prosody
c52fcea39c8e

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Changeset

11315:c52fcea39c8e

mod_http_file_share: Add file type filter Unlike mod_http_upload, this can't be bypassed by uploading with a different file extension.
author Kim Alvefur <zash@zash.se>
date Tue, 26 Jan 2021 14:53:43 +0100
parents 11314:7c8b02c5a335
children 11316:ae0461b37fbe
files plugins/mod_http_file_share.lua spec/scansion/http_upload.scs spec/scansion/prosody.cfg.lua
diffstat 3 files changed, 20 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/plugins/mod_http_file_share.lua	Tue Jan 26 14:53:24 2021 +0100
+++ b/plugins/mod_http_file_share.lua	Tue Jan 26 14:53:43 2021 +0100
@@ -29,6 +29,7 @@
 local secret = module:get_option_string(module.name.."_secret", require"util.id".long());
 local external_base_url = module:get_option_string(module.name .. "_base_url");
 local file_size_limit = module:get_option_number(module.name .. "_size_limit", 10 * 1024 * 1024); -- 10 MB
+local file_types = module:get_option_set(module.name .. "_allowed_file_types", {});
 
 local access = module:get_option_set(module.name .. "_access", {});
 
@@ -44,6 +45,7 @@
 local upload_errors = errors.init(module.name, namespace, {
 	access = { "auth"; "forbidden" };
 	filename = { "modify"; "bad-request", "Invalid filename" };
+	filetype = { "modify"; "not-acceptable", "File type not allowed" };
 	filesize = { "modify"; "not-acceptable"; "File too large";
 		st.stanza("file-too-large", {xmlns = namespace}):tag("max-size"):text(tostring(file_size_limit)); };
 });
@@ -63,6 +65,10 @@
 		return false, upload_errors.new("filesize");
 	end
 
+	if not ( file_types:empty() or file_types:contains(filetype) or file_types:contains(filetype:gsub("/.*", "/*")) ) then
+		return false, upload_errors.new("filetype");
+	end
+
 	return true;
 end
 
--- a/spec/scansion/http_upload.scs	Tue Jan 26 14:53:24 2021 +0100
+++ b/spec/scansion/http_upload.scs	Tue Jan 26 14:53:43 2021 +0100
@@ -50,6 +50,19 @@
 		</error>
 	</iq>
 
+Romeo sends:
+	<iq to='upload.localhost' type='get' id='1401d3b5-7973-486f-85b3-3e63d13c7f0e' xml:lang='en'>
+		<request content-type='application/x-executable' filename='evil.exe' xmlns='urn:xmpp:http:upload:0' size='1000'/>
+	</iq>
+
+Romeo receives:
+	<iq id='1401d3b5-7973-486f-85b3-3e63d13c7f0e' from='upload.localhost' type='error'>
+		<error type='modify'>
+			<not-acceptable xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'/>
+			<text xmlns='urn:ietf:params:xml:ns:xmpp-stanzas'>File type not allowed</text>
+		</error>
+	</iq>
+
 Romeo disconnects
 
 # recording ended on 2021-01-27T22:10:46Z
--- a/spec/scansion/prosody.cfg.lua	Tue Jan 26 14:53:24 2021 +0100
+++ b/spec/scansion/prosody.cfg.lua	Tue Jan 26 14:53:43 2021 +0100
@@ -134,3 +134,4 @@
 
 Component "upload.localhost" "http_file_share"
 http_file_share_size_limit = 10000000
+http_file_share_allowed_file_types = { "text/plain", "image/*" }