auth-fetch: ask to never cache responses
I could have factored out all the lines that set cache headers, but that would have made future merges even more complicated ☹ thanks ShittyCopper for reporting the problem!
This commit is contained in:
dakkar
parent
97dea59e49
commit
6d5d3d9ea1
1 changed files with 39 additions and 16 deletions
|
|
@ -129,6 +129,13 @@ export class ActivityPubServerService {
|
|||
this is also inspired by FireFish's `checkFetch`
|
||||
*/
|
||||
|
||||
/* tell any caching proxy that they should not cache these
|
||||
responses: we wouldn't want the proxy to return a 403 to
|
||||
someone presenting a valid signature, or return a cached
|
||||
response body to someone we've blocked!
|
||||
*/
|
||||
reply.header('Cache-Control', 'private, max-age=0, must-revalidate');
|
||||
|
||||
/* we always allow requests about our instance actor, because when
|
||||
a remote instance needs to check our signature on a request we
|
||||
sent, it will need to fetch information about the user that
|
||||
|
|
@ -322,11 +329,13 @@ export class ActivityPubServerService {
|
|||
|
||||
if (profile.followersVisibility === 'private') {
|
||||
reply.code(403);
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
return;
|
||||
} else if (profile.followersVisibility === 'followers') {
|
||||
reply.code(403);
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
return;
|
||||
}
|
||||
//#endregion
|
||||
|
|
@ -378,7 +387,8 @@ export class ActivityPubServerService {
|
|||
user.followersCount,
|
||||
`${partOf}?page=true`,
|
||||
);
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(rendered));
|
||||
}
|
||||
|
|
@ -416,11 +426,13 @@ export class ActivityPubServerService {
|
|||
|
||||
if (profile.followingVisibility === 'private') {
|
||||
reply.code(403);
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
return;
|
||||
} else if (profile.followingVisibility === 'followers') {
|
||||
reply.code(403);
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=30');
|
||||
return;
|
||||
}
|
||||
//#endregion
|
||||
|
|
@ -472,7 +484,8 @@ export class ActivityPubServerService {
|
|||
user.followingCount,
|
||||
`${partOf}?page=true`,
|
||||
);
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(rendered));
|
||||
}
|
||||
|
|
@ -513,7 +526,8 @@ export class ActivityPubServerService {
|
|||
renderedNotes,
|
||||
);
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(rendered));
|
||||
}
|
||||
|
|
@ -604,7 +618,8 @@ export class ActivityPubServerService {
|
|||
`${partOf}?page=true`,
|
||||
`${partOf}?page=true&since_id=000000000000000000000000`,
|
||||
);
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(rendered));
|
||||
}
|
||||
|
|
@ -617,7 +632,8 @@ export class ActivityPubServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(await this.apRendererService.renderPerson(user as MiLocalUser)));
|
||||
}
|
||||
|
|
@ -707,7 +723,8 @@ export class ActivityPubServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return this.apRendererService.addContext(await this.apRendererService.renderNote(note, false));
|
||||
});
|
||||
|
|
@ -730,7 +747,8 @@ export class ActivityPubServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(await this.packActivity(note)));
|
||||
});
|
||||
|
|
@ -775,7 +793,8 @@ export class ActivityPubServerService {
|
|||
const keypair = await this.userKeypairService.getUserKeypair(user.id);
|
||||
|
||||
if (this.userEntityService.isLocalUser(user)) {
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(this.apRendererService.renderKey(user, keypair)));
|
||||
} else {
|
||||
|
|
@ -825,7 +844,8 @@ export class ActivityPubServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(await this.apRendererService.renderEmoji(emoji)));
|
||||
});
|
||||
|
|
@ -848,7 +868,8 @@ export class ActivityPubServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(await this.apRendererService.renderLike(reaction, note)));
|
||||
});
|
||||
|
|
@ -876,7 +897,8 @@ export class ActivityPubServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(this.apRendererService.renderFollow(follower, followee)));
|
||||
});
|
||||
|
|
@ -913,7 +935,8 @@ export class ActivityPubServerService {
|
|||
return;
|
||||
}
|
||||
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
if (!this.config.checkActivityPubGetSignature)
|
||||
reply.header('Cache-Control', 'public, max-age=180');
|
||||
this.setResponseType(request, reply);
|
||||
return (this.apRendererService.addContext(this.apRendererService.renderFollow(follower, followee)));
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in a new issue