@fedify/vocab-runtime 2.4.0-dev.1567 → 2.4.0-dev.1570
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/deno.json +1 -2
- package/dist/mod.cjs +190 -178
- package/dist/mod.d.cts +190 -59
- package/dist/mod.d.ts +190 -59
- package/dist/mod.js +184 -165
- package/dist/tests/decimal.test.cjs +3 -3
- package/dist/tests/decimal.test.mjs +3 -3
- package/dist/tests/{docloader-D61oV0K1.mjs → docloader-C76ldE5C.mjs} +10 -97
- package/dist/tests/{docloader-BcaQHb0Q.cjs → docloader-mvgIWKI7.cjs} +9 -102
- package/dist/tests/docloader.test.cjs +6 -58
- package/dist/tests/docloader.test.mjs +6 -58
- package/dist/tests/{key-CDGDH_vC.mjs → key-CrrK9mYh.mjs} +1 -69
- package/dist/tests/{key-_wXwomh_.cjs → key-pMmqUKuo.cjs} +0 -86
- package/dist/tests/key.test.cjs +1 -48
- package/dist/tests/key.test.mjs +1 -48
- package/dist/tests/{request-Cn0vP7Hj.mjs → request-BEXkv1ul.mjs} +1 -1
- package/dist/tests/{request-DnNWah97.cjs → request-SworbvLc.cjs} +1 -1
- package/dist/tests/request.test.cjs +1 -1
- package/dist/tests/request.test.mjs +1 -1
- package/dist/tests/{url-2XwVbUS_.cjs → url-C20FhC7p.cjs} +0 -108
- package/dist/tests/{url-YWJbnRlf.mjs → url-m9Qzxy-Y.mjs} +1 -85
- package/dist/tests/url.test.cjs +1 -104
- package/dist/tests/url.test.mjs +2 -105
- package/package.json +1 -11
- package/src/contexts.ts +0 -2
- package/src/docloader.test.ts +6 -102
- package/src/docloader.ts +8 -76
- package/src/key.test.ts +0 -86
- package/src/key.ts +0 -125
- package/src/mod.ts +0 -8
- package/src/url.test.ts +1 -252
- package/src/url.ts +0 -141
- package/tsdown.config.ts +1 -6
- package/dist/docloader-DnUMWHaJ.d.cts +0 -202
- package/dist/docloader-xRGn1azD.d.ts +0 -202
- package/dist/internal/jsonld-cache.cjs +0 -279
- package/dist/internal/jsonld-cache.d.cts +0 -48
- package/dist/internal/jsonld-cache.d.ts +0 -48
- package/dist/internal/jsonld-cache.js +0 -275
- package/dist/tests/jsonld-cache.test.cjs +0 -652
- package/dist/tests/jsonld-cache.test.d.cts +0 -1
- package/dist/tests/jsonld-cache.test.d.mts +0 -1
- package/dist/tests/jsonld-cache.test.mjs +0 -651
- package/dist/url-BAdyyqAa.cjs +0 -315
- package/dist/url-BuxPHxK2.js +0 -261
- package/src/contexts/fep-7aa9.json +0 -24
- package/src/internal/jsonld-cache.ts +0 -538
- package/src/jsonld-cache.test.ts +0 -554
package/deno.json
CHANGED
|
@@ -1,10 +1,9 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@fedify/vocab-runtime",
|
|
3
|
-
"version": "2.4.0-dev.
|
|
3
|
+
"version": "2.4.0-dev.1570+f1b6aaa3",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"exports": {
|
|
6
6
|
".": "./src/mod.ts",
|
|
7
|
-
"./internal/jsonld-cache": "./src/internal/jsonld-cache.ts",
|
|
8
7
|
"./jsonld": "./src/jsonld.ts",
|
|
9
8
|
"./temporal": "./src/temporal.ts"
|
|
10
9
|
},
|
package/dist/mod.cjs
CHANGED
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
|
|
2
2
|
Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
|
|
3
3
|
const require_chunk = require("./chunk-M78iaK0I.cjs");
|
|
4
|
-
const require_url = require("./url-BAdyyqAa.cjs");
|
|
5
4
|
let _logtape_logtape = require("@logtape/logtape");
|
|
6
5
|
let _opentelemetry_api = require("@opentelemetry/api");
|
|
7
6
|
let node_process = require("node:process");
|
|
8
7
|
node_process = require_chunk.__toESM(node_process, 1);
|
|
8
|
+
let node_dns_promises = require("node:dns/promises");
|
|
9
|
+
let node_net = require("node:net");
|
|
9
10
|
let asn1js = require("asn1js");
|
|
10
11
|
let byte_encodings_base64 = require("byte-encodings/base64");
|
|
11
12
|
let byte_encodings_base64url = require("byte-encodings/base64url");
|
|
@@ -4287,28 +4288,6 @@ const preloadedContexts = {
|
|
|
4287
4288
|
"@type": "@id"
|
|
4288
4289
|
}
|
|
4289
4290
|
} },
|
|
4290
|
-
"https://w3id.org/fep/7aa9": { "@context": {
|
|
4291
|
-
"FeaturedCollection": "https://w3id.org/fep/7aa9#FeaturedCollection",
|
|
4292
|
-
"FeaturedItem": "https://w3id.org/fep/7aa9#FeaturedItem",
|
|
4293
|
-
"FeatureRequest": "https://w3id.org/fep/7aa9#FeatureRequest",
|
|
4294
|
-
"FeatureAuthorization": "https://w3id.org/fep/7aa9#FeatureAuthorization",
|
|
4295
|
-
"topic": {
|
|
4296
|
-
"@id": "https://w3id.org/fep/7aa9#topic",
|
|
4297
|
-
"@type": "@id"
|
|
4298
|
-
},
|
|
4299
|
-
"featuredObject": {
|
|
4300
|
-
"@id": "https://w3id.org/fep/7aa9#featuredObject",
|
|
4301
|
-
"@type": "@id"
|
|
4302
|
-
},
|
|
4303
|
-
"canFeature": {
|
|
4304
|
-
"@id": "https://w3id.org/fep/7aa9#canFeature",
|
|
4305
|
-
"@type": "@id"
|
|
4306
|
-
},
|
|
4307
|
-
"featureAuthorization": {
|
|
4308
|
-
"@id": "https://w3id.org/fep/7aa9#featureAuthorization",
|
|
4309
|
-
"@type": "@id"
|
|
4310
|
-
}
|
|
4311
|
-
} },
|
|
4312
4291
|
"https://join-lemmy.org/context.json": { "@context": ["https://w3id.org/security/v1", {
|
|
4313
4292
|
"as": "https://www.w3.org/ns/activitystreams#",
|
|
4314
4293
|
"lemmy": "https://join-lemmy.org/ns#",
|
|
@@ -4367,7 +4346,7 @@ const preloadedContexts = {
|
|
|
4367
4346
|
//#endregion
|
|
4368
4347
|
//#region deno.json
|
|
4369
4348
|
var name = "@fedify/vocab-runtime";
|
|
4370
|
-
var version = "2.4.0-dev.
|
|
4349
|
+
var version = "2.4.0-dev.1570+f1b6aaa3";
|
|
4371
4350
|
//#endregion
|
|
4372
4351
|
//#region src/link.ts
|
|
4373
4352
|
const parametersNeedLowerCase = ["rel", "type"];
|
|
@@ -4620,6 +4599,179 @@ function logRequest(logger, request) {
|
|
|
4620
4599
|
});
|
|
4621
4600
|
}
|
|
4622
4601
|
//#endregion
|
|
4602
|
+
//#region src/url.ts
|
|
4603
|
+
var UrlError = class extends Error {
|
|
4604
|
+
constructor(message) {
|
|
4605
|
+
super(message);
|
|
4606
|
+
this.name = "UrlError";
|
|
4607
|
+
}
|
|
4608
|
+
};
|
|
4609
|
+
/**
|
|
4610
|
+
* Validates a URL to prevent SSRF attacks.
|
|
4611
|
+
*/
|
|
4612
|
+
async function validatePublicUrl(url) {
|
|
4613
|
+
const parsed = new URL(url);
|
|
4614
|
+
if (parsed.protocol !== "http:" && parsed.protocol !== "https:") throw new UrlError(`Unsupported protocol: ${parsed.protocol}`);
|
|
4615
|
+
let hostname = parsed.hostname;
|
|
4616
|
+
if (hostname.startsWith("[") && hostname.endsWith("]")) hostname = hostname.slice(1, -1);
|
|
4617
|
+
if (hostname === "localhost") throw new UrlError("Localhost is not allowed");
|
|
4618
|
+
const hostnameFamily = (0, node_net.isIP)(hostname);
|
|
4619
|
+
if (hostnameFamily !== 0) {
|
|
4620
|
+
validatePublicIpAddress(hostname, hostnameFamily);
|
|
4621
|
+
return;
|
|
4622
|
+
}
|
|
4623
|
+
if ("Deno" in globalThis && !(0, node_net.isIP)(hostname)) {
|
|
4624
|
+
if ((await Deno.permissions.query({ name: "net" })).state !== "granted") return;
|
|
4625
|
+
}
|
|
4626
|
+
if ("Bun" in globalThis) {
|
|
4627
|
+
if (hostname === "example.com" || hostname.endsWith(".example.com")) return;
|
|
4628
|
+
else if (hostname === "fedify-test.internal") throw new UrlError("Invalid or private address: fedify-test.internal");
|
|
4629
|
+
}
|
|
4630
|
+
let addresses;
|
|
4631
|
+
try {
|
|
4632
|
+
addresses = await (0, node_dns_promises.lookup)(hostname, { all: true });
|
|
4633
|
+
} catch {
|
|
4634
|
+
addresses = [];
|
|
4635
|
+
}
|
|
4636
|
+
for (const { address, family } of addresses) validatePublicIpAddress(address, family);
|
|
4637
|
+
}
|
|
4638
|
+
function validatePublicIpAddress(address, family) {
|
|
4639
|
+
if (family === 4 && isValidPublicIPv4Address(address) || family === 6 && isValidPublicIPv6Address(address)) return;
|
|
4640
|
+
throw new UrlError(`Invalid or private address: ${address}`);
|
|
4641
|
+
}
|
|
4642
|
+
function isValidPublicIPv4Address(address) {
|
|
4643
|
+
const parts = parseIPv4Address(address);
|
|
4644
|
+
if (parts == null) return false;
|
|
4645
|
+
const value = ipv4PartsToNumber(parts);
|
|
4646
|
+
return !nonPublicIPv4Prefixes.some(({ base, prefix }) => matchesIPv4Prefix(value, base, prefix));
|
|
4647
|
+
}
|
|
4648
|
+
function isValidPublicIPv6Address(address) {
|
|
4649
|
+
const words = parseIPv6Address(address);
|
|
4650
|
+
if (words == null) return false;
|
|
4651
|
+
if (nonPublicIPv6Prefixes.some(({ words: prefixWords, prefix }) => matchesIPv6Prefix(words, prefixWords, prefix))) return false;
|
|
4652
|
+
for (const { extractIPv4, prefix, words: prefixWords } of ipv6WithIPv4Prefixes) {
|
|
4653
|
+
if (!matchesIPv6Prefix(words, prefixWords, prefix)) continue;
|
|
4654
|
+
const ipv4Address = extractIPv4(words);
|
|
4655
|
+
if (ipv4Address != null && !isValidPublicIPv4Address(ipv4Address)) return false;
|
|
4656
|
+
}
|
|
4657
|
+
return true;
|
|
4658
|
+
}
|
|
4659
|
+
function expandIPv6Address(address) {
|
|
4660
|
+
address = address.toLowerCase();
|
|
4661
|
+
const ipv4Delimiter = address.lastIndexOf(":");
|
|
4662
|
+
if (address.includes(".") && ipv4Delimiter >= 0) {
|
|
4663
|
+
const ipv4Parts = parseIPv4Address(address.substring(ipv4Delimiter + 1));
|
|
4664
|
+
if (ipv4Parts == null) return address;
|
|
4665
|
+
const high = (ipv4Parts[0] << 8) + ipv4Parts[1];
|
|
4666
|
+
const low = (ipv4Parts[2] << 8) + ipv4Parts[3];
|
|
4667
|
+
address = address.substring(0, ipv4Delimiter + 1) + high.toString(16) + ":" + low.toString(16);
|
|
4668
|
+
}
|
|
4669
|
+
if (address === "::") return "0000:0000:0000:0000:0000:0000:0000:0000";
|
|
4670
|
+
if (address.startsWith("::")) address = "0000" + address;
|
|
4671
|
+
if (address.endsWith("::")) address = address + "0000";
|
|
4672
|
+
address = address.replace("::", ":0000".repeat(8 - (address.match(/:/g) || []).length) + ":");
|
|
4673
|
+
return address.split(":").map((part) => part.padStart(4, "0")).join(":");
|
|
4674
|
+
}
|
|
4675
|
+
const nonPublicIPv4Prefixes = [
|
|
4676
|
+
ipv4Prefix("0.0.0.0/8", "RFC 6890"),
|
|
4677
|
+
ipv4Prefix("10.0.0.0/8", "RFC 1918"),
|
|
4678
|
+
ipv4Prefix("100.64.0.0/10", "RFC 6598"),
|
|
4679
|
+
ipv4Prefix("127.0.0.0/8", "RFC 1122"),
|
|
4680
|
+
ipv4Prefix("169.254.0.0/16", "RFC 3927"),
|
|
4681
|
+
ipv4Prefix("172.16.0.0/12", "RFC 1918"),
|
|
4682
|
+
ipv4Prefix("192.0.0.0/24", "RFC 6890"),
|
|
4683
|
+
ipv4Prefix("192.0.2.0/24", "RFC 5737"),
|
|
4684
|
+
ipv4Prefix("192.88.99.0/24", "RFC 7526"),
|
|
4685
|
+
ipv4Prefix("192.168.0.0/16", "RFC 1918"),
|
|
4686
|
+
ipv4Prefix("198.18.0.0/15", "RFC 2544"),
|
|
4687
|
+
ipv4Prefix("198.51.100.0/24", "RFC 5737"),
|
|
4688
|
+
ipv4Prefix("203.0.113.0/24", "RFC 5737"),
|
|
4689
|
+
ipv4Prefix("224.0.0.0/4", "RFC 5771"),
|
|
4690
|
+
ipv4Prefix("240.0.0.0/4", "RFC 1112")
|
|
4691
|
+
];
|
|
4692
|
+
const nonPublicIPv6Prefixes = [
|
|
4693
|
+
ipv6Prefix("::/16", "RFC 4291"),
|
|
4694
|
+
ipv6Prefix("2001::/32", "RFC 4380"),
|
|
4695
|
+
ipv6Prefix("2002::/16", "RFC 3056"),
|
|
4696
|
+
ipv6Prefix("64:ff9b:1::/48", "RFC 8215"),
|
|
4697
|
+
ipv6Prefix("fc00::/7", "RFC 4193"),
|
|
4698
|
+
ipv6Prefix("fe80::/10", "RFC 4291"),
|
|
4699
|
+
ipv6Prefix("ff00::/8", "RFC 4291")
|
|
4700
|
+
];
|
|
4701
|
+
const ipv6WithIPv4Prefixes = [{
|
|
4702
|
+
...ipv6Prefix("64:ff9b::/96", "RFC 6052"),
|
|
4703
|
+
extractIPv4: (words) => ipv4FromWords(words[6], words[7])
|
|
4704
|
+
}];
|
|
4705
|
+
function ipv4Prefix(cidr, rfc) {
|
|
4706
|
+
const [address, prefixText] = cidr.split("/");
|
|
4707
|
+
const prefix = parseInt(prefixText, 10);
|
|
4708
|
+
const parts = parseIPv4Address(address);
|
|
4709
|
+
if (parts == null || !Number.isInteger(prefix) || prefix < 0 || prefix > 32) throw new Error(`Invalid IPv4 prefix: ${cidr}`);
|
|
4710
|
+
return {
|
|
4711
|
+
cidr,
|
|
4712
|
+
base: ipv4PartsToNumber(parts),
|
|
4713
|
+
prefix,
|
|
4714
|
+
rfc
|
|
4715
|
+
};
|
|
4716
|
+
}
|
|
4717
|
+
function ipv6Prefix(cidr, rfc) {
|
|
4718
|
+
const [address, prefixText] = cidr.split("/");
|
|
4719
|
+
const prefix = parseInt(prefixText, 10);
|
|
4720
|
+
const words = parseIPv6Address(address);
|
|
4721
|
+
if (words == null || !Number.isInteger(prefix) || prefix < 0 || prefix > 128) throw new Error(`Invalid IPv6 prefix: ${cidr}`);
|
|
4722
|
+
return {
|
|
4723
|
+
cidr,
|
|
4724
|
+
words,
|
|
4725
|
+
prefix,
|
|
4726
|
+
rfc
|
|
4727
|
+
};
|
|
4728
|
+
}
|
|
4729
|
+
function parseIPv4Address(address) {
|
|
4730
|
+
const parts = address.split(".").map((part) => {
|
|
4731
|
+
if (!/^\d+$/.test(part)) return NaN;
|
|
4732
|
+
return parseInt(part, 10);
|
|
4733
|
+
});
|
|
4734
|
+
if (parts.length !== 4 || parts.some((part) => !Number.isInteger(part) || part < 0 || part > 255)) return null;
|
|
4735
|
+
return parts;
|
|
4736
|
+
}
|
|
4737
|
+
function parseIPv6Address(address) {
|
|
4738
|
+
const parts = expandIPv6Address(address).split(":");
|
|
4739
|
+
if (parts.length !== 8) return null;
|
|
4740
|
+
const words = parts.map((part) => {
|
|
4741
|
+
if (!/^[0-9a-f]{1,4}$/i.test(part)) return NaN;
|
|
4742
|
+
return parseInt(part, 16);
|
|
4743
|
+
});
|
|
4744
|
+
if (words.some((word) => !Number.isInteger(word) || word < 0 || word > 65535)) return null;
|
|
4745
|
+
return words;
|
|
4746
|
+
}
|
|
4747
|
+
function ipv4PartsToNumber(parts) {
|
|
4748
|
+
return parts[0] * 2 ** 24 + parts[1] * 2 ** 16 + parts[2] * 2 ** 8 + parts[3];
|
|
4749
|
+
}
|
|
4750
|
+
function ipv4FromWords(highWord, lowWord) {
|
|
4751
|
+
return [
|
|
4752
|
+
highWord >> 8,
|
|
4753
|
+
highWord & 255,
|
|
4754
|
+
lowWord >> 8,
|
|
4755
|
+
lowWord & 255
|
|
4756
|
+
].join(".");
|
|
4757
|
+
}
|
|
4758
|
+
function matchesIPv4Prefix(address, prefixBase, prefixLength) {
|
|
4759
|
+
const blockSize = 2 ** (32 - prefixLength);
|
|
4760
|
+
return Math.floor(address / blockSize) === Math.floor(prefixBase / blockSize);
|
|
4761
|
+
}
|
|
4762
|
+
function matchesIPv6Prefix(address, prefixWords, prefixLength) {
|
|
4763
|
+
let remaining = prefixLength;
|
|
4764
|
+
for (let i = 0; i < 8 && remaining > 0; i++) if (remaining >= 16) {
|
|
4765
|
+
if (address[i] !== prefixWords[i]) return false;
|
|
4766
|
+
remaining -= 16;
|
|
4767
|
+
} else {
|
|
4768
|
+
const mask = 65535 << 16 - remaining & 65535;
|
|
4769
|
+
if ((address[i] & mask) !== (prefixWords[i] & mask)) return false;
|
|
4770
|
+
remaining = 0;
|
|
4771
|
+
}
|
|
4772
|
+
return true;
|
|
4773
|
+
}
|
|
4774
|
+
//#endregion
|
|
4623
4775
|
//#region src/docloader.ts
|
|
4624
4776
|
const logger = (0, _logtape_logtape.getLogger)([
|
|
4625
4777
|
"fedify",
|
|
@@ -4627,66 +4779,6 @@ const logger = (0, _logtape_logtape.getLogger)([
|
|
|
4627
4779
|
"docloader"
|
|
4628
4780
|
]);
|
|
4629
4781
|
const DEFAULT_MAX_REDIRECTION = 20;
|
|
4630
|
-
const MAX_HTML_SIZE = 1024 * 1024;
|
|
4631
|
-
function createResponseMetadata(response) {
|
|
4632
|
-
return new Response(null, {
|
|
4633
|
-
headers: response.headers,
|
|
4634
|
-
status: response.status,
|
|
4635
|
-
statusText: response.statusText
|
|
4636
|
-
});
|
|
4637
|
-
}
|
|
4638
|
-
async function cancelResponseBody(response) {
|
|
4639
|
-
if (response.body != null) await response.body.cancel();
|
|
4640
|
-
}
|
|
4641
|
-
async function readBoundedText(response, maxBytes) {
|
|
4642
|
-
const contentLength = response.headers.get("Content-Length");
|
|
4643
|
-
if (contentLength != null) {
|
|
4644
|
-
const size = Number(contentLength);
|
|
4645
|
-
if (size > maxBytes) {
|
|
4646
|
-
await cancelResponseBody(response);
|
|
4647
|
-
return {
|
|
4648
|
-
text: "",
|
|
4649
|
-
size,
|
|
4650
|
-
tooLarge: true
|
|
4651
|
-
};
|
|
4652
|
-
}
|
|
4653
|
-
}
|
|
4654
|
-
if (response.body == null) return {
|
|
4655
|
-
text: "",
|
|
4656
|
-
size: 0,
|
|
4657
|
-
tooLarge: false
|
|
4658
|
-
};
|
|
4659
|
-
const reader = response.body.getReader();
|
|
4660
|
-
const decoder = new TextDecoder();
|
|
4661
|
-
let text = "";
|
|
4662
|
-
let size = 0;
|
|
4663
|
-
try {
|
|
4664
|
-
while (true) {
|
|
4665
|
-
const result = await reader.read();
|
|
4666
|
-
if (result.done) break;
|
|
4667
|
-
const chunkSize = result.value.byteLength;
|
|
4668
|
-
if (size + chunkSize > maxBytes) {
|
|
4669
|
-
size += chunkSize;
|
|
4670
|
-
await reader.cancel();
|
|
4671
|
-
return {
|
|
4672
|
-
text: "",
|
|
4673
|
-
size,
|
|
4674
|
-
tooLarge: true
|
|
4675
|
-
};
|
|
4676
|
-
}
|
|
4677
|
-
size += chunkSize;
|
|
4678
|
-
text += decoder.decode(result.value, { stream: true });
|
|
4679
|
-
}
|
|
4680
|
-
text += decoder.decode();
|
|
4681
|
-
return {
|
|
4682
|
-
text,
|
|
4683
|
-
size,
|
|
4684
|
-
tooLarge: false
|
|
4685
|
-
};
|
|
4686
|
-
} finally {
|
|
4687
|
-
reader.releaseLock();
|
|
4688
|
-
}
|
|
4689
|
-
}
|
|
4690
4782
|
/**
|
|
4691
4783
|
* Gets a {@link RemoteDocument} from the given response.
|
|
4692
4784
|
* @param url The URL of the document to load.
|
|
@@ -4741,19 +4833,19 @@ async function getRemoteDocument(url, response, fetch) {
|
|
|
4741
4833
|
}
|
|
4742
4834
|
let document;
|
|
4743
4835
|
if (!jsonLd && (contentType === "text/html" || contentType?.startsWith("text/html;") || contentType === "application/xhtml+xml" || contentType?.startsWith("application/xhtml+xml;"))) {
|
|
4744
|
-
const
|
|
4745
|
-
const html = await
|
|
4746
|
-
if (html.
|
|
4836
|
+
const MAX_HTML_SIZE = 1024 * 1024;
|
|
4837
|
+
const html = await response.text();
|
|
4838
|
+
if (html.length > MAX_HTML_SIZE) {
|
|
4747
4839
|
logger.warn("HTML response too large, skipping alternate link discovery: {url}", {
|
|
4748
4840
|
url: documentUrl,
|
|
4749
|
-
size: html.
|
|
4841
|
+
size: html.length
|
|
4750
4842
|
});
|
|
4751
|
-
|
|
4843
|
+
document = JSON.parse(html);
|
|
4752
4844
|
} else {
|
|
4753
4845
|
const tagPattern = /<(a|link)\s+([^>]*?)\s*\/?>/gi;
|
|
4754
4846
|
const attrPattern = /([a-z][a-z:_-]*)=(?:"([^"]*)"|'([^']*)'|([^\s>]+))/gi;
|
|
4755
4847
|
let tagMatch;
|
|
4756
|
-
while ((tagMatch = tagPattern.exec(html
|
|
4848
|
+
while ((tagMatch = tagPattern.exec(html)) !== null) {
|
|
4757
4849
|
const tagContent = tagMatch[2];
|
|
4758
4850
|
let attrMatch;
|
|
4759
4851
|
const attribs = {};
|
|
@@ -4770,12 +4862,7 @@ async function getRemoteDocument(url, response, fetch) {
|
|
|
4770
4862
|
return await fetch(new URL(attribs.href, docUrl).href);
|
|
4771
4863
|
}
|
|
4772
4864
|
}
|
|
4773
|
-
|
|
4774
|
-
document = JSON.parse(html.text);
|
|
4775
|
-
} catch (error) {
|
|
4776
|
-
if (!(error instanceof SyntaxError)) throw error;
|
|
4777
|
-
throw new FetchError(documentUrl, `HTML document has no ActivityPub alternate link (Content-Type: ${contentType})`, errorResponse);
|
|
4778
|
-
}
|
|
4865
|
+
document = JSON.parse(html);
|
|
4779
4866
|
}
|
|
4780
4867
|
} else document = await response.json();
|
|
4781
4868
|
logger.debug("Fetched document: {status} {url} {headers}", {
|
|
@@ -4821,9 +4908,9 @@ function getDocumentLoader({ allowPrivateAddress, maxRedirection, skipPreloadedC
|
|
|
4821
4908
|
};
|
|
4822
4909
|
}
|
|
4823
4910
|
if (!allowPrivateAddress) try {
|
|
4824
|
-
await
|
|
4911
|
+
await validatePublicUrl(currentUrl);
|
|
4825
4912
|
} catch (error) {
|
|
4826
|
-
if (error instanceof
|
|
4913
|
+
if (error instanceof UrlError) logger.error("Disallowed private URL: {url}", {
|
|
4827
4914
|
url: currentUrl,
|
|
4828
4915
|
error
|
|
4829
4916
|
});
|
|
@@ -5253,11 +5340,6 @@ const algorithms = {
|
|
|
5253
5340
|
},
|
|
5254
5341
|
"1.3.101.112": "Ed25519"
|
|
5255
5342
|
};
|
|
5256
|
-
const DID_KEY_PREFIX = "did:key:";
|
|
5257
|
-
const ED25519_PUBLIC_KEY_MULTICODEC = 237;
|
|
5258
|
-
const ED25519_PUBLIC_KEY_LENGTH = 32;
|
|
5259
|
-
const DID_KEY_PATTERN = /^did:key:([^/?#]+)$/;
|
|
5260
|
-
const DID_KEY_VERIFICATION_METHOD_PATTERN = /^did:key:([^/?#]+)#([^/?#]+)$/;
|
|
5261
5343
|
/**
|
|
5262
5344
|
* Imports a PEM-SPKI formatted public key.
|
|
5263
5345
|
* @param pem The PEM-SPKI formatted public key.
|
|
@@ -5319,69 +5401,6 @@ const PKCS1_HEADER = /^\s*-----BEGIN\s+RSA\s+PUBLIC\s+KEY-----\s*\n/;
|
|
|
5319
5401
|
function importPem(pem) {
|
|
5320
5402
|
return PKCS1_HEADER.test(pem) ? importPkcs1(pem) : importSpki(pem);
|
|
5321
5403
|
}
|
|
5322
|
-
function decodeEd25519DidKeyMultibase(multibaseKey) {
|
|
5323
|
-
if (!multibaseKey.startsWith("z")) throw new TypeError("did:key must use base58-btc Multibase encoding.");
|
|
5324
|
-
let decoded;
|
|
5325
|
-
try {
|
|
5326
|
-
decoded = decodeMultibase(multibaseKey);
|
|
5327
|
-
} catch (error) {
|
|
5328
|
-
throw new TypeError("Invalid did:key Multibase encoding.", { cause: error });
|
|
5329
|
-
}
|
|
5330
|
-
const { code } = getMulticodecPrefix(decoded);
|
|
5331
|
-
if (code !== ED25519_PUBLIC_KEY_MULTICODEC) throw new TypeError("Unsupported did:key type: 0x" + code.toString(16));
|
|
5332
|
-
const content = removeMulticodecPrefix(decoded);
|
|
5333
|
-
if (content.length !== ED25519_PUBLIC_KEY_LENGTH) throw new TypeError("Invalid Ed25519 did:key length.");
|
|
5334
|
-
return content;
|
|
5335
|
-
}
|
|
5336
|
-
/**
|
|
5337
|
-
* Imports an Ed25519 `did:key` DID.
|
|
5338
|
-
*
|
|
5339
|
-
* @param did The `did:key` DID.
|
|
5340
|
-
* @returns The imported Ed25519 public key.
|
|
5341
|
-
* @throws {TypeError} If the DID is malformed or uses an unsupported key type.
|
|
5342
|
-
* @since 2.4.0
|
|
5343
|
-
*/
|
|
5344
|
-
async function importDidKey(did) {
|
|
5345
|
-
const match = (did instanceof URL ? did.href : did).match(DID_KEY_PATTERN);
|
|
5346
|
-
if (match == null) throw new TypeError("Invalid did:key DID.");
|
|
5347
|
-
const content = decodeEd25519DidKeyMultibase(match[1]);
|
|
5348
|
-
return await crypto.subtle.importKey("raw", content.slice(), "Ed25519", true, ["verify"]);
|
|
5349
|
-
}
|
|
5350
|
-
/**
|
|
5351
|
-
* Exports an Ed25519 public key as a `did:key` DID.
|
|
5352
|
-
*
|
|
5353
|
-
* @param key The Ed25519 public key.
|
|
5354
|
-
* @returns The `did:key` DID.
|
|
5355
|
-
* @throws {TypeError} If the key is invalid or unsupported.
|
|
5356
|
-
* @since 2.4.0
|
|
5357
|
-
*/
|
|
5358
|
-
async function exportDidKey(key) {
|
|
5359
|
-
if (key.algorithm.name !== "Ed25519") throw new TypeError("Unsupported key type: " + JSON.stringify(key.algorithm));
|
|
5360
|
-
return DID_KEY_PREFIX + await exportMultibaseKey(key);
|
|
5361
|
-
}
|
|
5362
|
-
/**
|
|
5363
|
-
* Parses an Ed25519 `did:key` verification method DID URL.
|
|
5364
|
-
*
|
|
5365
|
-
* @param didUrl The `did:key` DID URL.
|
|
5366
|
-
* @returns The parsed verification method.
|
|
5367
|
-
* @throws {TypeError} If the DID URL is malformed, unsupported, or its
|
|
5368
|
-
* fragment does not identify the same key as the DID.
|
|
5369
|
-
* @since 2.4.0
|
|
5370
|
-
*/
|
|
5371
|
-
async function parseDidKeyVerificationMethod(didUrl) {
|
|
5372
|
-
const didUrlString = didUrl instanceof URL ? didUrl.href : didUrl;
|
|
5373
|
-
const match = didUrlString.match(DID_KEY_VERIFICATION_METHOD_PATTERN);
|
|
5374
|
-
if (match == null) throw new TypeError("Invalid did:key verification method.");
|
|
5375
|
-
const [, publicKeyMultibase, fragment] = match;
|
|
5376
|
-
if (publicKeyMultibase !== fragment) throw new TypeError("Invalid did:key verification method fragment.");
|
|
5377
|
-
const publicKey = await importDidKey(DID_KEY_PREFIX + publicKeyMultibase);
|
|
5378
|
-
return {
|
|
5379
|
-
id: new URL(didUrlString),
|
|
5380
|
-
controller: new URL(DID_KEY_PREFIX + publicKeyMultibase),
|
|
5381
|
-
publicKeyMultibase,
|
|
5382
|
-
publicKey
|
|
5383
|
-
};
|
|
5384
|
-
}
|
|
5385
5404
|
/**
|
|
5386
5405
|
* Imports a [Multibase]-encoded public key.
|
|
5387
5406
|
*
|
|
@@ -5550,33 +5569,26 @@ LanguageString.prototype[Symbol.for("nodejs.util.inspect.custom")] = function(_d
|
|
|
5550
5569
|
//#endregion
|
|
5551
5570
|
exports.FetchError = FetchError;
|
|
5552
5571
|
exports.LanguageString = LanguageString;
|
|
5553
|
-
exports.UrlError =
|
|
5572
|
+
exports.UrlError = UrlError;
|
|
5554
5573
|
exports.canParseDecimal = canParseDecimal;
|
|
5555
5574
|
exports.createActivityPubRequest = createActivityPubRequest;
|
|
5556
5575
|
exports.decodeMultibase = decodeMultibase;
|
|
5557
5576
|
exports.encodeMultibase = encodeMultibase;
|
|
5558
5577
|
exports.encodingFromBaseData = encodingFromBaseData;
|
|
5559
|
-
exports.expandIPv6Address =
|
|
5560
|
-
exports.exportDidKey = exportDidKey;
|
|
5578
|
+
exports.expandIPv6Address = expandIPv6Address;
|
|
5561
5579
|
exports.exportMultibaseKey = exportMultibaseKey;
|
|
5562
5580
|
exports.exportSpki = exportSpki;
|
|
5563
|
-
exports.formatIri = require_url.formatIri;
|
|
5564
5581
|
exports.getDocumentLoader = getDocumentLoader;
|
|
5565
5582
|
exports.getRemoteDocument = getRemoteDocument;
|
|
5566
5583
|
exports.getUserAgent = getUserAgent;
|
|
5567
|
-
exports.haveSameIriOrigin = require_url.haveSameIriOrigin;
|
|
5568
|
-
exports.importDidKey = importDidKey;
|
|
5569
5584
|
exports.importMultibaseKey = importMultibaseKey;
|
|
5570
5585
|
exports.importPem = importPem;
|
|
5571
5586
|
exports.importPkcs1 = importPkcs1;
|
|
5572
5587
|
exports.importSpki = importSpki;
|
|
5573
5588
|
exports.isDecimal = isDecimal;
|
|
5574
|
-
exports.isValidPublicIPv4Address =
|
|
5575
|
-
exports.isValidPublicIPv6Address =
|
|
5589
|
+
exports.isValidPublicIPv4Address = isValidPublicIPv4Address;
|
|
5590
|
+
exports.isValidPublicIPv6Address = isValidPublicIPv6Address;
|
|
5576
5591
|
exports.logRequest = logRequest;
|
|
5577
5592
|
exports.parseDecimal = parseDecimal;
|
|
5578
|
-
exports.parseDidKeyVerificationMethod = parseDidKeyVerificationMethod;
|
|
5579
|
-
exports.parseIri = require_url.parseIri;
|
|
5580
|
-
exports.parseJsonLdId = require_url.parseJsonLdId;
|
|
5581
5593
|
exports.preloadedContexts = preloadedContexts;
|
|
5582
|
-
exports.validatePublicUrl =
|
|
5594
|
+
exports.validatePublicUrl = validatePublicUrl;
|