@fedify/fedify 0.12.0-dev.267 → 0.12.0-dev.273
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGES.md +64 -0
- package/esm/federation/middleware.js +17 -2
- package/esm/runtime/docloader.js +3 -0
- package/esm/runtime/url.js +75 -0
- package/package.json +1 -1
- package/types/federation/middleware.d.ts +23 -0
- package/types/federation/middleware.d.ts.map +1 -1
- package/types/runtime/docloader.d.ts.map +1 -1
- package/types/runtime/url.d.ts +11 -0
- package/types/runtime/url.d.ts.map +1 -0
- package/types/runtime/url.test.d.ts.map +1 -0
package/CHANGES.md
CHANGED
|
@@ -31,6 +31,13 @@ To be released.
|
|
|
31
31
|
- Added `createExponentialBackoffPolicy()` function.
|
|
32
32
|
- Added `CreateExponentialBackoffPolicyOptions` interface.
|
|
33
33
|
|
|
34
|
+
- `Federation` object now allows its task queue to be started manually.
|
|
35
|
+
[[#53]]
|
|
36
|
+
|
|
37
|
+
- Added `manuallyStartQueue` option to `CreateFederationOptions`
|
|
38
|
+
interface.
|
|
39
|
+
- Added `Federation.startQueue()` method.
|
|
40
|
+
|
|
34
41
|
- Added `ChatMessage` class to Activity Vocabulary API. [[#85]]
|
|
35
42
|
|
|
36
43
|
- Improved multitenancy (virtual hosting) support. [[#66]]
|
|
@@ -47,16 +54,41 @@ To be released.
|
|
|
47
54
|
- The last parameter of `Federation.sendActivity()` method is no longer
|
|
48
55
|
optional. Also, it now takes the required `contextData` option.
|
|
49
56
|
|
|
57
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
58
|
+
[[CVE-2024-39687]]
|
|
59
|
+
|
|
60
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
61
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
62
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
63
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
64
|
+
URL or refers to a private network address.
|
|
65
|
+
|
|
50
66
|
- Added more log messages using the [LogTape] library. Currently the below
|
|
51
67
|
logger categories are used:
|
|
52
68
|
|
|
53
69
|
- `["fedify", "federation", "queue"]`
|
|
54
70
|
|
|
71
|
+
[#53]: https://github.com/dahlia/fedify/issues/53
|
|
55
72
|
[#66]: https://github.com/dahlia/fedify/issues/66
|
|
56
73
|
[#70]: https://github.com/dahlia/fedify/issues/70
|
|
57
74
|
[#85]: https://github.com/dahlia/fedify/issues/85
|
|
58
75
|
|
|
59
76
|
|
|
77
|
+
Version 0.11.1
|
|
78
|
+
--------------
|
|
79
|
+
|
|
80
|
+
Released on July 5, 2024.
|
|
81
|
+
|
|
82
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
83
|
+
[[CVE-2024-39687]]
|
|
84
|
+
|
|
85
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
86
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
87
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
88
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
89
|
+
URL or refers to a private network address.
|
|
90
|
+
|
|
91
|
+
|
|
60
92
|
Version 0.11.0
|
|
61
93
|
--------------
|
|
62
94
|
|
|
@@ -240,6 +272,21 @@ Released on June 29, 2024.
|
|
|
240
272
|
[#80]: https://github.com/dahlia/fedify/pull/80
|
|
241
273
|
|
|
242
274
|
|
|
275
|
+
Version 0.10.1
|
|
276
|
+
--------------
|
|
277
|
+
|
|
278
|
+
Released on July 5, 2024.
|
|
279
|
+
|
|
280
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
281
|
+
[[CVE-2024-39687]]
|
|
282
|
+
|
|
283
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
284
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
285
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
286
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
287
|
+
URL or refers to a private network address.
|
|
288
|
+
|
|
289
|
+
|
|
243
290
|
Version 0.10.0
|
|
244
291
|
--------------
|
|
245
292
|
|
|
@@ -401,6 +448,23 @@ is now distributed under the [MIT License] to encourage wider adoption.
|
|
|
401
448
|
[x-forwarded-fetch]: https://github.com/dahlia/x-forwarded-fetch
|
|
402
449
|
|
|
403
450
|
|
|
451
|
+
Version 0.9.2
|
|
452
|
+
-------------
|
|
453
|
+
|
|
454
|
+
Released on July 5, 2024.
|
|
455
|
+
|
|
456
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
457
|
+
[[CVE-2024-39687]]
|
|
458
|
+
|
|
459
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
460
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
461
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
462
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
463
|
+
URL or refers to a private network address.
|
|
464
|
+
|
|
465
|
+
[CVE-2024-39687]: https://github.com/dahlia/fedify/security/advisories/GHSA-p9cg-vqcc-grcx
|
|
466
|
+
|
|
467
|
+
|
|
404
468
|
Version 0.9.1
|
|
405
469
|
-------------
|
|
406
470
|
|
|
@@ -40,6 +40,7 @@ export class Federation {
|
|
|
40
40
|
#kvPrefixes;
|
|
41
41
|
#queue;
|
|
42
42
|
#queueStarted;
|
|
43
|
+
#manuallyStartQueue;
|
|
43
44
|
#router;
|
|
44
45
|
#nodeInfoDispatcher;
|
|
45
46
|
#actorCallbacks;
|
|
@@ -87,6 +88,7 @@ export class Federation {
|
|
|
87
88
|
};
|
|
88
89
|
this.#queue = options.queue;
|
|
89
90
|
this.#queueStarted = false;
|
|
91
|
+
this.#manuallyStartQueue = options.manuallyStartQueue ?? false;
|
|
90
92
|
this.#router = new Router();
|
|
91
93
|
this.#router.add("/.well-known/webfinger", "webfinger");
|
|
92
94
|
this.#router.add("/.well-known/nodeinfo", "nodeInfoJrd");
|
|
@@ -291,6 +293,18 @@ export class Federation {
|
|
|
291
293
|
}
|
|
292
294
|
logger.info("Activity {activityId} has been processed.", { activityId: activity.id?.href, activity: message.activity });
|
|
293
295
|
}
|
|
296
|
+
/**
|
|
297
|
+
* Manually start the task queue.
|
|
298
|
+
*
|
|
299
|
+
* This method is useful when you set the `manuallyStartQueue` option to
|
|
300
|
+
* `true` in the {@link createFederation} function.
|
|
301
|
+
* @param contextData The context data to pass to the context.
|
|
302
|
+
* @since 0.12.0
|
|
303
|
+
*/
|
|
304
|
+
startQueue(contextData) {
|
|
305
|
+
this.#startQueue(contextData);
|
|
306
|
+
return Promise.resolve();
|
|
307
|
+
}
|
|
294
308
|
createContext(urlOrRequest, contextData) {
|
|
295
309
|
return urlOrRequest instanceof Request
|
|
296
310
|
? this.#createContext(urlOrRequest, contextData)
|
|
@@ -982,7 +996,8 @@ export class Federation {
|
|
|
982
996
|
logger.error("Activity {activityId} to send does not have an actor.", { activity, activityId: activity?.id?.href });
|
|
983
997
|
throw new TypeError("The activity to send must have at least one actor property.");
|
|
984
998
|
}
|
|
985
|
-
this.#
|
|
999
|
+
if (!this.#manuallyStartQueue)
|
|
1000
|
+
this.#startQueue(contextData);
|
|
986
1001
|
if (activity.id == null) {
|
|
987
1002
|
activity = activity.clone({
|
|
988
1003
|
id: new URL(`urn:uuid:${dntShim.crypto.randomUUID()}`),
|
|
@@ -1173,7 +1188,7 @@ export class Federation {
|
|
|
1173
1188
|
});
|
|
1174
1189
|
}
|
|
1175
1190
|
}
|
|
1176
|
-
if (this.#
|
|
1191
|
+
if (!this.#manuallyStartQueue)
|
|
1177
1192
|
this.#startQueue(contextData);
|
|
1178
1193
|
return await handleInbox(request, {
|
|
1179
1194
|
handle: route.values.handle ?? null,
|
package/esm/runtime/docloader.js
CHANGED
|
@@ -3,6 +3,7 @@ import { getLogger } from "@logtape/logtape";
|
|
|
3
3
|
import { signRequest } from "../sig/http.js";
|
|
4
4
|
import { validateCryptoKey } from "../sig/key.js";
|
|
5
5
|
import preloadedContexts from "./contexts.js";
|
|
6
|
+
import { validatePublicUrl } from "./url.js";
|
|
6
7
|
const logger = getLogger(["fedify", "runtime", "docloader"]);
|
|
7
8
|
/**
|
|
8
9
|
* Error thrown when fetching a JSON-LD document failed.
|
|
@@ -82,6 +83,7 @@ export async function fetchDocumentLoader(url) {
|
|
|
82
83
|
documentUrl: url,
|
|
83
84
|
};
|
|
84
85
|
}
|
|
86
|
+
await validatePublicUrl(url);
|
|
85
87
|
const request = createRequest(url);
|
|
86
88
|
logRequest(request);
|
|
87
89
|
const response = await fetch(request, {
|
|
@@ -110,6 +112,7 @@ export async function fetchDocumentLoader(url) {
|
|
|
110
112
|
export function getAuthenticatedDocumentLoader(identity) {
|
|
111
113
|
validateCryptoKey(identity.privateKey);
|
|
112
114
|
async function load(url) {
|
|
115
|
+
await validatePublicUrl(url);
|
|
113
116
|
let request = createRequest(url);
|
|
114
117
|
request = await signRequest(request, identity.privateKey, identity.keyId);
|
|
115
118
|
logRequest(request);
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
import * as dntShim from "../_dnt.shims.js";
|
|
2
|
+
import { lookup } from "node:dns/promises";
|
|
3
|
+
import { isIP } from "node:net";
|
|
4
|
+
export class UrlError extends Error {
|
|
5
|
+
constructor(message) {
|
|
6
|
+
super(message);
|
|
7
|
+
this.name = "UrlError";
|
|
8
|
+
}
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Validates a URL to prevent SSRF attacks.
|
|
12
|
+
*/
|
|
13
|
+
export async function validatePublicUrl(url) {
|
|
14
|
+
const parsed = new URL(url);
|
|
15
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
|
|
16
|
+
throw new UrlError(`Unsupported protocol: ${parsed.protocol}`);
|
|
17
|
+
}
|
|
18
|
+
let hostname = parsed.hostname;
|
|
19
|
+
if (hostname.startsWith("[") && hostname.endsWith("]")) {
|
|
20
|
+
hostname = hostname.substring(1, hostname.length - 2);
|
|
21
|
+
}
|
|
22
|
+
if (hostname === "localhost") {
|
|
23
|
+
throw new UrlError("Localhost is not allowed");
|
|
24
|
+
}
|
|
25
|
+
if ("Deno" in dntShim.dntGlobalThis && !isIP(hostname)) {
|
|
26
|
+
// If the `net` permission is not granted, we can't resolve the hostname.
|
|
27
|
+
// However, we can safely assume that it cannot gain access to private
|
|
28
|
+
// resources.
|
|
29
|
+
const netPermission = await dntShim.Deno.permissions.query({ name: "net" });
|
|
30
|
+
if (netPermission.state !== "granted")
|
|
31
|
+
return;
|
|
32
|
+
}
|
|
33
|
+
const { address, family } = await lookup(hostname);
|
|
34
|
+
if (family === 4 && !isValidPublicIPv4Address(address) ||
|
|
35
|
+
family === 6 && !isValidPublicIPv6Address(address) ||
|
|
36
|
+
family < 4 || family === 5 || family > 6) {
|
|
37
|
+
throw new UrlError(`Invalid or private address: ${address}`);
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
export function isValidPublicIPv4Address(address) {
|
|
41
|
+
const parts = address.split(".");
|
|
42
|
+
const first = parseInt(parts[0]);
|
|
43
|
+
if (first === 0 || first === 10 || first === 127)
|
|
44
|
+
return false;
|
|
45
|
+
const second = parseInt(parts[1]);
|
|
46
|
+
if (first === 169 && second === 254)
|
|
47
|
+
return false;
|
|
48
|
+
if (first === 172 && second >= 16 && second <= 31)
|
|
49
|
+
return false;
|
|
50
|
+
if (first === 192 && second === 168)
|
|
51
|
+
return false;
|
|
52
|
+
return true;
|
|
53
|
+
}
|
|
54
|
+
export function isValidPublicIPv6Address(address) {
|
|
55
|
+
address = expandIPv6Address(address);
|
|
56
|
+
if (address.at(4) !== ":")
|
|
57
|
+
return false;
|
|
58
|
+
const firstWord = parseInt(address.substring(0, 4), 16);
|
|
59
|
+
return !((firstWord >= 0xfc00 && firstWord <= 0xfdff) || // ULA
|
|
60
|
+
(firstWord >= 0xfe80 && firstWord <= 0xfebf) || // Link-local
|
|
61
|
+
firstWord === 0 || firstWord >= 0xff00 // Multicast
|
|
62
|
+
);
|
|
63
|
+
}
|
|
64
|
+
export function expandIPv6Address(address) {
|
|
65
|
+
address = address.toLowerCase();
|
|
66
|
+
if (address === "::")
|
|
67
|
+
return "0000:0000:0000:0000:0000:0000:0000:0000";
|
|
68
|
+
if (address.startsWith("::"))
|
|
69
|
+
address = "0000" + address;
|
|
70
|
+
if (address.endsWith("::"))
|
|
71
|
+
address = address + "0000";
|
|
72
|
+
address = address.replace("::", ":0000".repeat(8 - (address.match(/:/g) || []).length) + ":");
|
|
73
|
+
const parts = address.split(":");
|
|
74
|
+
return parts.map((part) => part.padStart(4, "0")).join(":");
|
|
75
|
+
}
|
package/package.json
CHANGED
|
@@ -30,6 +30,20 @@ export interface CreateFederationOptions {
|
|
|
30
30
|
* immediately.
|
|
31
31
|
*/
|
|
32
32
|
queue?: MessageQueue;
|
|
33
|
+
/**
|
|
34
|
+
* Whether to start the task queue manually or automatically.
|
|
35
|
+
*
|
|
36
|
+
* If `true`, the task queue will not start automatically and you need to
|
|
37
|
+
* manually start it by calling the {@link Federation.startQueue} method.
|
|
38
|
+
*
|
|
39
|
+
* If `false`, the task queue will start automatically as soon as
|
|
40
|
+
* the first task is enqueued.
|
|
41
|
+
*
|
|
42
|
+
* By default, the queue starts automatically.
|
|
43
|
+
*
|
|
44
|
+
* @since 0.12.0
|
|
45
|
+
*/
|
|
46
|
+
manuallyStartQueue?: boolean;
|
|
33
47
|
/**
|
|
34
48
|
* A custom JSON-LD document loader. By default, this uses the built-in
|
|
35
49
|
* cache-backed loader that fetches remote documents over HTTP(S).
|
|
@@ -171,6 +185,15 @@ export declare class Federation<TContextData> {
|
|
|
171
185
|
* @deprecated Use {@link createFederation} method instead.
|
|
172
186
|
*/
|
|
173
187
|
constructor(parameters: FederationParameters);
|
|
188
|
+
/**
|
|
189
|
+
* Manually start the task queue.
|
|
190
|
+
*
|
|
191
|
+
* This method is useful when you set the `manuallyStartQueue` option to
|
|
192
|
+
* `true` in the {@link createFederation} function.
|
|
193
|
+
* @param contextData The context data to pass to the context.
|
|
194
|
+
* @since 0.12.0
|
|
195
|
+
*/
|
|
196
|
+
startQueue(contextData: TContextData): Promise<void>;
|
|
174
197
|
/**
|
|
175
198
|
* Create a new context.
|
|
176
199
|
* @param baseUrl The base URL of the server. The `pathname` remains root,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/federation/middleware.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAG5C,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,cAAc,EAIpB,MAAM,yBAAyB,CAAC;AAIjC,OAAO,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EACL,QAAQ,EAER,KAAK,OAAO,EACZ,KAAK,IAAI,EAET,KAAK,MAAM,EACZ,MAAM,mBAAmB,CAAC;AAE3B,OAAO,KAAK,EACV,eAAe,EACf,sBAAsB,EACtB,uBAAuB,EACvB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,gBAAgB,EAChB,kBAAkB,EAClB,wBAAwB,EACzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAEV,OAAO,EAEP,cAAc,EACd,mBAAmB,EACpB,MAAM,cAAc,CAAC;AAStB,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAO5C,OAAO,EAAkC,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9E,OAAO,EAAgC,KAAK,aAAa,EAAE,MAAM,WAAW,CAAC;AAE7E;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAE3C;;;;OAIG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;;OAGG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;OAIG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;OAOG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,WAAW,CAAC;IAEhC;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,WAAW,CAAC;CAChC;AAED;;;GAGG;AACH,MAAM,WAAW,oBACf,SACE,IAAI,CAAC,uBAAuB,EAAE,mBAAmB,GAAG,kBAAkB,CAAC;IACzE;;;;;OAKG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;;OAIG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;;;OAMG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;;;;;;;;OAYG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC;IAE3B;;;OAGG;IACH,cAAc,EAAE,KAAK,CAAC;CACvB;AAID;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,YAAY,EAC3C,OAAO,EAAE,uBAAuB,GAC/B,UAAU,CAAC,YAAY,CAAC,CAM1B;AAID;;;;;;GAMG;AACH,qBAAa,UAAU,CAAC,YAAY;;
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/federation/middleware.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAG5C,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,cAAc,EAIpB,MAAM,yBAAyB,CAAC;AAIjC,OAAO,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EACL,QAAQ,EAER,KAAK,OAAO,EACZ,KAAK,IAAI,EAET,KAAK,MAAM,EACZ,MAAM,mBAAmB,CAAC;AAE3B,OAAO,KAAK,EACV,eAAe,EACf,sBAAsB,EACtB,uBAAuB,EACvB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,gBAAgB,EAChB,kBAAkB,EAClB,wBAAwB,EACzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAEV,OAAO,EAEP,cAAc,EACd,mBAAmB,EACpB,MAAM,cAAc,CAAC;AAStB,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAO5C,OAAO,EAAkC,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9E,OAAO,EAAgC,KAAK,aAAa,EAAE,MAAM,WAAW,CAAC;AAE7E;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAE3C;;;;OAIG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;;;;;;;;;;OAYG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAE7B;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;;OAGG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;OAIG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;OAOG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,WAAW,CAAC;IAEhC;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,WAAW,CAAC;CAChC;AAED;;;GAGG;AACH,MAAM,WAAW,oBACf,SACE,IAAI,CAAC,uBAAuB,EAAE,mBAAmB,GAAG,kBAAkB,CAAC;IACzE;;;;;OAKG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;;OAIG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;;;OAMG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;;;;;;;;OAYG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC;IAE3B;;;OAGG;IACH,cAAc,EAAE,KAAK,CAAC;CACvB;AAID;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,YAAY,EAC3C,OAAO,EAAE,uBAAuB,GAC/B,UAAU,CAAC,YAAY,CAAC,CAM1B;AAID;;;;;;GAMG;AACH,qBAAa,UAAU,CAAC,YAAY;;IAmClC;;;;OAIG;gBACS,UAAU,EAAE,oBAAoB;IA6Q5C;;;;;;;OAOG;IACH,UAAU,CAAC,WAAW,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAKpD;;;;;;OAMG;IACH,aAAa,CAAC,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;IAE7E;;;;;OAKG;IACH,aAAa,CACX,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE,YAAY,GACxB,cAAc,CAAC,YAAY,CAAC;IA8E/B;;;;;;;;;OASG;IACH,qBAAqB,CACnB,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,kBAAkB,CAAC,YAAY,CAAC;IAc9C;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,kBAAkB,CAChB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,eAAe,CAAC,YAAY,CAAC,GACxC,oBAAoB,CAAC,YAAY,CAAC;IAkNrC;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACrI,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACjH,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EAC7F,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACzE,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EAAE,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACzD,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EAAE,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACrC,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAiCvD;;;;;;;;;;;OAWG;IACH,kBAAkB,CAChB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,GAC7D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IA4ChD;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,mBAAmB,CACjB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,GAC7D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;OAUG;IACH,sBAAsB,CACpB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,KAAK,GAAG,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,GAChE,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;OAUG;IACH,sBAAsB,CACpB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAC9B,SAAS,EACT,YAAY,EACZ,GAAG,CACJ,GACA,yBAAyB,CAAC,YAAY,EAAE,GAAG,CAAC;IAuC/C;;;;;;;;;;;OAWG;IACH,kBAAkB,CAChB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,GACzD,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;;OAWG;IACH,qBAAqB,CACnB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,MAAM,EAAE,YAAY,EAAE,IAAI,CAAC,GAC3D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;;OAWG;IACH,yBAAyB,CACvB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,OAAO,EAAE,YAAY,EAAE,IAAI,CAAC,GAC5D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAoChD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACH,iBAAiB,CACf,SAAS,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EACvC,eAAe,CAAC,EAAE,MAAM,GACvB,oBAAoB,CAAC,YAAY,CAAC;IAoDrC;;;;;;;;;;OAUG;IACG,YAAY,CAChB,IAAI,EAAE,aAAa,EAAE,EACrB,UAAU,EAAE,SAAS,GAAG,SAAS,EAAE,EACnC,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,2BAA2B,CAAC,YAAY,CAAC,GACjD,OAAO,CAAC,IAAI,CAAC;IAgHhB;;;;;;;;;;;OAWG;IACG,KAAK,CACT,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,sBAAsB,CAAC,YAAY,CAAC,GAC5C,OAAO,CAAC,QAAQ,CAAC;CA2MrB;AAomBD;;;;;GAKG;AACH,MAAM,WAAW,sBAAsB,CAAC,YAAY;IAClD;;OAEG;IACH,WAAW,EAAE,YAAY,CAAC;IAE1B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEhE;;;;;OAKG;IACH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAErE;;;;;;OAMG;IACH,cAAc,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACrE;AAQD;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,oBAAoB,CAAC,YAAY;IAChD;;;;;OAKG;IACH,qBAAqB,CACnB,UAAU,EAAE,uBAAuB,CAAC,YAAY,CAAC,GAChD,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;;;OAOG;IACH,oBAAoB,CAClB,UAAU,EAAE,sBAAsB,CAAC,YAAY,CAAC,GAC/C,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,kBAAkB,CAAC,YAAY,CAAC,GAC1C,oBAAoB,CAAC,YAAY,CAAC,CAAC;CACvC;AAQD;;GAEG;AACH,MAAM,WAAW,qBAAqB,CACpC,YAAY,EACZ,OAAO,SAAS,MAAM,EACtB,MAAM,SAAS,MAAM;IAErB;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,wBAAwB,CAAC,YAAY,EAAE,MAAM,CAAC,GACxD,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;CACzD;AAED;;;;;GAKG;AACH,MAAM,WAAW,yBAAyB,CAAC,YAAY,EAAE,OAAO;IAC9D;;;;OAIG;IACH,UAAU,CACR,OAAO,EAAE,iBAAiB,CAAC,YAAY,EAAE,OAAO,CAAC,GAChD,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;OAIG;IACH,cAAc,CACZ,MAAM,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,GAC9C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;OAIG;IACH,aAAa,CACX,MAAM,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,GAC9C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,kBAAkB,CAAC,YAAY,CAAC,GAC1C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;CACrD;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB,CAAC,YAAY;IAChD;;;;;;OAMG;IACH,EAAE,CAAC,SAAS,SAAS,QAAQ,EAE3B,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,SAAS,EACvC,QAAQ,EAAE,aAAa,CAAC,YAAY,EAAE,SAAS,CAAC,GAC/C,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;;OAMG;IACH,OAAO,CACL,OAAO,EAAE,iBAAiB,CAAC,YAAY,CAAC,GACvC,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;;;;OAQG;IACH,sBAAsB,CACpB,UAAU,EAAE,wBAAwB,CAAC,YAAY,CAAC,GACjD,oBAAoB,CAAC,YAAY,CAAC,CAAC;CACvC;AAED,UAAU,2BAA2B,CAAC,YAAY,CAChD,SAAQ,mBAAmB;IAC3B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,EAAE,YAAY,CAAC;CAC3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"docloader.d.ts","sourceRoot":"","sources":["../../src/runtime/docloader.ts"],"names":[],"mappings":";AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAE5C,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"docloader.d.ts","sourceRoot":"","sources":["../../src/runtime/docloader.ts"],"names":[],"mappings":";AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAE5C,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAQ1D;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;AAEtE;;;;;;;;GAQG;AACH,MAAM,MAAM,kCAAkC,GAAG,CAC/C,QAAQ,EAAE;IAAE,KAAK,EAAE,GAAG,CAAC;IAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAA;CAAE,KACpD,cAAc,CAAC;AAEpB;;GAEG;AACH,qBAAa,UAAW,SAAQ,KAAK;IACnC;;OAEG;IACH,GAAG,EAAE,GAAG,CAAC;IAET;;;;;OAKG;gBACS,GAAG,EAAE,GAAG,GAAG,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM;CAKhD;AAwDD;;;;;;;;;;;;GAYG;AACH,wBAAsB,mBAAmB,CACvC,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,cAAc,CAAC,CA0BzB;AAED;;;;;;;;;GASG;AACH,wBAAgB,8BAA8B,CAC5C,QAAQ,EAAE;IAAE,KAAK,EAAE,GAAG,CAAC;IAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAA;CAAE,GACtD,cAAc,CAuBhB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,MAAM,CAAC,EAAE,KAAK,CAAC;IAEf;;;;;;;OAOG;IACH,KAAK,CAAC,EAAE,CAAC,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;CAC1E;AAED;;;;GAIG;AACH,wBAAgB,OAAO,CACrB,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,iBAAiB,GAC/C,cAAc,CA2ChB"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export declare class UrlError extends Error {
|
|
2
|
+
constructor(message: string);
|
|
3
|
+
}
|
|
4
|
+
/**
|
|
5
|
+
* Validates a URL to prevent SSRF attacks.
|
|
6
|
+
*/
|
|
7
|
+
export declare function validatePublicUrl(url: string): Promise<void>;
|
|
8
|
+
export declare function isValidPublicIPv4Address(address: string): boolean;
|
|
9
|
+
export declare function isValidPublicIPv6Address(address: string): boolean;
|
|
10
|
+
export declare function expandIPv6Address(address: string): string;
|
|
11
|
+
//# sourceMappingURL=url.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"url.d.ts","sourceRoot":"","sources":["../../src/runtime/url.ts"],"names":[],"mappings":"AAIA,qBAAa,QAAS,SAAQ,KAAK;gBACrB,OAAO,EAAE,MAAM;CAI5B;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA2BlE;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CASjE;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,WASvD;AAED,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAWzD"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"url.test.d.ts","sourceRoot":"","sources":["../../src/runtime/url.test.ts"],"names":[],"mappings":"AAAA,OAAO,2BAA2B,CAAC"}
|