@fedify/fedify 0.12.0-dev.267 → 0.12.0-dev.273
Sign up to get free protection for your applications and to get access to all the features.
- package/CHANGES.md +64 -0
- package/esm/federation/middleware.js +17 -2
- package/esm/runtime/docloader.js +3 -0
- package/esm/runtime/url.js +75 -0
- package/package.json +1 -1
- package/types/federation/middleware.d.ts +23 -0
- package/types/federation/middleware.d.ts.map +1 -1
- package/types/runtime/docloader.d.ts.map +1 -1
- package/types/runtime/url.d.ts +11 -0
- package/types/runtime/url.d.ts.map +1 -0
- package/types/runtime/url.test.d.ts.map +1 -0
package/CHANGES.md
CHANGED
|
@@ -31,6 +31,13 @@ To be released.
|
|
|
31
31
|
- Added `createExponentialBackoffPolicy()` function.
|
|
32
32
|
- Added `CreateExponentialBackoffPolicyOptions` interface.
|
|
33
33
|
|
|
34
|
+
- `Federation` object now allows its task queue to be started manually.
|
|
35
|
+
[[#53]]
|
|
36
|
+
|
|
37
|
+
- Added `manuallyStartQueue` option to `CreateFederationOptions`
|
|
38
|
+
interface.
|
|
39
|
+
- Added `Federation.startQueue()` method.
|
|
40
|
+
|
|
34
41
|
- Added `ChatMessage` class to Activity Vocabulary API. [[#85]]
|
|
35
42
|
|
|
36
43
|
- Improved multitenancy (virtual hosting) support. [[#66]]
|
|
@@ -47,16 +54,41 @@ To be released.
|
|
|
47
54
|
- The last parameter of `Federation.sendActivity()` method is no longer
|
|
48
55
|
optional. Also, it now takes the required `contextData` option.
|
|
49
56
|
|
|
57
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
58
|
+
[[CVE-2024-39687]]
|
|
59
|
+
|
|
60
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
61
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
62
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
63
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
64
|
+
URL or refers to a private network address.
|
|
65
|
+
|
|
50
66
|
- Added more log messages using the [LogTape] library. Currently the below
|
|
51
67
|
logger categories are used:
|
|
52
68
|
|
|
53
69
|
- `["fedify", "federation", "queue"]`
|
|
54
70
|
|
|
71
|
+
[#53]: https://github.com/dahlia/fedify/issues/53
|
|
55
72
|
[#66]: https://github.com/dahlia/fedify/issues/66
|
|
56
73
|
[#70]: https://github.com/dahlia/fedify/issues/70
|
|
57
74
|
[#85]: https://github.com/dahlia/fedify/issues/85
|
|
58
75
|
|
|
59
76
|
|
|
77
|
+
Version 0.11.1
|
|
78
|
+
--------------
|
|
79
|
+
|
|
80
|
+
Released on July 5, 2024.
|
|
81
|
+
|
|
82
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
83
|
+
[[CVE-2024-39687]]
|
|
84
|
+
|
|
85
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
86
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
87
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
88
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
89
|
+
URL or refers to a private network address.
|
|
90
|
+
|
|
91
|
+
|
|
60
92
|
Version 0.11.0
|
|
61
93
|
--------------
|
|
62
94
|
|
|
@@ -240,6 +272,21 @@ Released on June 29, 2024.
|
|
|
240
272
|
[#80]: https://github.com/dahlia/fedify/pull/80
|
|
241
273
|
|
|
242
274
|
|
|
275
|
+
Version 0.10.1
|
|
276
|
+
--------------
|
|
277
|
+
|
|
278
|
+
Released on July 5, 2024.
|
|
279
|
+
|
|
280
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
281
|
+
[[CVE-2024-39687]]
|
|
282
|
+
|
|
283
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
284
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
285
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
286
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
287
|
+
URL or refers to a private network address.
|
|
288
|
+
|
|
289
|
+
|
|
243
290
|
Version 0.10.0
|
|
244
291
|
--------------
|
|
245
292
|
|
|
@@ -401,6 +448,23 @@ is now distributed under the [MIT License] to encourage wider adoption.
|
|
|
401
448
|
[x-forwarded-fetch]: https://github.com/dahlia/x-forwarded-fetch
|
|
402
449
|
|
|
403
450
|
|
|
451
|
+
Version 0.9.2
|
|
452
|
+
-------------
|
|
453
|
+
|
|
454
|
+
Released on July 5, 2024.
|
|
455
|
+
|
|
456
|
+
- Fixed a SSRF vulnerability in the built-in document loader.
|
|
457
|
+
[[CVE-2024-39687]]
|
|
458
|
+
|
|
459
|
+
- The `fetchDocumentLoader()` function now throws an error when the given
|
|
460
|
+
URL is not an HTTP or HTTPS URL or refers to a private network address.
|
|
461
|
+
- The `getAuthenticatedDocumentLoader()` function now returns a document
|
|
462
|
+
loader that throws an error when the given URL is not an HTTP or HTTPS
|
|
463
|
+
URL or refers to a private network address.
|
|
464
|
+
|
|
465
|
+
[CVE-2024-39687]: https://github.com/dahlia/fedify/security/advisories/GHSA-p9cg-vqcc-grcx
|
|
466
|
+
|
|
467
|
+
|
|
404
468
|
Version 0.9.1
|
|
405
469
|
-------------
|
|
406
470
|
|
|
@@ -40,6 +40,7 @@ export class Federation {
|
|
|
40
40
|
#kvPrefixes;
|
|
41
41
|
#queue;
|
|
42
42
|
#queueStarted;
|
|
43
|
+
#manuallyStartQueue;
|
|
43
44
|
#router;
|
|
44
45
|
#nodeInfoDispatcher;
|
|
45
46
|
#actorCallbacks;
|
|
@@ -87,6 +88,7 @@ export class Federation {
|
|
|
87
88
|
};
|
|
88
89
|
this.#queue = options.queue;
|
|
89
90
|
this.#queueStarted = false;
|
|
91
|
+
this.#manuallyStartQueue = options.manuallyStartQueue ?? false;
|
|
90
92
|
this.#router = new Router();
|
|
91
93
|
this.#router.add("/.well-known/webfinger", "webfinger");
|
|
92
94
|
this.#router.add("/.well-known/nodeinfo", "nodeInfoJrd");
|
|
@@ -291,6 +293,18 @@ export class Federation {
|
|
|
291
293
|
}
|
|
292
294
|
logger.info("Activity {activityId} has been processed.", { activityId: activity.id?.href, activity: message.activity });
|
|
293
295
|
}
|
|
296
|
+
/**
|
|
297
|
+
* Manually start the task queue.
|
|
298
|
+
*
|
|
299
|
+
* This method is useful when you set the `manuallyStartQueue` option to
|
|
300
|
+
* `true` in the {@link createFederation} function.
|
|
301
|
+
* @param contextData The context data to pass to the context.
|
|
302
|
+
* @since 0.12.0
|
|
303
|
+
*/
|
|
304
|
+
startQueue(contextData) {
|
|
305
|
+
this.#startQueue(contextData);
|
|
306
|
+
return Promise.resolve();
|
|
307
|
+
}
|
|
294
308
|
createContext(urlOrRequest, contextData) {
|
|
295
309
|
return urlOrRequest instanceof Request
|
|
296
310
|
? this.#createContext(urlOrRequest, contextData)
|
|
@@ -982,7 +996,8 @@ export class Federation {
|
|
|
982
996
|
logger.error("Activity {activityId} to send does not have an actor.", { activity, activityId: activity?.id?.href });
|
|
983
997
|
throw new TypeError("The activity to send must have at least one actor property.");
|
|
984
998
|
}
|
|
985
|
-
this.#
|
|
999
|
+
if (!this.#manuallyStartQueue)
|
|
1000
|
+
this.#startQueue(contextData);
|
|
986
1001
|
if (activity.id == null) {
|
|
987
1002
|
activity = activity.clone({
|
|
988
1003
|
id: new URL(`urn:uuid:${dntShim.crypto.randomUUID()}`),
|
|
@@ -1173,7 +1188,7 @@ export class Federation {
|
|
|
1173
1188
|
});
|
|
1174
1189
|
}
|
|
1175
1190
|
}
|
|
1176
|
-
if (this.#
|
|
1191
|
+
if (!this.#manuallyStartQueue)
|
|
1177
1192
|
this.#startQueue(contextData);
|
|
1178
1193
|
return await handleInbox(request, {
|
|
1179
1194
|
handle: route.values.handle ?? null,
|
package/esm/runtime/docloader.js
CHANGED
|
@@ -3,6 +3,7 @@ import { getLogger } from "@logtape/logtape";
|
|
|
3
3
|
import { signRequest } from "../sig/http.js";
|
|
4
4
|
import { validateCryptoKey } from "../sig/key.js";
|
|
5
5
|
import preloadedContexts from "./contexts.js";
|
|
6
|
+
import { validatePublicUrl } from "./url.js";
|
|
6
7
|
const logger = getLogger(["fedify", "runtime", "docloader"]);
|
|
7
8
|
/**
|
|
8
9
|
* Error thrown when fetching a JSON-LD document failed.
|
|
@@ -82,6 +83,7 @@ export async function fetchDocumentLoader(url) {
|
|
|
82
83
|
documentUrl: url,
|
|
83
84
|
};
|
|
84
85
|
}
|
|
86
|
+
await validatePublicUrl(url);
|
|
85
87
|
const request = createRequest(url);
|
|
86
88
|
logRequest(request);
|
|
87
89
|
const response = await fetch(request, {
|
|
@@ -110,6 +112,7 @@ export async function fetchDocumentLoader(url) {
|
|
|
110
112
|
export function getAuthenticatedDocumentLoader(identity) {
|
|
111
113
|
validateCryptoKey(identity.privateKey);
|
|
112
114
|
async function load(url) {
|
|
115
|
+
await validatePublicUrl(url);
|
|
113
116
|
let request = createRequest(url);
|
|
114
117
|
request = await signRequest(request, identity.privateKey, identity.keyId);
|
|
115
118
|
logRequest(request);
|
|
@@ -0,0 +1,75 @@
|
|
|
1
|
+
import * as dntShim from "../_dnt.shims.js";
|
|
2
|
+
import { lookup } from "node:dns/promises";
|
|
3
|
+
import { isIP } from "node:net";
|
|
4
|
+
export class UrlError extends Error {
|
|
5
|
+
constructor(message) {
|
|
6
|
+
super(message);
|
|
7
|
+
this.name = "UrlError";
|
|
8
|
+
}
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Validates a URL to prevent SSRF attacks.
|
|
12
|
+
*/
|
|
13
|
+
export async function validatePublicUrl(url) {
|
|
14
|
+
const parsed = new URL(url);
|
|
15
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") {
|
|
16
|
+
throw new UrlError(`Unsupported protocol: ${parsed.protocol}`);
|
|
17
|
+
}
|
|
18
|
+
let hostname = parsed.hostname;
|
|
19
|
+
if (hostname.startsWith("[") && hostname.endsWith("]")) {
|
|
20
|
+
hostname = hostname.substring(1, hostname.length - 2);
|
|
21
|
+
}
|
|
22
|
+
if (hostname === "localhost") {
|
|
23
|
+
throw new UrlError("Localhost is not allowed");
|
|
24
|
+
}
|
|
25
|
+
if ("Deno" in dntShim.dntGlobalThis && !isIP(hostname)) {
|
|
26
|
+
// If the `net` permission is not granted, we can't resolve the hostname.
|
|
27
|
+
// However, we can safely assume that it cannot gain access to private
|
|
28
|
+
// resources.
|
|
29
|
+
const netPermission = await dntShim.Deno.permissions.query({ name: "net" });
|
|
30
|
+
if (netPermission.state !== "granted")
|
|
31
|
+
return;
|
|
32
|
+
}
|
|
33
|
+
const { address, family } = await lookup(hostname);
|
|
34
|
+
if (family === 4 && !isValidPublicIPv4Address(address) ||
|
|
35
|
+
family === 6 && !isValidPublicIPv6Address(address) ||
|
|
36
|
+
family < 4 || family === 5 || family > 6) {
|
|
37
|
+
throw new UrlError(`Invalid or private address: ${address}`);
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
export function isValidPublicIPv4Address(address) {
|
|
41
|
+
const parts = address.split(".");
|
|
42
|
+
const first = parseInt(parts[0]);
|
|
43
|
+
if (first === 0 || first === 10 || first === 127)
|
|
44
|
+
return false;
|
|
45
|
+
const second = parseInt(parts[1]);
|
|
46
|
+
if (first === 169 && second === 254)
|
|
47
|
+
return false;
|
|
48
|
+
if (first === 172 && second >= 16 && second <= 31)
|
|
49
|
+
return false;
|
|
50
|
+
if (first === 192 && second === 168)
|
|
51
|
+
return false;
|
|
52
|
+
return true;
|
|
53
|
+
}
|
|
54
|
+
export function isValidPublicIPv6Address(address) {
|
|
55
|
+
address = expandIPv6Address(address);
|
|
56
|
+
if (address.at(4) !== ":")
|
|
57
|
+
return false;
|
|
58
|
+
const firstWord = parseInt(address.substring(0, 4), 16);
|
|
59
|
+
return !((firstWord >= 0xfc00 && firstWord <= 0xfdff) || // ULA
|
|
60
|
+
(firstWord >= 0xfe80 && firstWord <= 0xfebf) || // Link-local
|
|
61
|
+
firstWord === 0 || firstWord >= 0xff00 // Multicast
|
|
62
|
+
);
|
|
63
|
+
}
|
|
64
|
+
export function expandIPv6Address(address) {
|
|
65
|
+
address = address.toLowerCase();
|
|
66
|
+
if (address === "::")
|
|
67
|
+
return "0000:0000:0000:0000:0000:0000:0000:0000";
|
|
68
|
+
if (address.startsWith("::"))
|
|
69
|
+
address = "0000" + address;
|
|
70
|
+
if (address.endsWith("::"))
|
|
71
|
+
address = address + "0000";
|
|
72
|
+
address = address.replace("::", ":0000".repeat(8 - (address.match(/:/g) || []).length) + ":");
|
|
73
|
+
const parts = address.split(":");
|
|
74
|
+
return parts.map((part) => part.padStart(4, "0")).join(":");
|
|
75
|
+
}
|
package/package.json
CHANGED
|
@@ -30,6 +30,20 @@ export interface CreateFederationOptions {
|
|
|
30
30
|
* immediately.
|
|
31
31
|
*/
|
|
32
32
|
queue?: MessageQueue;
|
|
33
|
+
/**
|
|
34
|
+
* Whether to start the task queue manually or automatically.
|
|
35
|
+
*
|
|
36
|
+
* If `true`, the task queue will not start automatically and you need to
|
|
37
|
+
* manually start it by calling the {@link Federation.startQueue} method.
|
|
38
|
+
*
|
|
39
|
+
* If `false`, the task queue will start automatically as soon as
|
|
40
|
+
* the first task is enqueued.
|
|
41
|
+
*
|
|
42
|
+
* By default, the queue starts automatically.
|
|
43
|
+
*
|
|
44
|
+
* @since 0.12.0
|
|
45
|
+
*/
|
|
46
|
+
manuallyStartQueue?: boolean;
|
|
33
47
|
/**
|
|
34
48
|
* A custom JSON-LD document loader. By default, this uses the built-in
|
|
35
49
|
* cache-backed loader that fetches remote documents over HTTP(S).
|
|
@@ -171,6 +185,15 @@ export declare class Federation<TContextData> {
|
|
|
171
185
|
* @deprecated Use {@link createFederation} method instead.
|
|
172
186
|
*/
|
|
173
187
|
constructor(parameters: FederationParameters);
|
|
188
|
+
/**
|
|
189
|
+
* Manually start the task queue.
|
|
190
|
+
*
|
|
191
|
+
* This method is useful when you set the `manuallyStartQueue` option to
|
|
192
|
+
* `true` in the {@link createFederation} function.
|
|
193
|
+
* @param contextData The context data to pass to the context.
|
|
194
|
+
* @since 0.12.0
|
|
195
|
+
*/
|
|
196
|
+
startQueue(contextData: TContextData): Promise<void>;
|
|
174
197
|
/**
|
|
175
198
|
* Create a new context.
|
|
176
199
|
* @param baseUrl The base URL of the server. The `pathname` remains root,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/federation/middleware.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAG5C,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,cAAc,EAIpB,MAAM,yBAAyB,CAAC;AAIjC,OAAO,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EACL,QAAQ,EAER,KAAK,OAAO,EACZ,KAAK,IAAI,EAET,KAAK,MAAM,EACZ,MAAM,mBAAmB,CAAC;AAE3B,OAAO,KAAK,EACV,eAAe,EACf,sBAAsB,EACtB,uBAAuB,EACvB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,gBAAgB,EAChB,kBAAkB,EAClB,wBAAwB,EACzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAEV,OAAO,EAEP,cAAc,EACd,mBAAmB,EACpB,MAAM,cAAc,CAAC;AAStB,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAO5C,OAAO,EAAkC,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9E,OAAO,EAAgC,KAAK,aAAa,EAAE,MAAM,WAAW,CAAC;AAE7E;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAE3C;;;;OAIG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;;OAGG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;OAIG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;OAOG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,WAAW,CAAC;IAEhC;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,WAAW,CAAC;CAChC;AAED;;;GAGG;AACH,MAAM,WAAW,oBACf,SACE,IAAI,CAAC,uBAAuB,EAAE,mBAAmB,GAAG,kBAAkB,CAAC;IACzE;;;;;OAKG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;;OAIG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;;;OAMG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;;;;;;;;OAYG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC;IAE3B;;;OAGG;IACH,cAAc,EAAE,KAAK,CAAC;CACvB;AAID;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,YAAY,EAC3C,OAAO,EAAE,uBAAuB,GAC/B,UAAU,CAAC,YAAY,CAAC,CAM1B;AAID;;;;;;GAMG;AACH,qBAAa,UAAU,CAAC,YAAY;;
|
|
1
|
+
{"version":3,"file":"middleware.d.ts","sourceRoot":"","sources":["../../src/federation/middleware.ts"],"names":[],"mappings":";;AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAG5C,OAAO,EACL,KAAK,kCAAkC,EACvC,KAAK,cAAc,EAIpB,MAAM,yBAAyB,CAAC;AAIjC,OAAO,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,EACL,QAAQ,EAER,KAAK,OAAO,EACZ,KAAK,IAAI,EAET,KAAK,MAAM,EACZ,MAAM,mBAAmB,CAAC;AAE3B,OAAO,KAAK,EACV,eAAe,EACf,sBAAsB,EACtB,uBAAuB,EACvB,kBAAkB,EAClB,iBAAiB,EACjB,gBAAgB,EAChB,oBAAoB,EACpB,iBAAiB,EACjB,aAAa,EACb,kBAAkB,EAClB,wBAAwB,EACxB,gBAAgB,EAChB,kBAAkB,EAClB,wBAAwB,EACzB,MAAM,eAAe,CAAC;AAEvB,OAAO,KAAK,EAEV,OAAO,EAEP,cAAc,EACd,mBAAmB,EACpB,MAAM,cAAc,CAAC;AAStB,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAC9C,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAO5C,OAAO,EAAkC,KAAK,WAAW,EAAE,MAAM,YAAY,CAAC;AAE9E,OAAO,EAAgC,KAAK,aAAa,EAAE,MAAM,WAAW,CAAC;AAE7E;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,CAAC;IAE3C;;;;OAIG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;;;;;;;;;;OAYG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAE7B;;;OAGG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAEhC;;;OAGG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;OAIG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;OAOG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;OAKG;IACH,iBAAiB,CAAC,EAAE,WAAW,CAAC;IAEhC;;;;;OAKG;IACH,gBAAgB,CAAC,EAAE,WAAW,CAAC;CAChC;AAED;;;GAGG;AACH,MAAM,WAAW,oBACf,SACE,IAAI,CAAC,uBAAuB,EAAE,mBAAmB,GAAG,kBAAkB,CAAC;IACzE;;;;;OAKG;IACH,KAAK,CAAC,EAAE,YAAY,CAAC;IAErB;;;;OAIG;IACH,aAAa,CAAC,EAAE,cAAc,CAAC;IAE/B;;;;;;OAMG;IACH,kCAAkC,CAAC,EAAE,kCAAkC,CAAC;IAExE;;;;;;;;;OASG;IACH,aAAa,CAAC,EAAE,kBAAkB,CAAC;IAEnC;;;;OAIG;IACH,mBAAmB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;IAEpD;;;;;;;;;;;;OAYG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,mBAAmB,EAAE,KAAK,CAAC;IAE3B;;;OAGG;IACH,cAAc,EAAE,KAAK,CAAC;CACvB;AAID;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,YAAY,EAC3C,OAAO,EAAE,uBAAuB,GAC/B,UAAU,CAAC,YAAY,CAAC,CAM1B;AAID;;;;;;GAMG;AACH,qBAAa,UAAU,CAAC,YAAY;;IAmClC;;;;OAIG;gBACS,UAAU,EAAE,oBAAoB;IA6Q5C;;;;;;;OAOG;IACH,UAAU,CAAC,WAAW,EAAE,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC;IAKpD;;;;;;OAMG;IACH,aAAa,CAAC,OAAO,EAAE,GAAG,EAAE,WAAW,EAAE,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC;IAE7E;;;;;OAKG;IACH,aAAa,CACX,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE,YAAY,GACxB,cAAc,CAAC,YAAY,CAAC;IA8E/B;;;;;;;;;OASG;IACH,qBAAqB,CACnB,IAAI,EAAE,MAAM,EACZ,UAAU,EAAE,kBAAkB,CAAC,YAAY,CAAC;IAc9C;;;;;;;;;;;;;;;;;;;;;;;;OAwBG;IACH,kBAAkB,CAChB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,eAAe,CAAC,YAAY,CAAC,GACxC,oBAAoB,CAAC,YAAY,CAAC;IAkNrC;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACrI,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACjH,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EAC7F,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EACF,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACzE,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EAAE,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACzD,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAEvD;;;;;;;;;;;;;OAaG;IACH,mBAAmB,CAAC,OAAO,SAAS,MAAM,EAAE,MAAM,SAAS,MAAM,EAE/D,GAAG,EAAE,CAAC,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,OAAO,CAAC,GAAG;QAAE,MAAM,EAAE,GAAG,CAAA;KAAE,EACxD,IAAI,EAAE,GAAG,MAAM,IAAI,MAAM,IAAI,MAAM,EAAE,EACrC,UAAU,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,GAC1D,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC;IAiCvD;;;;;;;;;;;OAWG;IACH,kBAAkB,CAChB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,GAC7D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IA4ChD;;;;;;;;;;;;;;;;;;;;;;OAsBG;IACH,mBAAmB,CACjB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,CAAC,GAC7D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;OAUG;IACH,sBAAsB,CACpB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,KAAK,GAAG,GAAG,EAAE,YAAY,EAAE,IAAI,CAAC,GAChE,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;OAUG;IACH,sBAAsB,CACpB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAC9B,SAAS,EACT,YAAY,EACZ,GAAG,CACJ,GACA,yBAAyB,CAAC,YAAY,EAAE,GAAG,CAAC;IAuC/C;;;;;;;;;;;OAWG;IACH,kBAAkB,CAChB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,IAAI,EAAE,YAAY,EAAE,IAAI,CAAC,GACzD,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;;OAWG;IACH,qBAAqB,CACnB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,MAAM,EAAE,YAAY,EAAE,IAAI,CAAC,GAC3D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAmChD;;;;;;;;;;;OAWG;IACH,yBAAyB,CACvB,IAAI,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EAClC,UAAU,EAAE,oBAAoB,CAAC,OAAO,EAAE,YAAY,EAAE,IAAI,CAAC,GAC5D,yBAAyB,CAAC,YAAY,EAAE,IAAI,CAAC;IAoChD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA6BG;IACH,iBAAiB,CACf,SAAS,EAAE,GAAG,MAAM,WAAW,MAAM,EAAE,EACvC,eAAe,CAAC,EAAE,MAAM,GACvB,oBAAoB,CAAC,YAAY,CAAC;IAoDrC;;;;;;;;;;OAUG;IACG,YAAY,CAChB,IAAI,EAAE,aAAa,EAAE,EACrB,UAAU,EAAE,SAAS,GAAG,SAAS,EAAE,EACnC,QAAQ,EAAE,QAAQ,EAClB,OAAO,EAAE,2BAA2B,CAAC,YAAY,CAAC,GACjD,OAAO,CAAC,IAAI,CAAC;IAgHhB;;;;;;;;;;;OAWG;IACG,KAAK,CACT,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,sBAAsB,CAAC,YAAY,CAAC,GAC5C,OAAO,CAAC,QAAQ,CAAC;CA2MrB;AAomBD;;;;;GAKG;AACH,MAAM,WAAW,sBAAsB,CAAC,YAAY;IAClD;;OAEG;IACH,WAAW,EAAE,YAAY,CAAC;IAE1B;;;;;OAKG;IACH,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEhE;;;;;OAKG;IACH,eAAe,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAErE;;;;;;OAMG;IACH,cAAc,CAAC,EAAE,CAAC,OAAO,EAAE,OAAO,KAAK,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;CACrE;AAQD;;;;;;;;;;;;GAYG;AACH,MAAM,WAAW,oBAAoB,CAAC,YAAY;IAChD;;;;;OAKG;IACH,qBAAqB,CACnB,UAAU,EAAE,uBAAuB,CAAC,YAAY,CAAC,GAChD,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;;;OAOG;IACH,oBAAoB,CAClB,UAAU,EAAE,sBAAsB,CAAC,YAAY,CAAC,GAC/C,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,kBAAkB,CAAC,YAAY,CAAC,GAC1C,oBAAoB,CAAC,YAAY,CAAC,CAAC;CACvC;AAQD;;GAEG;AACH,MAAM,WAAW,qBAAqB,CACpC,YAAY,EACZ,OAAO,SAAS,MAAM,EACtB,MAAM,SAAS,MAAM;IAErB;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,wBAAwB,CAAC,YAAY,EAAE,MAAM,CAAC,GACxD,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;CACzD;AAED;;;;;GAKG;AACH,MAAM,WAAW,yBAAyB,CAAC,YAAY,EAAE,OAAO;IAC9D;;;;OAIG;IACH,UAAU,CACR,OAAO,EAAE,iBAAiB,CAAC,YAAY,EAAE,OAAO,CAAC,GAChD,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;OAIG;IACH,cAAc,CACZ,MAAM,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,GAC9C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;OAIG;IACH,aAAa,CACX,MAAM,EAAE,gBAAgB,CAAC,YAAY,EAAE,OAAO,CAAC,GAC9C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEpD;;;;;OAKG;IACH,SAAS,CACP,SAAS,EAAE,kBAAkB,CAAC,YAAY,CAAC,GAC1C,yBAAyB,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;CACrD;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB,CAAC,YAAY;IAChD;;;;;;OAMG;IACH,EAAE,CAAC,SAAS,SAAS,QAAQ,EAE3B,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,GAAG,EAAE,KAAK,SAAS,EACvC,QAAQ,EAAE,aAAa,CAAC,YAAY,EAAE,SAAS,CAAC,GAC/C,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;;OAMG;IACH,OAAO,CACL,OAAO,EAAE,iBAAiB,CAAC,YAAY,CAAC,GACvC,oBAAoB,CAAC,YAAY,CAAC,CAAC;IAEtC;;;;;;;;OAQG;IACH,sBAAsB,CACpB,UAAU,EAAE,wBAAwB,CAAC,YAAY,CAAC,GACjD,oBAAoB,CAAC,YAAY,CAAC,CAAC;CACvC;AAED,UAAU,2BAA2B,CAAC,YAAY,CAChD,SAAQ,mBAAmB;IAC3B,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,EAAE,YAAY,CAAC;CAC3B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"docloader.d.ts","sourceRoot":"","sources":["../../src/runtime/docloader.ts"],"names":[],"mappings":";AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAE5C,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"docloader.d.ts","sourceRoot":"","sources":["../../src/runtime/docloader.ts"],"names":[],"mappings":";AAAA,OAAO,KAAK,OAAO,MAAM,kBAAkB,CAAC;AAE5C,OAAO,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAQ1D;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,MAAM,cAAc,GAAG,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,cAAc,CAAC,CAAC;AAEtE;;;;;;;;GAQG;AACH,MAAM,MAAM,kCAAkC,GAAG,CAC/C,QAAQ,EAAE;IAAE,KAAK,EAAE,GAAG,CAAC;IAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAA;CAAE,KACpD,cAAc,CAAC;AAEpB;;GAEG;AACH,qBAAa,UAAW,SAAQ,KAAK;IACnC;;OAEG;IACH,GAAG,EAAE,GAAG,CAAC;IAET;;;;;OAKG;gBACS,GAAG,EAAE,GAAG,GAAG,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM;CAKhD;AAwDD;;;;;;;;;;;;GAYG;AACH,wBAAsB,mBAAmB,CACvC,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,cAAc,CAAC,CA0BzB;AAED;;;;;;;;;GASG;AACH,wBAAgB,8BAA8B,CAC5C,QAAQ,EAAE;IAAE,KAAK,EAAE,GAAG,CAAC;IAAC,UAAU,EAAE,OAAO,CAAC,SAAS,CAAA;CAAE,GACtD,cAAc,CAuBhB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,EAAE,EAAE,OAAO,CAAC;IAEZ;;;OAGG;IACH,MAAM,CAAC,EAAE,KAAK,CAAC;IAEf;;;;;;;OAOG;IACH,KAAK,CAAC,EAAE,CAAC,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;CAC1E;AAED;;;;GAIG;AACH,wBAAgB,OAAO,CACrB,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,iBAAiB,GAC/C,cAAc,CA2ChB"}
|
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
export declare class UrlError extends Error {
|
|
2
|
+
constructor(message: string);
|
|
3
|
+
}
|
|
4
|
+
/**
|
|
5
|
+
* Validates a URL to prevent SSRF attacks.
|
|
6
|
+
*/
|
|
7
|
+
export declare function validatePublicUrl(url: string): Promise<void>;
|
|
8
|
+
export declare function isValidPublicIPv4Address(address: string): boolean;
|
|
9
|
+
export declare function isValidPublicIPv6Address(address: string): boolean;
|
|
10
|
+
export declare function expandIPv6Address(address: string): string;
|
|
11
|
+
//# sourceMappingURL=url.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"url.d.ts","sourceRoot":"","sources":["../../src/runtime/url.ts"],"names":[],"mappings":"AAIA,qBAAa,QAAS,SAAQ,KAAK;gBACrB,OAAO,EAAE,MAAM;CAI5B;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA2BlE;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CASjE;AAED,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,WASvD;AAED,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAWzD"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"url.test.d.ts","sourceRoot":"","sources":["../../src/runtime/url.test.ts"],"names":[],"mappings":"AAAA,OAAO,2BAA2B,CAAC"}
|