Spacebar/server
1
0
Fork 0
mirror of https://github.com/spacebarchat/server.git synced 2024-11-14 06:32:36 +01:00
Code Issues Releases Activity

🔒 XSS content type: html

Browse Source
This commit is contained in:
Flam3rboy 2021-09-25 23:54:30 +02:00
parent 39f4aa86da
commit bf42a92574
1 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
cdn/src/routes/attachments.ts
View File

@ -8,6 +8,13 @@ import imageSize from "image-size";
const router = Router(); const router = Router();
const SANITIZED_CONTENT_TYPE = [
"text/html",
"text/mhtml",
"multipart/related",
"application/xhtml+xml",
];
router.post( router.post(
"/:channel_id", "/:channel_id",
multer.single("file"), multer.single("file"),
@ -24,7 +31,8 @@ router.post(
const id = Snowflake.generate(); const id = Snowflake.generate();
const path = `attachments/${channel_id}/${id}/${filename}`; const path = `attachments/${channel_id}/${id}/${filename}`;
const endpoint = Config.get()?.cdn.endpoint || "http://localhost:3003"; const endpoint =
Config.get()?.cdn.endpointPublic || "http://localhost:3003";
await storage.set(path, buffer); await storage.set(path, buffer);
var width; var width;
@ -61,8 +69,13 @@ router.get(
); );
if (!file) throw new HTTPError("File not found"); if (!file) throw new HTTPError("File not found");
const type = await FileType.fromBuffer(file); const type = await FileType.fromBuffer(file);
let content_type = type?.mime || "application/octet-stream";
res.set("Content-Type", type?.mime); if (SANITIZED_CONTENT_TYPE.includes(content_type)) {
content_type = "application/octet-stream";
}
res.set("Content-Type", content_type);
res.set("Cache-Control", "public, max-age=31536000"); res.set("Cache-Control", "public, max-age=31536000");
return res.send(file); return res.send(file);