Changeset

4598:09f0911c735d

mod_ogp: Add the ability to block OGP fetching for certain domains
author JC Brand <jc@opkode.com>
date Tue, 22 Jun 2021 12:25:36 +0200
parents 4597:c858c76d0845
children 4599:06c9c9ef0a51
files mod_ogp/README.markdown mod_ogp/mod_ogp.lua
diffstat 2 files changed, 25 insertions(+), 10 deletions(-) [+]
line wrap: on
line diff
--- a/mod_ogp/README.markdown	Tue Jun 22 11:41:16 2021 +0200
+++ b/mod_ogp/README.markdown	Tue Jun 22 12:25:36 2021 +0200
@@ -20,13 +20,13 @@
 Configuration
 -------------
 
-You can present a whitelist of domains for which OGP metadata will be fetched
-via the `ogp_domain_whitelist` setting.
+You can present an allowlist or denylist of domains for which OGP metadata will be fetched
+via the `ogp_domain_allowlist` and `ogp_domain_denylist` settings repectively.
 
 For example:
 
 ```lua
 Component "muc.example.org" "muc"
   modules_enabled = { "ogp" }
-  ogp_domain_whitelist = { "prosody.im" }
+  ogp_domain_allowlist = { "prosody.im" }
 ```
--- a/mod_ogp/mod_ogp.lua	Tue Jun 22 11:41:16 2021 +0200
+++ b/mod_ogp/mod_ogp.lua	Tue Jun 22 12:25:36 2021 +0200
@@ -5,23 +5,38 @@
 local domain_pattern = '^%w+://([^/]+)'
 local xmlns_fasten = "urn:xmpp:fasten:0"
 local xmlns_xhtml = "http://www.w3.org/1999/xhtml"
-local whitelist = module:get_option_set("ogp_domain_whitelist", {})
+local allowlist = module:get_option_set("ogp_domain_allowlist", module:get_option_set("ogp_domain_whitelist", {}))
+local denylist = module:get_option_set("ogp_domain_denylist", {})
 
 
-local function is_whitelisted(url)
-	if whitelist:empty() then
+local function is_allowed(domain)
+	if allowlist:empty() then
+		return true
+	end
+	if allowlist:contains(domain) then
 		return true
 	end
-	local domain = url:match(domain_pattern)
-	if whitelist:contains(domain) then
-		return true;
+	return false
+end
+
+local function is_denied(domain)
+	if denylist:empty() then
+		return false
+	end
+	if denylist:contains(domain) then
+		return true
 	end
 	return false
 end
 
 
 local function fetch_ogp_data(room, url, origin_id)
-	if not url or not is_whitelisted(url) then
+	if not url then
+		return;
+	end
+
+	local domain = url:match(domain_pattern);
+	if is_denied(domain) or not is_allowed(domain) then
 		return;
 	end