diff --git a/src/config.rs b/src/config.rs index 1702626..17133ff 100644 --- a/src/config.rs +++ b/src/config.rs @@ -26,6 +26,8 @@ use bytes::Bytes; use derive_builder::Builder; use dyn_clone::{clone_trait_object, DynClone}; use moka::future::Cache; +use once_cell::sync::Lazy; +use regex::Regex; use reqwest::Request; use reqwest_middleware::{ClientWithMiddleware, RequestBuilder}; use rsa::{pkcs8::DecodePrivateKey, RsaPrivateKey}; @@ -107,6 +109,9 @@ pub struct FederationConfig { pub(crate) queue_retry_count: usize, } +pub(crate) static DOMAIN_REGEX: Lazy = + Lazy::new(|| Regex::new(r"^[a-zA-Z0-9.-]*$").expect("compile regex")); + impl FederationConfig { /// Returns a new config builder with default values. pub fn builder() -> FederationConfigBuilder { @@ -164,6 +169,9 @@ impl FederationConfig { let Some(domain) = url.domain() else { return Err(Error::UrlVerificationError("Url must have a domain")); }; + if !DOMAIN_REGEX.is_match(domain) { + return Err(Error::UrlVerificationError("Invalid characters in domain").into()); + } // Extra checks only for production mode if !self.debug { diff --git a/src/fetch/webfinger.rs b/src/fetch/webfinger.rs index 85267c5..23a57ce 100644 --- a/src/fetch/webfinger.rs +++ b/src/fetch/webfinger.rs @@ -1,5 +1,5 @@ use crate::{ - config::Data, + config::{Data, DOMAIN_REGEX}, error::Error, fetch::{fetch_object_http_with_accept, object_id::ObjectId}, traits::{Actor, Object}, @@ -53,9 +53,6 @@ where for<'de2> ::Kind: serde::Deserialize<'de2>, ::Error: From + Send + Sync + Display, { - static DOMAIN_REGEX: Lazy = - Lazy::new(|| Regex::new(r"^[a-zA-Z0-9.-]*$").expect("compile regex")); - let (_, domain) = identifier .splitn(2, '@') .collect_tuple()