Limit maximum ActivityPub request and response sizes to a configurable setting
This commit is contained in:
parent
e9e8a03e08
commit
a2d5202d4e
|
@ -2249,6 +2249,9 @@ PATH =
|
|||
;; Enable/Disable user statistics for nodeinfo if federation is enabled
|
||||
; SHARE_USER_STATISTICS = true
|
||||
;;
|
||||
;; Maximum ActivityPub request and response size (MB)
|
||||
; MAX_SIZE = 4
|
||||
;;
|
||||
;; HTTP signature algorithms
|
||||
; ALGORITHMS = rsa-sha256, rsa-sha512
|
||||
;;
|
||||
|
|
|
@ -1087,6 +1087,7 @@ Task queue configuration has been moved to `queue.task`. However, the below conf
|
|||
|
||||
- `ENABLED`: **true**: Enable/Disable federation capabilities
|
||||
- `SHARE_USER_STATISTICS`: **true**: Enable/Disable user statistics for nodeinfo if federation is enabled
|
||||
- `MAX_SIZE`: **4**: Maximum ActivityPub request and response size (MB)
|
||||
- `ALGORITHMS`: **rsa-sha256, rsa-sha512**: HTTP signature algorithms
|
||||
- `DIGEST_ALGORITHM`: **SHA-256**: HTTP signature digest algorithm
|
||||
- `GET_HEADERS`: **(request-target), Date**: GET headers for federation requests
|
||||
|
|
|
@ -15,6 +15,7 @@ var (
|
|||
Federation = struct {
|
||||
Enabled bool
|
||||
ShareUserStatistics bool
|
||||
MaxSize int64
|
||||
Algorithms []string
|
||||
DigestAlgorithm string
|
||||
GetHeaders []string
|
||||
|
@ -22,6 +23,7 @@ var (
|
|||
}{
|
||||
Enabled: true,
|
||||
ShareUserStatistics: true,
|
||||
MaxSize: 4,
|
||||
Algorithms: []string{"rsa-sha256", "rsa-sha512"},
|
||||
DigestAlgorithm: "SHA-256",
|
||||
GetHeaders: []string{"(request-target)", "Date"},
|
||||
|
|
|
@ -61,7 +61,7 @@ func fetch(iri *url.URL) (b []byte, err error) {
|
|||
err = fmt.Errorf("url IRI fetch [%s] failed with status (%d): %s", iri, resp.StatusCode, resp.Status)
|
||||
return
|
||||
}
|
||||
b, err = io.ReadAll(resp.Body)
|
||||
b, err = io.ReadAll(io.LimitReader(resp.Body, setting.Federation.MaxSize*(1<<20)))
|
||||
return
|
||||
}
|
||||
|
||||
|
|
Reference in a new issue