Limit maximum ActivityPub request and response sizes to a configurable setting

This commit is contained in:
Anthony Wang 2022-06-15 20:43:19 -05:00
parent e9e8a03e08
commit a2d5202d4e
Signed by: a
GPG key ID: BC96B00AEC5F2D76
4 changed files with 7 additions and 1 deletions

View file

@ -2249,6 +2249,9 @@ PATH =
;; Enable/Disable user statistics for nodeinfo if federation is enabled
; SHARE_USER_STATISTICS = true
;;
;; Maximum ActivityPub request and response size (MB)
; MAX_SIZE = 4
;;
;; HTTP signature algorithms
; ALGORITHMS = rsa-sha256, rsa-sha512
;;

View file

@ -1087,6 +1087,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf
- `ENABLED`: **true**: Enable/Disable federation capabilities
- `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled
- `MAX_SIZE`: **4**: Maximum ActivityPub request and response size (MB)
- `ALGORITHMS`: **rsa-sha256, rsa-sha512**: HTTP signature algorithms
- `DIGEST_ALGORITHM`: **SHA-256**: HTTP signature digest algorithm
- `GET_HEADERS`: **(request-target), Date**: GET headers for federation requests

View file

@ -15,6 +15,7 @@ var (
Federation = struct {
Enabled bool
ShareUserStatistics bool
MaxSize int64
Algorithms []string
DigestAlgorithm string
GetHeaders []string
@ -22,6 +23,7 @@ var (
}{
Enabled: true,
ShareUserStatistics: true,
MaxSize: 4,
Algorithms: []string{"rsa-sha256", "rsa-sha512"},
DigestAlgorithm: "SHA-256",
GetHeaders: []string{"(request-target)", "Date"},

View file

@ -61,7 +61,7 @@ func fetch(iri *url.URL) (b []byte, err error) {
err = fmt.Errorf("url IRI fetch [%s] failed with status (%d): %s", iri, resp.StatusCode, resp.Status)
return
}
b, err = io.ReadAll(resp.Body)
b, err = io.ReadAll(io.LimitReader(resp.Body, setting.Federation.MaxSize*(1<<20)))
return
}