fix(bot): validate url in pk;import
This commit is contained in:
parent
ac5774df3d
commit
2fea773d7e
@ -23,11 +23,8 @@ public static class ContextAvatarExt
|
||||
if (arg.StartsWith("<") && arg.EndsWith(">"))
|
||||
arg = arg.Substring(1, arg.Length - 2);
|
||||
|
||||
if (!Uri.TryCreate(arg, UriKind.Absolute, out var uri))
|
||||
throw Errors.InvalidUrl(arg);
|
||||
|
||||
if (uri.Scheme != "http" && uri.Scheme != "https")
|
||||
throw Errors.InvalidUrl(arg);
|
||||
if (!Core.MiscUtils.TryMatchUri(arg, out var uri))
|
||||
throw Errors.InvalidUrl;
|
||||
|
||||
// ToString URL-decodes, which breaks URLs to spaces; AbsoluteUri doesn't
|
||||
return new ParsedImage { Url = uri.AbsoluteUri, Source = AvatarSource.Url };
|
||||
|
@ -36,6 +36,9 @@ public class ImportExport
|
||||
var url = ctx.RemainderOrNull() ?? ctx.Message.Attachments.FirstOrDefault()?.Url;
|
||||
if (url == null) throw Errors.NoImportFilePassed;
|
||||
|
||||
if (!Core.MiscUtils.TryMatchUri(url, out var _))
|
||||
throw Errors.InvalidUrl;
|
||||
|
||||
await ctx.BusyIndicator(async () =>
|
||||
{
|
||||
JObject data;
|
||||
|
@ -115,7 +115,7 @@ public static class Errors
|
||||
public static PKError AvatarDimensionsTooLarge(int width, int height) => new(
|
||||
$"Image too large ({width}x{height} > {Limits.AvatarDimensionLimit}x{Limits.AvatarDimensionLimit}), try resizing the image.");
|
||||
|
||||
public static PKError InvalidUrl(string url) => new("The given URL is invalid.");
|
||||
public static PKError InvalidUrl => new("The given URL is invalid.");
|
||||
|
||||
public static PKError UrlTooLong(string url) =>
|
||||
new($"The given URL is too long ({url.Length}/{Limits.MaxUriLength} characters).");
|
||||
|
@ -21,7 +21,7 @@ public static class AvatarUtils
|
||||
};
|
||||
|
||||
if (!PluralKit.Core.MiscUtils.TryMatchUri(url, out var uri))
|
||||
throw Errors.InvalidUrl(url);
|
||||
throw Errors.InvalidUrl;
|
||||
|
||||
url = TryRewriteCdnUrl(url);
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user