mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-20 03:53:17 +00:00
commit
ef58c3b304
5 changed files with 172 additions and 52 deletions
|
@ -33,6 +33,8 @@
|
|||
- Update SearchApiV2Service, improve resolve query logic to better handle remote posts/profiles and local posts/profiles ([c61d0b91](https://github.com/pixelfed/pixelfed/commit/c61d0b91))
|
||||
- Update FollowPipeline, improve follower/following count calculation ([0b515767](https://github.com/pixelfed/pixelfed/commit/0b515767))
|
||||
- Update TransformImports command, increment status_count on profile model ([ba7551d8](https://github.com/pixelfed/pixelfed/commit/ba7551d8))
|
||||
- Update AP Helpers, improve url validation and add optional dns verification, disabled by default ([2bef3e41](https://github.com/pixelfed/pixelfed/commit/2bef3e41))
|
||||
- Update admin users blade view, show last_active_at and other info ([e0b48b29](https://github.com/pixelfed/pixelfed/commit/e0b48b29))
|
||||
- ([](https://github.com/pixelfed/pixelfed/commit/))
|
||||
|
||||
## [v0.11.8 (2023-05-29)](https://github.com/pixelfed/pixelfed/compare/v0.11.7...v0.11.8)
|
||||
|
|
28
app/Services/DomainService.php
Normal file
28
app/Services/DomainService.php
Normal file
|
@ -0,0 +1,28 @@
|
|||
<?php
|
||||
|
||||
namespace App\Services;
|
||||
|
||||
use Illuminate\Support\Facades\Cache;
|
||||
use Illuminate\Support\Facades\Redis;
|
||||
|
||||
class DomainService
|
||||
{
|
||||
const CACHE_KEY = 'pf:services:domains:';
|
||||
|
||||
public static function hasValidDns($domain)
|
||||
{
|
||||
if(!$domain || !strlen($domain) || strpos($domain, '.') == -1) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if(config('security.url.trusted_domains')) {
|
||||
if(in_array($domain, explode(',', config('security.url.trusted_domains')))) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
return Cache::remember(self::CACHE_KEY . 'valid-dns:' . $domain, 14400, function() use($domain) {
|
||||
return count(dns_get_record($domain, DNS_A | DNS_AAAA)) > 0;
|
||||
});
|
||||
}
|
||||
}
|
|
@ -40,6 +40,7 @@ use App\Models\Poll;
|
|||
use Illuminate\Contracts\Cache\LockTimeoutException;
|
||||
use App\Jobs\ProfilePipeline\IncrementPostCount;
|
||||
use App\Jobs\ProfilePipeline\DecrementPostCount;
|
||||
use App\Services\DomainService;
|
||||
use App\Services\UserFilterService;
|
||||
|
||||
class Helpers {
|
||||
|
@ -168,17 +169,24 @@ class Helpers {
|
|||
|
||||
$hash = hash('sha256', $url);
|
||||
$key = "helpers:url:valid:sha256-{$hash}";
|
||||
$ttl = now()->addMinutes(5);
|
||||
|
||||
$valid = Cache::remember($key, $ttl, function() use($url) {
|
||||
$valid = Cache::remember($key, 900, function() use($url) {
|
||||
$localhosts = [
|
||||
'127.0.0.1', 'localhost', '::1'
|
||||
];
|
||||
|
||||
if(mb_substr($url, 0, 8) !== 'https://') {
|
||||
if(strtolower(mb_substr($url, 0, 8)) !== 'https://') {
|
||||
return false;
|
||||
}
|
||||
|
||||
if(substr_count($url, '://') !== 1) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if(mb_substr($url, 0, 8) !== 'https://') {
|
||||
$url = 'https://' . substr($url, 8);
|
||||
}
|
||||
|
||||
$valid = filter_var($url, FILTER_VALIDATE_URL);
|
||||
|
||||
if(!$valid) {
|
||||
|
@ -187,15 +195,12 @@ class Helpers {
|
|||
|
||||
$host = parse_url($valid, PHP_URL_HOST);
|
||||
|
||||
// if(count(dns_get_record($host, DNS_A | DNS_AAAA)) == 0) {
|
||||
// return false;
|
||||
// }
|
||||
if(in_array($host, $localhosts)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if(config('costar.enabled') == true) {
|
||||
if(
|
||||
(config('costar.domain.block') != null && Str::contains($host, config('costar.domain.block')) == true) ||
|
||||
(config('costar.actor.block') != null && in_array($url, config('costar.actor.block')) == true)
|
||||
) {
|
||||
if(config('security.url.verify_dns')) {
|
||||
if(DomainService::hasValidDns($host) === false) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
@ -207,11 +212,6 @@ class Helpers {
|
|||
}
|
||||
}
|
||||
|
||||
|
||||
if(in_array($host, $localhosts)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $url;
|
||||
});
|
||||
|
||||
|
@ -224,7 +224,7 @@ class Helpers {
|
|||
if($url == true) {
|
||||
$domain = config('pixelfed.domain.app');
|
||||
$host = parse_url($url, PHP_URL_HOST);
|
||||
$url = $domain === $host ? $url : false;
|
||||
$url = strtolower($domain) === strtolower($host) ? $url : false;
|
||||
return $url;
|
||||
}
|
||||
return false;
|
||||
|
|
9
config/security.php
Normal file
9
config/security.php
Normal file
|
@ -0,0 +1,9 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
'url' => [
|
||||
'verify_dns' => env('PF_SECURITY_URL_VERIFY_DNS', false),
|
||||
|
||||
'trusted_domains' => env('PF_SECURITY_URL_TRUSTED_DOMAINS', 'pixelfed.social,pixelfed.art,mastodon.social'),
|
||||
]
|
||||
];
|
|
@ -58,42 +58,82 @@
|
|||
<span class="badge badge-danger badge-sm">ADMIN</span>
|
||||
</p>
|
||||
@endif
|
||||
<p class="mb-0 text-center text-muted">
|
||||
Joined {{$profile->created_at->diffForHumans()}}
|
||||
</p>
|
||||
|
||||
<div class="d-flex justify-content-around mt-3">
|
||||
<div class="mb-0">
|
||||
<p class="mb-n2 text-center text-dark font-weight-bold">
|
||||
{{$profile->created_at->diffForHumans()}}
|
||||
</p>
|
||||
<p class="mb-0 text-center text-muted">
|
||||
<span class="small">Joined</span>
|
||||
</p>
|
||||
</div>
|
||||
@if($user->last_active_at)
|
||||
<div class="mb-0">
|
||||
<p class="mb-n2 text-center text-dark font-weight-bold">
|
||||
{{$user->last_active_at->diffForHumans()}}
|
||||
</p>
|
||||
<p class="mb-0 text-center text-muted">
|
||||
<span class="small">Last Active</span>
|
||||
</p>
|
||||
</div>
|
||||
@endif
|
||||
</div>
|
||||
</div>
|
||||
<table class="table mb-0">
|
||||
<tbody>
|
||||
<tr>
|
||||
<th scope="row" class="font-weight-bold text-muted text-uppercase pl-3 small" style="line-height: 2;">bookmarks</th>
|
||||
<td class="text-right font-weight-bold">{{$profile->bookmarks()->count()}}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row" class="font-weight-bold text-muted text-uppercase pl-3 small" style="line-height: 2;">collections</th>
|
||||
<td class="text-right font-weight-bold">{{$profile->collections()->count()}}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row" class="font-weight-bold text-muted text-uppercase pl-3 small" style="line-height: 2;">likes</th>
|
||||
<td class="text-right font-weight-bold">{{$profile->likes()->count()}}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row" class="font-weight-bold text-muted text-uppercase pl-3 small" style="line-height: 2;">reports</th>
|
||||
<td class="text-right font-weight-bold">{{$profile->reports()->count()}}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row" class="font-weight-bold text-muted text-uppercase pl-3 small" style="line-height: 2;">reported</th>
|
||||
<td class="text-right font-weight-bold">{{$profile->reported()->count()}}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row" class="font-weight-bold text-muted text-uppercase pl-3 small" style="line-height: 2;">Active stories</th>
|
||||
<td class="text-right font-weight-bold">{{$profile->stories()->count()}}</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<th scope="row" class="font-weight-bold text-muted text-uppercase pl-3 small" style="line-height: 2;">storage used</th>
|
||||
<td class="text-right font-weight-bold">{{PrettyNumber::size($profile->media()->sum('size'))}}<span class="text-muted"> / {{PrettyNumber::size(config_cache('pixelfed.max_account_size') * 1000)}}</span></td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
|
||||
<div class="list-group list-group-flush details-list">
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">email</p>
|
||||
<p class="details-list-item-value text-truncate" title="{{$user->email}}">{{$user->email}}</p>
|
||||
</div>
|
||||
|
||||
@if($profile->website)
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">website</p>
|
||||
<p class="details-list-item-value text-truncate" title="{{$profile->website}}">{{$profile->website}}</p>
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">bookmarks</p>
|
||||
<p class="details-list-item-value text-truncate">{{$profile->bookmarks()->count()}}</p>
|
||||
</div>
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">collections</p>
|
||||
<p class="details-list-item-value text-truncate">{{$profile->collections()->count()}}</p>
|
||||
</div>
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">likes</p>
|
||||
<p class="details-list-item-value text-truncate">{{$profile->likes()->count()}}</p>
|
||||
</div>
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">reports</p>
|
||||
<p class="details-list-item-value text-truncate">{{$profile->reports()->count()}}</p>
|
||||
</div>
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">reported</p>
|
||||
<p class="details-list-item-value text-truncate">{{$profile->reported()->count()}}</p>
|
||||
</div>
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">active stories</p>
|
||||
<p class="details-list-item-value text-truncate">{{$profile->stories()->count()}}</p>
|
||||
</div>
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">storage used</p>
|
||||
<p class="details-list-item-value text-truncate">{{PrettyNumber::size($profile->media()->sum('size'))}}<span class="text-muted"> / {{PrettyNumber::size(config_cache('pixelfed.max_account_size') * 1000)}}</p>
|
||||
</div>
|
||||
|
||||
<div class="list-group-item details-list-item">
|
||||
<p class="details-list-item-title">bio</p>
|
||||
<p class="details-list-item-value text-wrap text-xs">{{ $profile->bio }}</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col-12 col-md-8">
|
||||
|
@ -119,3 +159,44 @@
|
|||
</div>
|
||||
</div>
|
||||
@endsection
|
||||
|
||||
@push('styles')
|
||||
<style type="text/css">
|
||||
.gap-1 {
|
||||
gap: 5rem;
|
||||
}
|
||||
|
||||
.details-list {
|
||||
|
||||
}
|
||||
|
||||
.details-list-item {
|
||||
display: flex;
|
||||
justify-content: space-between;
|
||||
align-items: center;
|
||||
gap: 5rem;
|
||||
border-left: 0;
|
||||
border-right: 0;
|
||||
}
|
||||
|
||||
.details-list-item-title {
|
||||
margin-bottom: 0;
|
||||
color: #9ca3af !important;
|
||||
text-transform: uppercase !important;
|
||||
font-weight: bold;
|
||||
font-size: 13px;
|
||||
opacity: 0.69;
|
||||
}
|
||||
|
||||
.details-list-item-value {
|
||||
font-size: 15px;
|
||||
font-weight: 600;
|
||||
margin-bottom: 0;
|
||||
}
|
||||
|
||||
.text-xs {
|
||||
font-size: 11px !important;
|
||||
font-weight: normal;
|
||||
}
|
||||
</style>
|
||||
@endpush
|
||||
|
|
Loading…
Reference in a new issue