more security
This commit is contained in:
parent
8d51aae70c
commit
5e582e1990
|
@ -21,16 +21,34 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
|
||||||
!has_emojo(installed_emoji, emojo_shortcode) do
|
!has_emojo(installed_emoji, emojo_shortcode) do
|
||||||
Logger.debug("HANDLING EMOJO")
|
Logger.debug("HANDLING EMOJO")
|
||||||
|
|
||||||
remote_emojo = HTTPoison.get!(emojo_url)
|
cond do
|
||||||
with {:ok, current_dir} <- File.cwd() do
|
String.contains?(emojo_shortcode, "/") ->
|
||||||
new_file = current_dir <> "/priv/static/emoji/stolen/" <> emojo_shortcode <> Path.extname(emojo_url)
|
Logger.error("BAD EMOJO SHORTCODE: #{emojo_shortcode}")
|
||||||
|
|
||||||
{:ok, file} = File.open(new_file, [:write])
|
String.starts_with?(emojo_url, "https://") ->
|
||||||
IO.binwrite(file, remote_emojo.body)
|
try do
|
||||||
File.close(file)
|
remote_emojo = HTTPoison.get!(emojo_url)
|
||||||
Logger.debug("SAVED EMOJO")
|
|
||||||
new_file
|
if remote_emojo.status_code == 200 do
|
||||||
|
with {:ok, current_dir} <- File.cwd() do
|
||||||
|
new_file = current_dir <> "/priv/static/emoji/stolen/" <> emojo_shortcode <> Path.extname(emojo_url)
|
||||||
|
|
||||||
|
{:ok, file} = File.open(new_file, [:write])
|
||||||
|
IO.binwrite(file, remote_emojo.body)
|
||||||
|
File.close(file)
|
||||||
|
Logger.debug("SAVED EMOJO")
|
||||||
|
new_file
|
||||||
|
end
|
||||||
|
end
|
||||||
|
rescue
|
||||||
|
e in RuntimeError -> Logger.error("FAILED TO QUERY REMOTE EMOJO #{emojo_url} #{e}")
|
||||||
|
end
|
||||||
|
|
||||||
|
true ->
|
||||||
|
Logger.error("EMOJO COND FAIL #{emojo_shortcode} #{emojo_url}")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
Logger.debug("EMOJI FILES: #{inspect(new_files)}")
|
Logger.debug("EMOJI FILES: #{inspect(new_files)}")
|
||||||
|
|
Loading…
Reference in New Issue