exifr": "^7.1.3",
73
- "hono": "^4.12.23",
74
- "isomorphic-dompurify": "^2.18.0",
73
+ "hono": "^4.12.25",
74
+ "isomorphic-dompurify": "^3.16.0",
75
75
  "js-yaml": "^4.1.1",
76
76
  "pg": "^8.13.0",
77
- "sharp": "^0.33.0",
77
+ "sharp": "^0.35.0",
78
78
  "zod": "^4.4.3"
79
79
  },
80
80
  "devDependencies": {
81
- "@aws-sdk/client-bedrock-agent-runtime": "^3.0.0",
82
- "@aws-sdk/client-cost-explorer": "^3.0.0",
83
- "@aws-sdk/client-ecs": "^3.0.0",
84
- "@aws-sdk/client-lambda": "^3.0.0",
85
- "@types/aws-lambda": "^8.10.0",
81
+ "@aws-sdk/client-bedrock-agent-runtime": "^3.1066.0",
82
+ "@aws-sdk/client-cost-explorer": "^3.1066.0",
83
+ "@aws-sdk/client-ecs": "^3.1066.0",
84
+ "@aws-sdk/client-lambda": "^3.1066.0",
85
+ "@types/aws-lambda": "^8.10.162",
86
86
  "@types/js-yaml": "^4.0.9",
87
- "@types/node": "^22.0.0",
87
+ "@types/node": "^25.9.3",
88
88
  "@types/pg": "^8.18.0",
89
89
  "@types/sharp": "^0.31.0",
90
- "@vitest/coverage-v8": "^4.0.0",
91
- "@vitest/ui": "^4.0.0",
90
+ "@vitest/coverage-v8": "^4.1.8",
91
+ "@vitest/ui": "^4.1.8",
92
92
  "aws-sdk-client-mock": "^4.1.0",
93
- "esbuild": "^0.27.0",
93
+ "esbuild": "^0.28.1",
94
94
  "form-data": "^4.0.1",
95
- "mailparser": "^3.9.4",
96
- "prettier": "^3.3.3",
95
+ "mailparser": "^3.9.9",
96
+ "prettier": "^3.8.4",
97
97
  "prisma": "^7.8.0",
98
- "tsx": "^4.19.0",
98
+ "tsx": "^4.22.4",
99
99
  "typescript": "^6.0.3",
100
100
  "vitest": "^4.0.0"
101
101
  },
@@ -31,9 +31,17 @@ export const handler: PreSignUpTriggerHandler = async (event) => {
31
31
  throw new Error("This invitation code has expired.");
32
32
  }
33
33
 
34
- // Auto-confirm and auto-verify for invited users
35
- event.response.autoConfirmUser = false;
36
- event.response.autoVerifyEmail = false;
34
+ // Auto-confirm and auto-verify invited users.
35
+ //
36
+ // Registration is passwordless (magic-link CUSTOM_AUTH). An UNCONFIRMED user
37
+ // cannot initiate that flow, so without auto-confirm an invited sign-up would
38
+ // create an account that can never sign in. This is safe because:
39
+ // - entry is already gated by a single-use invitation code (checked above);
40
+ // - access still requires answering the magic-link challenge, i.e. receiving
41
+ // and clicking a link sent to this exact address — the link, not this
42
+ // flag, is the real proof of email ownership and the access gate.
43
+ event.response.autoConfirmUser = true;
44
+ event.response.autoVerifyEmail = true;
37
45
 
38
46
  return event;
39
47
  };