[Embed][StoreRemoteMedia] Re-add {white,black}list check config

2021-08-18 14:15:30 +01:00
parent de444a2a5a
commit 177801c81b
2 changed files with 101 additions and 29 deletions
--- a/plugins/Embed/Embed.php
+++ b/plugins/Embed/Embed.php
@@ -77,12 +77,15 @@ class Embed extends Plugin
     *  Settings which can be set in social.local.yaml
     *  WARNING, these are _regexps_ (slashes added later). Always escape your dots and end ('$') your strings
     */
+    public bool $check_whitelist   = false;
+    public bool $check_blacklist   = false;
    public array $domain_whitelist = [
-        // hostname => service provider
-        '.*' => '', // Default to allowing any host
+        // hostname
+        '.*', // Default to allowing any host
    ];
-
-    public bool $store_image = true; // Whether to maintain a copy of the original media or only a thumbnail of it
+    public array $domain_blacklist = [];
+    // Whether to maintain a copy of the original media or only a thumbnail of it
+    public bool $store_image = true;
    public ?int $thumbnail_width;
    public ?int $thumbnail_height;
    public ?int $max_size;
@@ -198,28 +201,6 @@ class Embed extends Plugin
        return Event::next;
    }

-    /**
-     * @param string $url
-     *
-     * @return bool true if allowed by the lists, false otherwise
-     */
-    private function allowedLink(string $url): bool
-    {
-        return true;
-        if ($this->check_whitelist ?? false) {
-            return false;   // indicates "no check made"
-        }
-
-        $host = parse_url($url, PHP_URL_HOST);
-        foreach ($this->domain_whitelist as $regex => $provider) {
-            if (preg_match("/{$regex}/", $host)) {
-                return $provider;    // we trust this source, return provider name
-            }
-        }
-
-        return false;
-    }
-
    /**
     * This code executes when GNU social creates the page routing, and we hook
     * on this event to add our action handler for Embed.
@@ -231,6 +212,7 @@ class Embed extends Plugin
     * @return bool
     *
     *
+     *
     */
    public function onAddRoute(RouteLoader $m): bool
    {
@@ -301,10 +283,11 @@ class Embed extends Plugin
     * @param Link $link
     * @param Note $note
     *
-     *@throws DuplicateFoundException
+     * @throws DuplicateFoundException
     *
     * @return bool
     *
+     *
     */
    public function onNewLinkFromNote(Link $link, Note $note): bool
    {
@@ -362,6 +345,39 @@ class Embed extends Plugin
        return Event::stop;
    }

+    /**
+     * @param string $url
+     *
+     * @return bool true if allowed by the lists, false otherwise
+     */
+    private function allowedLink(string $url): bool
+    {
+        $passed_whitelist = !$this->check_whitelist;
+        $passed_blacklist = !$this->check_blacklist;
+
+        if ($this->check_whitelist) {
+            $passed_whitelist = false; // don't trust be default
+            $host             = parse_url($url, PHP_URL_HOST);
+            foreach ($this->domain_whitelist as $regex => $provider) {
+                if (preg_match("/{$regex}/", $host)) {
+                    $passed_whitelist = true; // we trust this source
+                }
+            }
+        }
+
+        if ($this->check_blacklist) {
+            // assume it passed by default
+            $host = parse_url($url, PHP_URL_HOST);
+            foreach ($this->domain_blacklist as $regex => $provider) {
+                if (preg_match("/{$regex}/", $host)) {
+                    $passed_blacklist = false; // we blocked this source
+                }
+            }
+        }
+
+        return $passed_whitelist && $passed_blacklist;
+    }
+
    /**
     * Perform an oEmbed or OpenGraph lookup for the given $url.
     *
@@ -481,6 +497,7 @@ class Embed extends Plugin
     * @throws ServerException
     *
     * @return bool true hook value
+     *
     */
    public function onPluginVersion(array &$versions): bool
    {