diff options
author | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-09-25 23:54:30 +0200 |
---|---|---|
committer | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-09-25 23:54:30 +0200 |
commit | 46b7f44bf0162deebdce7f49e04c2a8fe176631a (patch) | |
tree | 52cb415cf6a17c3c74e75c63acab331bc3378c8d /cdn | |
parent | :sparkles: key value config (diff) | |
download | server-46b7f44bf0162deebdce7f49e04c2a8fe176631a.tar.xz |
:lock: XSS content type: html
Diffstat (limited to 'cdn')
-rw-r--r-- | cdn/src/routes/attachments.ts | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/cdn/src/routes/attachments.ts b/cdn/src/routes/attachments.ts index 7c55998b..49ceb1b6 100644 --- a/cdn/src/routes/attachments.ts +++ b/cdn/src/routes/attachments.ts @@ -8,6 +8,13 @@ import imageSize from "image-size"; const router = Router(); +const SANITIZED_CONTENT_TYPE = [ + "text/html", + "text/mhtml", + "multipart/related", + "application/xhtml+xml", +]; + router.post( "/:channel_id", multer.single("file"), @@ -24,7 +31,8 @@ router.post( const id = Snowflake.generate(); const path = `attachments/${channel_id}/${id}/${filename}`; - const endpoint = Config.get()?.cdn.endpoint || "http://localhost:3003"; + const endpoint = + Config.get()?.cdn.endpointPublic || "http://localhost:3003"; await storage.set(path, buffer); var width; @@ -61,8 +69,13 @@ router.get( ); if (!file) throw new HTTPError("File not found"); const type = await FileType.fromBuffer(file); + let content_type = type?.mime || "application/octet-stream"; + + if (SANITIZED_CONTENT_TYPE.includes(content_type)) { + content_type = "application/octet-stream"; + } - res.set("Content-Type", type?.mime); + res.set("Content-Type", content_type); res.set("Cache-Control", "public, max-age=31536000"); return res.send(file); |