Merge branch 'bugfix/tesla-safety' into 'develop'
tesla hardening Closes #712 and #672 See merge request pleroma/pleroma!912
This commit is contained in:
commit
5075e8abe5
|
@ -8,8 +8,8 @@ defmodule Pleroma.HTTP.Connection do
|
||||||
"""
|
"""
|
||||||
|
|
||||||
@hackney_options [
|
@hackney_options [
|
||||||
timeout: 10000,
|
connect_timeout: 2_000,
|
||||||
recv_timeout: 20000,
|
recv_timeout: 20_000,
|
||||||
follow_redirect: true,
|
follow_redirect: true,
|
||||||
pool: :federation
|
pool: :federation
|
||||||
]
|
]
|
||||||
|
@ -31,6 +31,10 @@ def new(opts \\ []) do
|
||||||
#
|
#
|
||||||
defp hackney_options(opts) do
|
defp hackney_options(opts) do
|
||||||
options = Keyword.get(opts, :adapter, [])
|
options = Keyword.get(opts, :adapter, [])
|
||||||
@hackney_options ++ options
|
adapter_options = Pleroma.Config.get([:http, :adapter], [])
|
||||||
|
|
||||||
|
@hackney_options
|
||||||
|
|> Keyword.merge(adapter_options)
|
||||||
|
|> Keyword.merge(options)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -27,22 +27,29 @@ defmodule Pleroma.HTTP do
|
||||||
|
|
||||||
"""
|
"""
|
||||||
def request(method, url, body \\ "", headers \\ [], options \\ []) do
|
def request(method, url, body \\ "", headers \\ [], options \\ []) do
|
||||||
options =
|
try do
|
||||||
process_request_options(options)
|
options =
|
||||||
|> process_sni_options(url)
|
process_request_options(options)
|
||||||
|> process_adapter_options()
|
|> process_sni_options(url)
|
||||||
|
|
||||||
params = Keyword.get(options, :params, [])
|
params = Keyword.get(options, :params, [])
|
||||||
|
|
||||||
%{}
|
%{}
|
||||||
|> Builder.method(method)
|
|> Builder.method(method)
|
||||||
|> Builder.headers(headers)
|
|> Builder.headers(headers)
|
||||||
|> Builder.opts(options)
|
|> Builder.opts(options)
|
||||||
|> Builder.url(url)
|
|> Builder.url(url)
|
||||||
|> Builder.add_param(:body, :body, body)
|
|> Builder.add_param(:body, :body, body)
|
||||||
|> Builder.add_param(:query, :query, params)
|
|> Builder.add_param(:query, :query, params)
|
||||||
|> Enum.into([])
|
|> Enum.into([])
|
||||||
|> (&Tesla.request(Connection.new(), &1)).()
|
|> (&Tesla.request(Connection.new(options), &1)).()
|
||||||
|
rescue
|
||||||
|
e ->
|
||||||
|
{:error, e}
|
||||||
|
catch
|
||||||
|
:exit, e ->
|
||||||
|
{:error, e}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp process_sni_options(options, nil), do: options
|
defp process_sni_options(options, nil), do: options
|
||||||
|
@ -57,12 +64,6 @@ defp process_sni_options(options, url) do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def process_adapter_options(options) do
|
|
||||||
adapter_options = Pleroma.Config.get([:http, :adapter], [])
|
|
||||||
|
|
||||||
options ++ [adapter: adapter_options]
|
|
||||||
end
|
|
||||||
|
|
||||||
def process_request_options(options) do
|
def process_request_options(options) do
|
||||||
config = Application.get_env(:pleroma, :http, [])
|
config = Application.get_env(:pleroma, :http, [])
|
||||||
proxy = Keyword.get(config, :proxy_url, nil)
|
proxy = Keyword.get(config, :proxy_url, nil)
|
||||||
|
|
|
@ -1452,7 +1452,6 @@ def suggestions(%{assigns: %{user: user}} = conn, _) do
|
||||||
url,
|
url,
|
||||||
[],
|
[],
|
||||||
adapter: [
|
adapter: [
|
||||||
timeout: timeout,
|
|
||||||
recv_timeout: timeout,
|
recv_timeout: timeout,
|
||||||
pool: :default
|
pool: :default
|
||||||
]
|
]
|
||||||
|
|
|
@ -5,7 +5,6 @@
|
||||||
defmodule Pleroma.Web.RelMe do
|
defmodule Pleroma.Web.RelMe do
|
||||||
@hackney_options [
|
@hackney_options [
|
||||||
pool: :media,
|
pool: :media,
|
||||||
timeout: 2_000,
|
|
||||||
recv_timeout: 2_000,
|
recv_timeout: 2_000,
|
||||||
max_body: 2_000_000
|
max_body: 2_000_000
|
||||||
]
|
]
|
||||||
|
|
|
@ -11,7 +11,6 @@ defmodule Pleroma.Web.RichMedia.Parser do
|
||||||
|
|
||||||
@hackney_options [
|
@hackney_options [
|
||||||
pool: :media,
|
pool: :media,
|
||||||
timeout: 2_000,
|
|
||||||
recv_timeout: 2_000,
|
recv_timeout: 2_000,
|
||||||
max_body: 2_000_000
|
max_body: 2_000_000
|
||||||
]
|
]
|
||||||
|
|
Loading…
Reference in New Issue