From cfd18889694650d9ebb798fab240c0e474690c37 Mon Sep 17 00:00:00 2001 From: syuilo Date: Sun, 26 Dec 2021 12:08:22 +0900 Subject: [PATCH] refactor --- packages/backend/src/const.ts | 2 +- packages/backend/src/server/file/send-drive-file.ts | 8 ++++---- packages/backend/src/server/proxy/proxy-media.ts | 4 ++-- packages/backend/src/services/drive/add-file.ts | 4 ++-- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/packages/backend/src/const.ts b/packages/backend/src/const.ts index eb0c81f2c7..59d7206e01 100644 --- a/packages/backend/src/const.ts +++ b/packages/backend/src/const.ts @@ -4,7 +4,7 @@ export const USER_ACTIVE_THRESHOLD = 1000 * 60 * 60 * 24 * 3; // 3days // ブラウザで直接表示することを許可するファイルの種類のリスト // ここに含まれないものは application/octet-stream としてレスポンスされる // SVGはXSSを生むので許可しない -export const FILE_TYPE_WHITELIST = [ +export const FILE_TYPE_BROWSERSAFE = [ 'image/png', 'image/gif', 'image/jpeg', diff --git a/packages/backend/src/server/file/send-drive-file.ts b/packages/backend/src/server/file/send-drive-file.ts index 1f88d9e315..7bfc36e25a 100644 --- a/packages/backend/src/server/file/send-drive-file.ts +++ b/packages/backend/src/server/file/send-drive-file.ts @@ -14,7 +14,7 @@ import { detectType } from '@/misc/get-file-info'; import { convertToJpeg, convertToPngOrJpeg } from '@/services/drive/image-processor'; import { GenerateVideoThumbnail } from '@/services/drive/generate-video-thumbnail'; import { StatusError } from '@/misc/fetch'; -import { FILE_TYPE_WHITELIST } from '@/const'; +import { FILE_TYPE_BROWSERSAFE } from '@/const'; //const _filename = fileURLToPath(import.meta.url); const _filename = __filename; @@ -83,7 +83,7 @@ export default async function(ctx: Koa.Context) { const image = await convertFile(); ctx.body = image.data; - ctx.set('Content-Type', FILE_TYPE_WHITELIST.includes(image.type) ? image.type : 'application/octet-stream'); + ctx.set('Content-Type', FILE_TYPE_BROWSERSAFE.includes(image.type) ? image.type : 'application/octet-stream'); ctx.set('Cache-Control', 'max-age=31536000, immutable'); } catch (e) { serverLogger.error(`${e}`); @@ -114,14 +114,14 @@ export default async function(ctx: Koa.Context) { }).toString(); ctx.body = InternalStorage.read(key); - ctx.set('Content-Type', FILE_TYPE_WHITELIST.includes(mime) ? mime : 'application/octet-stream'); + ctx.set('Content-Type', FILE_TYPE_BROWSERSAFE.includes(mime) ? mime : 'application/octet-stream'); ctx.set('Cache-Control', 'max-age=31536000, immutable'); ctx.set('Content-Disposition', contentDisposition('inline', filename)); } else { const readable = InternalStorage.read(file.accessKey!); readable.on('error', commonReadableHandlerGenerator(ctx)); ctx.body = readable; - ctx.set('Content-Type', FILE_TYPE_WHITELIST.includes(file.type) ? file.type : 'application/octet-stream'); + ctx.set('Content-Type', FILE_TYPE_BROWSERSAFE.includes(file.type) ? file.type : 'application/octet-stream'); ctx.set('Cache-Control', 'max-age=31536000, immutable'); ctx.set('Content-Disposition', contentDisposition('inline', file.name)); } diff --git a/packages/backend/src/server/proxy/proxy-media.ts b/packages/backend/src/server/proxy/proxy-media.ts index 7d6652a97a..b116b4b961 100644 --- a/packages/backend/src/server/proxy/proxy-media.ts +++ b/packages/backend/src/server/proxy/proxy-media.ts @@ -6,7 +6,7 @@ import { createTemp } from '@/misc/create-temp'; import { downloadUrl } from '@/misc/download-url'; import { detectType } from '@/misc/get-file-info'; import { StatusError } from '@/misc/fetch'; -import { FILE_TYPE_WHITELIST } from '@/const'; +import { FILE_TYPE_BROWSERSAFE } from '@/const'; export async function proxyMedia(ctx: Koa.Context) { const url = 'url' in ctx.query ? ctx.query.url : 'https://' + ctx.params.url; @@ -19,7 +19,7 @@ export async function proxyMedia(ctx: Koa.Context) { const { mime, ext } = await detectType(path); - if (!FILE_TYPE_WHITELIST.includes(mime)) throw 403; + if (!FILE_TYPE_BROWSERSAFE.includes(mime)) throw 403; let image: IImage; diff --git a/packages/backend/src/services/drive/add-file.ts b/packages/backend/src/services/drive/add-file.ts index ae1dbd3ca7..a59c9501bc 100644 --- a/packages/backend/src/services/drive/add-file.ts +++ b/packages/backend/src/services/drive/add-file.ts @@ -20,7 +20,7 @@ import { isDuplicateKeyValueError } from '@/misc/is-duplicate-key-value-error'; import * as S3 from 'aws-sdk/clients/s3'; import { getS3 } from './s3'; import * as sharp from 'sharp'; -import { FILE_TYPE_WHITELIST } from '@/const'; +import { FILE_TYPE_BROWSERSAFE } from '@/const'; const logger = driveLogger.createSubLogger('register', 'yellow'); @@ -242,7 +242,7 @@ export async function generateAlts(path: string, type: string, generateWeb: bool */ async function upload(key: string, stream: fs.ReadStream | Buffer, type: string, filename?: string) { if (type === 'image/apng') type = 'image/png'; - if (!FILE_TYPE_WHITELIST.includes(type)) type = 'application/octet-stream'; + if (!FILE_TYPE_BROWSERSAFE.includes(type)) type = 'application/octet-stream'; const meta = await fetchMeta();