@de-otio/trellis 0.10.8 → 0.10.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/lambda/pre-signup.d.ts.map +1 -1
- package/dist/lambda/pre-signup.js +11 -3
- package/dist/lambda/pre-signup.js.map +1 -1
- package/dist/lib/activitypub/remote-fetch-service.d.ts.map +1 -1
- package/dist/lib/activitypub/remote-fetch-service.js +9 -1
- package/dist/lib/activitypub/remote-fetch-service.js.map +1 -1
- package/dist/lib/activitypub/standalone-mode.d.ts.map +1 -1
- package/dist/lib/activitypub/standalone-mode.js +9 -1
- package/dist/lib/activitypub/standalone-mode.js.map +1 -1
- package/dist/lib/input-sanitizer.d.ts.map +1 -1
- package/dist/lib/input-sanitizer.js +21 -8
- package/dist/lib/input-sanitizer.js.map +1 -1
- package/package.json +30 -30
- package/src/lambda/pre-signup.ts +11 -3
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pre-signup.d.ts","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAyB,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAOjF,eAAO,MAAM,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"pre-signup.d.ts","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAyB,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAOjF,eAAO,MAAM,OAAO,EAAE,uBAuCrB,CAAC"}
|
|
@@ -23,9 +23,17 @@ export const handler = async (event) => {
|
|
|
23
23
|
if (invitation.ttl && invitation.ttl < Math.floor(Date.now() / 1000)) {
|
|
24
24
|
throw new Error("This invitation code has expired.");
|
|
25
25
|
}
|
|
26
|
-
// Auto-confirm and auto-verify
|
|
27
|
-
|
|
28
|
-
|
|
26
|
+
// Auto-confirm and auto-verify invited users.
|
|
27
|
+
//
|
|
28
|
+
// Registration is passwordless (magic-link CUSTOM_AUTH). An UNCONFIRMED user
|
|
29
|
+
// cannot initiate that flow, so without auto-confirm an invited sign-up would
|
|
30
|
+
// create an account that can never sign in. This is safe because:
|
|
31
|
+
// - entry is already gated by a single-use invitation code (checked above);
|
|
32
|
+
// - access still requires answering the magic-link challenge, i.e. receiving
|
|
33
|
+
// and clicking a link sent to this exact address — the link, not this
|
|
34
|
+
// flag, is the real proof of email ownership and the access gate.
|
|
35
|
+
event.response.autoConfirmUser = true;
|
|
36
|
+
event.response.autoVerifyEmail = true;
|
|
29
37
|
return event;
|
|
30
38
|
};
|
|
31
39
|
//# sourceMappingURL=pre-signup.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pre-signup.js","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAE9D,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;AACtE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,cAAe,CAAC;AAE1C,MAAM,CAAC,MAAM,OAAO,GAA4B,KAAK,EAAE,KAAK,EAAE,EAAE;IAC9D,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,uBAAuB,CAAC;QACrD,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,cAAc,CAAuB,CAAC;IAE5F,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IAED,oCAAoC;IACpC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC;QAClD,SAAS,EAAE,KAAK;QAChB,GAAG,EAAE,QAAQ,CAAC,EAAE,EAAE,EAAE,eAAe,cAAc,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;KAChE,CAAC,CAAC,CAAC;IAEJ,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3C,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACrE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,
|
|
1
|
+
{"version":3,"file":"pre-signup.js","sourceRoot":"","sources":["../../src/lambda/pre-signup.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,0BAA0B,CAAC;AAC1E,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAE9D,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;AACtE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,cAAe,CAAC;AAE1C,MAAM,CAAC,MAAM,OAAO,GAA4B,KAAK,EAAE,KAAK,EAAE,EAAE;IAC9D,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,uBAAuB,CAAC;QACrD,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,cAAc,CAAuB,CAAC;IAE5F,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IAED,oCAAoC;IACpC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,IAAI,cAAc,CAAC;QAClD,SAAS,EAAE,KAAK;QAChB,GAAG,EAAE,QAAQ,CAAC,EAAE,EAAE,EAAE,eAAe,cAAc,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC;KAChE,CAAC,CAAC,CAAC;IAEJ,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,qCAAqC,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,UAAU,GAAG,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3C,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,6CAA6C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,UAAU,CAAC,GAAG,IAAI,UAAU,CAAC,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,EAAE,CAAC;QACrE,MAAM,IAAI,KAAK,CAAC,mCAAmC,CAAC,CAAC;IACvD,CAAC;IAED,8CAA8C;IAC9C,EAAE;IACF,6EAA6E;IAC7E,8EAA8E;IAC9E,kEAAkE;IAClE,8EAA8E;IAC9E,+EAA+E;IAC/E,0EAA0E;IAC1E,sEAAsE;IACtE,KAAK,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;IACtC,KAAK,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;IAEtC,OAAO,KAAK,CAAC;AACf,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remote-fetch-service.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAYtC;;GAEG;AACH,qBAAa,kBAAkB;IAC7B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAW;IAEpD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,KAAK,CAAqC;IAEzD;;;;;;;OAOG;WACU,UAAU,CACrB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA2FzB;;;;;;;OAOG;WACU,WAAW,CACtB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0FzB;;;;;;;OAOG;WACU,aAAa,CACxB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkBzB;;;;;;;OAOG;WACU,iBAAiB,CAC5B,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0BzB;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO;
|
|
1
|
+
{"version":3,"file":"remote-fetch-service.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAYtC;;GAEG;AACH,qBAAa,kBAAkB;IAC7B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAW;IAEpD;;;OAGG;IACH,OAAO,CAAC,MAAM,CAAC,KAAK,CAAqC;IAEzD;;;;;;;OAOG;WACU,UAAU,CACrB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA2FzB;;;;;;;OAOG;WACU,WAAW,CACtB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0FzB;;;;;;;OAOG;WACU,aAAa,CACxB,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkBzB;;;;;;;OAOG;WACU,iBAAiB,CAC5B,QAAQ,EAAE,MAAM,EAChB,GAAG,EAAE,GAAG,EACR,MAAM,CAAC,EAAE,MAAM,GACd,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0BzB;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO;IAYlD;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI;IAShD;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,UAAU;IASzB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IA4B3B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,aAAa;IAiB5B;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAexB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,SAAS;IAiBxB;;OAEG;IACH,OAAO,CAAC,MAAM,CAAC,YAAY;IAS3B;;OAEG;IACH,MAAM,CAAC,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI;IAIzC;;OAEG;IACH,MAAM,CAAC,UAAU,IAAI,IAAI;CAG1B"}
|
|
@@ -233,7 +233,15 @@ export class RemoteFetchService {
|
|
|
233
233
|
*/
|
|
234
234
|
static isRemoteUri(uri, env) {
|
|
235
235
|
const baseUrl = env.ACTIVITYPUB_BASE_URL || "https://example.com";
|
|
236
|
-
|
|
236
|
+
// Compare parsed origins rather than a string prefix, so a host like
|
|
237
|
+
// "example.com.attacker.com" cannot masquerade as local.
|
|
238
|
+
try {
|
|
239
|
+
return new URL(uri).origin !== new URL(baseUrl).origin;
|
|
240
|
+
}
|
|
241
|
+
catch {
|
|
242
|
+
// Unparseable URI — treat as remote (untrusted).
|
|
243
|
+
return true;
|
|
244
|
+
}
|
|
237
245
|
}
|
|
238
246
|
/**
|
|
239
247
|
* Extract domain from URI
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"remote-fetch-service.js","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAU5E;;GAEG;AACH,MAAM,OAAO,kBAAkB;IAC7B;;OAEG;IACK,MAAM,CAAU,iBAAiB,GAAG,OAAO,CAAC,CAAC,yBAAyB;IAE9E;;;OAGG;IACK,MAAM,CAAC,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAEzD;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,UAAU,CACrB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,2CAA2C,QAAQ,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC;YAChC,6DAA6D;YAC7D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,kDAAkD,QAAQ,EAAE,CAC7D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,+EAA+E,QAAQ,EAAE,CAC1F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,uBAAuB;YACvB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;gBACrC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;gBACD,yDAAyD;aAC1D,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,8CAA8C,QAAQ,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACpG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE7C,0BAA0B;YAC1B,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,gDAAgD,QAAQ,EAAE,CAC3D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,cAAc;YACd,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAe,CAAC,CAAC;YAE1C,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,8CAA8C,QAAQ,EAAE,CAAC,CAAC;YACxE,CAAC;YAED,OAAO,KAAe,CAAC;QACzB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,6CAA6C,QAAQ,GAAG,EACxD,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,WAAW,CACtB,SAAiB,EACjB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAChC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,4CAA4C,SAAS,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mCAAmC;QACnC,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC;YACjC,8DAA8D;YAC9D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,mDAAmD,SAAS,EAAE,CAC/D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,gFAAgF,SAAS,EAAE,CAC5F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,6CAA6C,SAAS,EAAE,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,wBAAwB;YACxB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;gBACtC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,+CAA+C,SAAS,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACtG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,GAAG,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE3C,2BAA2B;YAC3B,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,iDAAiD,SAAS,EAAE,CAC7D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,eAAe;YACf,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,GAAa,CAAC,CAAC;YAEzC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,+CAA+C,SAAS,EAAE,CAAC,CAAC;YAC1E,CAAC;YAED,OAAO,GAAa,CAAC;QACvB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,8CAA8C,SAAS,GAAG,EAC1D,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAI,KAAa,CAAC,KAAK,CAAC;QACnC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAK,KAAa,CAAC,EAAE,EAAE,CAAC;YACrE,OAAQ,KAAa,CAAC,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAC5B,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAI,KAAa,CAAC,SAAS,CAAC;QAC3C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,sCAAsC;QACtC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YACxD,kDAAkD;YAClD,IAAK,SAAiB,CAAC,YAAY,EAAE,CAAC;gBACpC,OAAQ,SAAiB,CAAC,YAAY,CAAC;YACzC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAW,EAAE,GAAQ;QACtC,MAAM,OAAO,GAAG,GAAG,CAAC,oBAAoB,IAAI,qBAAqB,CAAC;QAClE,OAAO,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"remote-fetch-service.js","sourceRoot":"","sources":["../../../src/lib/activitypub/remote-fetch-service.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAKH,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAU5E;;GAEG;AACH,MAAM,OAAO,kBAAkB;IAC7B;;OAEG;IACK,MAAM,CAAU,iBAAiB,GAAG,OAAO,CAAC,CAAC,yBAAyB;IAE9E;;;OAGG;IACK,MAAM,CAAC,KAAK,GAAG,IAAI,GAAG,EAA0B,CAAC;IAEzD;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,UAAU,CACrB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC/B,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,2CAA2C,QAAQ,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,kCAAkC;QAClC,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,CAAC;YAChC,6DAA6D;YAC7D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,kDAAkD,QAAQ,EAAE,CAC7D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,+EAA+E,QAAQ,EAAE,CAC1F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,4CAA4C,QAAQ,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,uBAAuB;YACvB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;gBACrC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;gBACD,yDAAyD;aAC1D,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,8CAA8C,QAAQ,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACpG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,KAAK,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE7C,0BAA0B;YAC1B,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,gDAAgD,QAAQ,EAAE,CAC3D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,cAAc;YACd,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAe,CAAC,CAAC;YAE1C,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,8CAA8C,QAAQ,EAAE,CAAC,CAAC;YACxE,CAAC;YAED,OAAO,KAAe,CAAC;QACzB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,6CAA6C,QAAQ,GAAG,EACxD,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,WAAW,CACtB,SAAiB,EACjB,GAAQ,EACR,MAAe;QAEf,eAAe;QACf,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YAChC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,4CAA4C,SAAS,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mCAAmC;QACnC,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC;YACjC,8DAA8D;YAC9D,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,mDAAmD,SAAS,EAAE,CAC/D,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,4DAA4D;QAC5D,MAAM,cAAc,GAAG,MAAM,uBAAuB,CAAC,GAAG,CAAC,CAAC;QAC1D,IAAI,cAAc,EAAE,CAAC;YACnB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CACT,gFAAgF,SAAS,EAAE,CAC5F,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,cAAc;QACd,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzC,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CAAC,6CAA6C,SAAS,EAAE,CAAC,CAAC;YACzE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC;YACH,wBAAwB;YACxB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;gBACtC,OAAO,EAAE;oBACP,MAAM,EACJ,iGAAiG;oBACnG,YAAY,EAAE,gCAAgC;iBAC/C;aACF,CAAC,CAAC;YAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACjB,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,+CAA+C,SAAS,KAAK,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CACtG,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,GAAG,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAQ,CAAC;YAE3C,2BAA2B;YAC3B,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC7B,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,IAAI,CACT,iDAAiD,SAAS,EAAE,CAC7D,CAAC;gBACJ,CAAC;gBACD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,eAAe;YACf,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,GAAa,CAAC,CAAC;YAEzC,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,IAAI,CAAC,+CAA+C,SAAS,EAAE,CAAC,CAAC;YAC1E,CAAC;YAED,OAAO,GAAa,CAAC;QACvB,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,CAAC,KAAK,CACV,8CAA8C,SAAS,GAAG,EAC1D,KAAK,CACN,CAAC;YACJ,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,aAAa,CACxB,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,KAAK,GAAI,KAAa,CAAC,KAAK,CAAC;QACnC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,KAAK,KAAK,IAAI,IAAK,KAAa,CAAC,EAAE,EAAE,CAAC;YACrE,OAAQ,KAAa,CAAC,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAC5B,QAAgB,EAChB,GAAQ,EACR,MAAe;QAEf,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAI,KAAa,CAAC,SAAS,CAAC;QAC3C,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,IAAI,CAAC;QACd,CAAC;QAED,sCAAsC;QACtC,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;YAClC,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;YACxD,kDAAkD;YAClD,IAAK,SAAiB,CAAC,YAAY,EAAE,CAAC;gBACpC,OAAQ,SAAiB,CAAC,YAAY,CAAC;YACzC,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,WAAW,CAAC,GAAW,EAAE,GAAQ;QACtC,MAAM,OAAO,GAAG,GAAG,CAAC,oBAAoB,IAAI,qBAAqB,CAAC;QAClE,qEAAqE;QACrE,yDAAyD;QACzD,IAAI,CAAC;YACH,OAAO,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;YACjD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,aAAa,CAAC,GAAW;QAC9B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YACzB,OAAO,GAAG,CAAC,QAAQ,CAAC;QACtB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,UAAU,CAAC,GAAW;QACnC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YACzB,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,QAAQ,KAAK,OAAO,CAAC;QAC/D,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY,CAAC,KAAU;QACpC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,gCAAgC;QAChC,MAAM,UAAU,GAAG;YACjB,QAAQ;YACR,OAAO;YACP,cAAc;YACd,SAAS;YACT,aAAa;SACd,CAAC;QACF,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YACrC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,EAAE,IAAI,OAAO,KAAK,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,aAAa,CAAC,GAAQ;QACnC,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,wBAAwB;QACxB,IAAI,CAAC,GAAG,CAAC,EAAE,IAAI,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,EAAE,CAAC;YAC1C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC9C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CAAC,GAAW;QAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO,IAAI,CAAC;QACd,CAAC;QAED,mBAAmB;QACnB,IAAI,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;YAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,MAAM,CAAC,QAAQ,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,SAAS,CACtB,GAAW,EACX,QAAgB,EAChB,MAAc,IAAI,CAAC,iBAAiB;QAEpC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,QAAQ;YACR,OAAO,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG;SAC1B,CAAC,CAAC;QAEH,0DAA0D;QAC1D,kEAAkE;QAClE,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,EAAE,CAAC;YAC3B,IAAI,CAAC,YAAY,EAAE,CAAC;QACtB,CAAC;IACH,CAAC;IAED;;OAEG;IACK,MAAM,CAAC,YAAY;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACvB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,CAAC;YAChD,IAAI,KAAK,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;gBACxB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,eAAe,CAAC,GAAW;QAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;IACzB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,UAAU;QACf,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"standalone-mode.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAWnD;;;;;;;;;;;;GAYG;AACH,wBAAsB,uBAAuB,CAC3C,GAAG,EAAE,GAAG,EACR,EAAE,CAAC,EAAE,YAAY,EACjB,OAAO,CAAC,EAAE,OAAO,GAChB,OAAO,CAAC,OAAO,CAAC,CA8ClB;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,
|
|
1
|
+
{"version":3,"file":"standalone-mode.d.ts","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,cAAc,CAAC;AACxC,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAWnD;;;;;;;;;;;;GAYG;AACH,wBAAsB,uBAAuB,CAC3C,GAAG,EAAE,GAAG,EACR,EAAE,CAAC,EAAE,YAAY,EACjB,OAAO,CAAC,EAAE,OAAO,GAChB,OAAO,CAAC,OAAO,CAAC,CA8ClB;AAED;;;;;;;;GAQG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,GAAG,OAAO,CA2B1D"}
|
|
@@ -85,6 +85,14 @@ export function isRemoteUri(uri, env) {
|
|
|
85
85
|
// Invalid URL, use default
|
|
86
86
|
}
|
|
87
87
|
}
|
|
88
|
-
|
|
88
|
+
// Compare parsed origins rather than a string prefix, so a host like
|
|
89
|
+
// "example.com.attacker.com" cannot masquerade as local.
|
|
90
|
+
try {
|
|
91
|
+
return new URL(uri).origin !== new URL(baseUrl).origin;
|
|
92
|
+
}
|
|
93
|
+
catch {
|
|
94
|
+
// Unparseable URI — treat as remote (untrusted).
|
|
95
|
+
return true;
|
|
96
|
+
}
|
|
89
97
|
}
|
|
90
98
|
//# sourceMappingURL=standalone-mode.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"standalone-mode.js","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,SAAS,EAAU,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,+BAA+B,EAAE,MAAM,mCAAmC,CAAC;AACpF,OAAO,EACL,wBAAwB,EACxB,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,MAAM,0BAA0B,GAAG,qCAAqC,CAAC;AAEzE;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,GAAQ,EACR,EAAiB,EACjB,OAAiB;IAEjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,yDAAyD;QACzD,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,EAAE,CAAC,CAAC;YACnD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC;QAED,iEAAiE;QACjE,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/D,MAAM,SAAS,GAAG,+BAA+B,CAAC;QAElD,MAAM,MAAM,GAAG,MAAM,wBAAwB,CAC3C,SAAS,EACT,MAAM,EACN,GAAG,EACH,KAAK,EAAE,MAAM,EAAE,EAAE;YACf,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,MAAM,CAAC,CAAC;YACvD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC,EACD;YACE,GAAG,mBAAmB,CAAC,QAAQ,EAAE,sBAAsB;YACvD,YAAY,EAAE,KAAK,EAAE,uDAAuD;YAC5E,OAAO,EAAE;gBACP,SAAS,EAAE,qBAAqB;aACjC;SACF,CACF,CAAC;QAEF,OAAO,MAAM,IAAI,KAAK,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CACV,yDAAyD,EACzD,KAAK,CACN,CAAC;QACF,4DAA4D;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,GAAQ;IAC/C,gEAAgE;IAChE,gEAAgE;IAChE,IAAI,OAAO,GAAG,qBAAqB,CAAC;IACpC,IAAI,GAAG,CAAC,oBAAoB,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAC9C,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACpC,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,
|
|
1
|
+
{"version":3,"file":"standalone-mode.js","sourceRoot":"","sources":["../../../src/lib/activitypub/standalone-mode.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,SAAS,EAAU,MAAM,cAAc,CAAC;AACjD,OAAO,EAAE,+BAA+B,EAAE,MAAM,mCAAmC,CAAC;AACpF,OAAO,EACL,wBAAwB,EACxB,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAE1D,MAAM,0BAA0B,GAAG,qCAAqC,CAAC;AAEzE;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,GAAQ,EACR,EAAiB,EACjB,OAAiB;IAEjB,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;IAE3B,IAAI,CAAC;QACH,yDAAyD;QACzD,IAAI,EAAE,EAAE,CAAC;YACP,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,EAAE,CAAC,CAAC;YACnD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC;QAED,iEAAiE;QACjE,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAC/D,MAAM,SAAS,GAAG,+BAA+B,CAAC;QAElD,MAAM,MAAM,GAAG,MAAM,wBAAwB,CAC3C,SAAS,EACT,MAAM,EACN,GAAG,EACH,KAAK,EAAE,MAAM,EAAE,EAAE;YACf,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAC3C,8BAA8B,CAC/B,CAAC;YACF,MAAM,aAAa,GAAG,IAAI,oBAAoB,CAAC,MAAM,CAAC,CAAC;YACvD,OAAO,MAAM,aAAa,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QACnE,CAAC,EACD;YACE,GAAG,mBAAmB,CAAC,QAAQ,EAAE,sBAAsB;YACvD,YAAY,EAAE,KAAK,EAAE,uDAAuD;YAC5E,OAAO,EAAE;gBACP,SAAS,EAAE,qBAAqB;aACjC;SACF,CACF,CAAC;QAEF,OAAO,MAAM,IAAI,KAAK,CAAC;IACzB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CACV,yDAAyD,EACzD,KAAK,CACN,CAAC;QACF,4DAA4D;QAC5D,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,GAAQ;IAC/C,gEAAgE;IAChE,gEAAgE;IAChE,IAAI,OAAO,GAAG,qBAAqB,CAAC;IACpC,IAAI,GAAG,CAAC,oBAAoB,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;YAC9C,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACpC,OAAO,GAAG,GAAG,GAAG,CAAC,QAAQ,KAAK,GAAG,CAAC,QAAQ,EAAE,CAAC;QAC/C,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IACD,qEAAqE;IACrE,yDAAyD;IACzD,IAAI,CAAC;QACH,OAAO,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,MAAM,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,iDAAiD;QACjD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"input-sanitizer.d.ts","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,qBAAa,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;
|
|
1
|
+
{"version":3,"file":"input-sanitizer.d.ts","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,qBAAa,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAuD1C;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAsC1C;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,IAAI,EAAE,GAAG,GAAG,GAAG;IAiCnC;;;;;;;;OAQG;IACH,MAAM,CAAC,aAAa,CAClB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,KAAK,EAAE,MAAM,EACb,SAAS,GAAE,OAAe,GACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;IAiBtB;;;;;;;OAOG;IACH,MAAM,CAAC,cAAc,CACnB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,EACzB,MAAM,EAAE,MAAM,EAAE,EAChB,SAAS,GAAE,OAAe,GACzB,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC;CAgBvB"}
|
|
@@ -31,14 +31,27 @@ export class InputSanitizer {
|
|
|
31
31
|
return "";
|
|
32
32
|
}
|
|
33
33
|
}
|
|
34
|
-
//
|
|
35
|
-
//
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
34
|
+
// Strip a pattern repeatedly until the string stops changing. A single
|
|
35
|
+
// pass can be defeated by nesting (e.g. "<scr<script>ipt>" collapses to
|
|
36
|
+
// "<script>"), so we apply the replacement to a fixed point.
|
|
37
|
+
const stripUntilStable = (value, pattern) => {
|
|
38
|
+
let current = value;
|
|
39
|
+
let previous;
|
|
40
|
+
do {
|
|
41
|
+
previous = current;
|
|
42
|
+
current = current.replace(pattern, "");
|
|
43
|
+
} while (current !== previous);
|
|
44
|
+
return current;
|
|
45
|
+
};
|
|
46
|
+
// First, remove script tags and their content (most dangerous).
|
|
47
|
+
// The end tag uses [^>]* (not just \s*) because browsers close on any
|
|
48
|
+
// junk before the ">", e.g. "</script\n foo>" — so the filter must too.
|
|
49
|
+
let sanitized = stripUntilStable(input, /<script\b[^<]*(?:(?!<\/script[^>]*>)<[^<]*)*<\/script[^>]*>/gi);
|
|
50
|
+
// Remove style tags and their content (same end-tag tolerance)
|
|
51
|
+
sanitized = stripUntilStable(sanitized, /<style\b[^<]*(?:(?!<\/style[^>]*>)<[^<]*)*<\/style[^>]*>/gi);
|
|
52
|
+
// Remove all other HTML tags using regex (safe for Cloudflare Workers).
|
|
53
|
+
// Looped to a fixed point so nested/partial tags cannot survive a pass.
|
|
54
|
+
sanitized = stripUntilStable(sanitized, /<[^>]*>/g);
|
|
42
55
|
// Remove all HTML entities (numeric and named) for security
|
|
43
56
|
// This prevents XSS attacks via encoded entities
|
|
44
57
|
sanitized = sanitized.replace(/&#\d+;/g, "");
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"input-sanitizer.js","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,OAAO,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,iCAAiC;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,kEAAkE;YAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,yCAAyC;YACzC,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;YAAC,MAAM,CAAC;gBACP,2CAA2C;gBAC3C,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED
|
|
1
|
+
{"version":3,"file":"input-sanitizer.js","sourceRoot":"","sources":["../../src/lib/input-sanitizer.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,OAAO,cAAc;IACzB;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,iCAAiC;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,kEAAkE;YAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,yCAAyC;YACzC,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;YAAC,MAAM,CAAC;gBACP,2CAA2C;gBAC3C,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,uEAAuE;QACvE,wEAAwE;QACxE,6DAA6D;QAC7D,MAAM,gBAAgB,GAAG,CAAC,KAAa,EAAE,OAAe,EAAU,EAAE;YAClE,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,IAAI,QAAgB,CAAC;YACrB,GAAG,CAAC;gBACF,QAAQ,GAAG,OAAO,CAAC;gBACnB,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACzC,CAAC,QAAQ,OAAO,KAAK,QAAQ,EAAE;YAC/B,OAAO,OAAO,CAAC;QACjB,CAAC,CAAC;QAEF,gEAAgE;QAChE,sEAAsE;QACtE,wEAAwE;QACxE,IAAI,SAAS,GAAG,gBAAgB,CAC9B,KAAK,EACL,+DAA+D,CAChE,CAAC;QAEF,+DAA+D;QAC/D,SAAS,GAAG,gBAAgB,CAC1B,SAAS,EACT,4DAA4D,CAC7D,CAAC;QAEF,wEAAwE;QACxE,wEAAwE;QACxE,SAAS,GAAG,gBAAgB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;QAEpD,4DAA4D;QAC5D,iDAAiD;QACjD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;QAC7C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QAElD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,KAAa;QAC/B,iCAAiC;QACjC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,kEAAkE;YAClE,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC9B,OAAO,EAAE,CAAC;YACZ,CAAC;YACD,yCAAyC;YACzC,IAAI,CAAC;gBACH,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;YACvB,CAAC;YAAC,MAAM,CAAC;gBACP,2CAA2C;gBAC3C,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,iDAAiD;QACjD,kEAAkE;QAClE,MAAM,WAAW,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;QAC/D,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAEjD,6CAA6C;QAC7C,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAC3B,IAAI,MAAM,CAAC,aAAa,kBAAkB,mBAAmB,EAAE,IAAI,CAAC,EACpE,EAAE,CACH,CAAC;QAEF,gEAAgE;QAChE,WAAW,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;YAC1B,SAAS,GAAG,SAAS,CAAC,OAAO,CAC3B,IAAI,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,IAAI,CAAC,EACrC,IAAI,GAAG,GAAG,CACX,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;;;;OAMG;IACH,MAAM,CAAC,YAAY,CAAC,IAAS;QAC3B,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC;QACjC,CAAC;QAED,+CAA+C;QAC/C,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;QACrD,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,SAAS,GAAQ,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChD,sEAAsE;gBACtE,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;oBAC5B,SAAS;gBACX,CAAC;gBACD,gCAAgC;gBAChC,MAAM,YAAY,GAChB,OAAO,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;gBACzD,SAAS,CAAC,YAAY,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC;YACrD,CAAC;YACD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,yEAAyE;QACzE,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;OAQG;IACH,MAAM,CAAC,aAAa,CAClB,IAAyB,EACzB,KAAa,EACb,YAAqB,KAAK;QAE1B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,KAAK,IAAI,IAAI,IAAI,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;YACrD,OAAO;gBACL,GAAG,IAAI;gBACP,CAAC,KAAK,CAAC,EAAE,SAAS;oBAChB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBAChC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;aACnC,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;OAOG;IACH,MAAM,CAAC,cAAc,CACnB,IAAyB,EACzB,MAAgB,EAChB,YAAqB,KAAK;QAE1B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,EAAE,GAAG,IAAI,EAAE,CAAC;QAC9B,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,IAAI,KAAK,IAAI,SAAS,IAAI,OAAO,SAAS,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC/D,SAAS,CAAC,KAAK,CAAC,GAAG,SAAS;oBAC1B,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;oBACrC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@de-otio/trellis",
|
|
3
|
-
"version": "0.10.
|
|
3
|
+
"version": "0.10.9",
|
|
4
4
|
"license": "AGPL-3.0-or-later",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.js",
|
|
@@ -49,53 +49,53 @@
|
|
|
49
49
|
"@aws-lambda-powertools/logger": "^2.32.0",
|
|
50
50
|
"@aws-lambda-powertools/metrics": "^2.32.0",
|
|
51
51
|
"@aws-lambda-powertools/parameters": "^2.32.0",
|
|
52
|
-
"@aws-sdk/client-cloudwatch": "^3.
|
|
53
|
-
"@aws-sdk/client-cloudwatch-logs": "^3.
|
|
54
|
-
"@aws-sdk/client-cognito-identity-provider": "^3.
|
|
55
|
-
"@aws-sdk/client-dynamodb": "^3.
|
|
56
|
-
"@aws-sdk/client-kms": "^3.
|
|
57
|
-
"@aws-sdk/client-s3": "^3.
|
|
58
|
-
"@aws-sdk/client-secrets-manager": "^3.
|
|
59
|
-
"@aws-sdk/client-ses": "^3.
|
|
60
|
-
"@aws-sdk/client-sns": "^3.
|
|
61
|
-
"@aws-sdk/client-sqs": "^3.
|
|
62
|
-
"@aws-sdk/client-ssm": "^3.
|
|
63
|
-
"@aws-sdk/s3-request-presigner": "^3.
|
|
64
|
-
"@aws-sdk/util-dynamodb": "^3.
|
|
52
|
+
"@aws-sdk/client-cloudwatch": "^3.1066.0",
|
|
53
|
+
"@aws-sdk/client-cloudwatch-logs": "^3.1066.0",
|
|
54
|
+
"@aws-sdk/client-cognito-identity-provider": "^3.1066.0",
|
|
55
|
+
"@aws-sdk/client-dynamodb": "^3.1066.0",
|
|
56
|
+
"@aws-sdk/client-kms": "^3.1066.0",
|
|
57
|
+
"@aws-sdk/client-s3": "^3.1066.0",
|
|
58
|
+
"@aws-sdk/client-secrets-manager": "^3.1066.0",
|
|
59
|
+
"@aws-sdk/client-ses": "^3.1066.0",
|
|
60
|
+
"@aws-sdk/client-sns": "^3.1066.0",
|
|
61
|
+
"@aws-sdk/client-sqs": "^3.1066.0",
|
|
62
|
+
"@aws-sdk/client-ssm": "^3.1066.0",
|
|
63
|
+
"@aws-sdk/s3-request-presigner": "^3.1066.0",
|
|
64
|
+
"@aws-sdk/util-dynamodb": "^3.996.4",
|
|
65
65
|
"@de-otio/saas-foundation": "^0.3.0",
|
|
66
66
|
"@de-otio/trellis-extension-api": "^0.3.0",
|
|
67
67
|
"@de-otio/vestibulum": "^0.3.0",
|
|
68
|
-
"@fedify/fedify": "2.2.
|
|
68
|
+
"@fedify/fedify": "2.2.5",
|
|
69
69
|
"@prisma/adapter-pg": "^7.8.0",
|
|
70
70
|
"@prisma/client": "^7.8.0",
|
|
71
71
|
"cockatiel": "^4.0.0",
|
|
72
72
|
"exifr": "^7.1.3",
|
|
73
|
-
"hono": "^4.12.
|
|
74
|
-
"isomorphic-dompurify": "^
|
|
73
|
+
"hono": "^4.12.25",
|
|
74
|
+
"isomorphic-dompurify": "^3.16.0",
|
|
75
75
|
"js-yaml": "^4.1.1",
|
|
76
76
|
"pg": "^8.13.0",
|
|
77
|
-
"sharp": "^0.
|
|
77
|
+
"sharp": "^0.35.0",
|
|
78
78
|
"zod": "^4.4.3"
|
|
79
79
|
},
|
|
80
80
|
"devDependencies": {
|
|
81
|
-
"@aws-sdk/client-bedrock-agent-runtime": "^3.
|
|
82
|
-
"@aws-sdk/client-cost-explorer": "^3.
|
|
83
|
-
"@aws-sdk/client-ecs": "^3.
|
|
84
|
-
"@aws-sdk/client-lambda": "^3.
|
|
85
|
-
"@types/aws-lambda": "^8.10.
|
|
81
|
+
"@aws-sdk/client-bedrock-agent-runtime": "^3.1066.0",
|
|
82
|
+
"@aws-sdk/client-cost-explorer": "^3.1066.0",
|
|
83
|
+
"@aws-sdk/client-ecs": "^3.1066.0",
|
|
84
|
+
"@aws-sdk/client-lambda": "^3.1066.0",
|
|
85
|
+
"@types/aws-lambda": "^8.10.162",
|
|
86
86
|
"@types/js-yaml": "^4.0.9",
|
|
87
|
-
"@types/node": "^
|
|
87
|
+
"@types/node": "^25.9.3",
|
|
88
88
|
"@types/pg": "^8.18.0",
|
|
89
89
|
"@types/sharp": "^0.31.0",
|
|
90
|
-
"@vitest/coverage-v8": "^4.
|
|
91
|
-
"@vitest/ui": "^4.
|
|
90
|
+
"@vitest/coverage-v8": "^4.1.8",
|
|
91
|
+
"@vitest/ui": "^4.1.8",
|
|
92
92
|
"aws-sdk-client-mock": "^4.1.0",
|
|
93
|
-
"esbuild": "^0.
|
|
93
|
+
"esbuild": "^0.28.1",
|
|
94
94
|
"form-data": "^4.0.1",
|
|
95
|
-
"mailparser": "^3.9.
|
|
96
|
-
"prettier": "^3.
|
|
95
|
+
"mailparser": "^3.9.9",
|
|
96
|
+
"prettier": "^3.8.4",
|
|
97
97
|
"prisma": "^7.8.0",
|
|
98
|
-
"tsx": "^4.
|
|
98
|
+
"tsx": "^4.22.4",
|
|
99
99
|
"typescript": "^6.0.3",
|
|
100
100
|
"vitest": "^4.0.0"
|
|
101
101
|
},
|
package/src/lambda/pre-signup.ts
CHANGED
|
@@ -31,9 +31,17 @@ export const handler: PreSignUpTriggerHandler = async (event) => {
|
|
|
31
31
|
throw new Error("This invitation code has expired.");
|
|
32
32
|
}
|
|
33
33
|
|
|
34
|
-
// Auto-confirm and auto-verify
|
|
35
|
-
|
|
36
|
-
|
|
34
|
+
// Auto-confirm and auto-verify invited users.
|
|
35
|
+
//
|
|
36
|
+
// Registration is passwordless (magic-link CUSTOM_AUTH). An UNCONFIRMED user
|
|
37
|
+
// cannot initiate that flow, so without auto-confirm an invited sign-up would
|
|
38
|
+
// create an account that can never sign in. This is safe because:
|
|
39
|
+
// - entry is already gated by a single-use invitation code (checked above);
|
|
40
|
+
// - access still requires answering the magic-link challenge, i.e. receiving
|
|
41
|
+
// and clicking a link sent to this exact address — the link, not this
|
|
42
|
+
// flag, is the real proof of email ownership and the access gate.
|
|
43
|
+
event.response.autoConfirmUser = true;
|
|
44
|
+
event.response.autoVerifyEmail = true;
|
|
37
45
|
|
|
38
46
|
return event;
|
|
39
47
|
};
|