From 6801ce299a3a0016bae08ee8f64602aeb0274659 Mon Sep 17 00:00:00 2001 From: kim Date: Wed, 17 Sep 2025 14:16:53 +0200 Subject: [PATCH] [chore] remove nollamas middleware for now (after discussions with a security advisor) (#4433) i'll keep this on a separate branch for now while i experiment with other possible alternatives, but for now both our hacky implementation especially, and more popular ones (like anubis) aren't looking too great on the deterrent front: https://github.com/eternal-flame-AD/pow-buster Co-authored-by: tobi Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4433 Co-authored-by: kim Co-committed-by: kim --- CONTRIBUTING.md | 1 - docs/admin/robots.md | 2 +- docs/advanced/scraper_deterrence.md | 19 - docs/configuration/advanced.md | 19 - docs/locales/zh/admin/robots.md | 2 +- .../locales/zh/advanced/scraper_deterrence.md | 18 - docs/locales/zh/configuration/advanced.md | 17 - docs/locales/zh/mkdocs.yml | 1 - example/config.yaml | 37 -- internal/config/config.go | 18 +- internal/config/config_test.go | 1 - internal/config/defaults.go | 5 - internal/config/helpers.gen.go | 488 +++++++----------- internal/config/testdata/test3.yaml | 2 - internal/middleware/nollamas.go | 385 -------------- internal/middleware/nollamas_test.go | 178 ------- internal/web/web.go | 6 +- mkdocs.yml | 1 - scripts/bundle_licenses.sh | 3 +- test/envparsing.sh | 4 - testrig/config.go | 5 - web/source/.eslintignore | 1 - web/source/css/nollamas.css | 30 -- web/source/index.js | 18 - web/source/nollamas/index.js | 129 ----- web/source/nollamasworker/index.js | 56 -- web/source/nollamasworker/sha256.js | 113 ---- web/template/nollamas.tmpl | 43 -- 28 files changed, 207 insertions(+), 1395 deletions(-) delete mode 100644 docs/advanced/scraper_deterrence.md delete mode 100644 docs/locales/zh/advanced/scraper_deterrence.md delete mode 100644 internal/middleware/nollamas.go delete mode 100644 internal/middleware/nollamas_test.go delete mode 100644 web/source/css/nollamas.css delete mode 100644 web/source/nollamas/index.js delete mode 100644 web/source/nollamasworker/index.js delete mode 100644 web/source/nollamasworker/sha256.js delete mode 100644 web/template/nollamas.tmpl diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 1a5d94c24..611bea97c 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -439,7 +439,6 @@ By default the standalone testrig uses an in-memory SQLite database, which is fi - `GTS_DB_ADDRESS` - this is set to `:memory:` by default. You can change this to use an sqlite.db file somewhere, or set it to a Postgres address. - `GTS_DB_PORT`, `GTS_DB_USER`, `GTS_DB_PASSWORD`, `GTS_DB_DATABASE`, `GTS_DB_TLS_MODE`, `GTS_DB_TLS_CA_CERT` - you can set these if you change `GTS_DB_ADDRESS` to `postgres` and don't use `GTS_DB_POSTGRES_CONNECTION_STRING`. - `GTS_DB_POSTGRES_CONNECTION_STRING` - use this to provide a Postgres connection string if you don't want to set all the db env variables mentioned in the previous point. -- `GTS_ADVANCED_SCRAPER_DETERRENCE_ENABLED`, `GTS_ADVANCED_SCRAPER_DETERRENCE_DIFFICULTY` - set these if you want to try out the PoW scraper deterrence locally. Using these variables you can also (albeit awkwardly) test migrations from one schema to another. diff --git a/docs/admin/robots.md b/docs/admin/robots.md index 29a02db42..285e41bf9 100644 --- a/docs/admin/robots.md +++ b/docs/admin/robots.md @@ -10,6 +10,6 @@ You can allow or disallow crawlers from collecting stats about your instance fro The AI scrapers come from a [community maintained repository][airobots]. It's manually kept in sync for the time being. If you know of any missing robots, please send them a PR! -A number of AI scrapers are known to ignore entries in `robots.txt` even if it explicitly matches their User-Agent. This means the `robots.txt` file is not a foolproof way of ensuring AI scrapers don't grab your content. In addition to this you might want to look into blocking User-Agents via [requester header filtering](request_filtering_modes.md), and enabling a proof-of-work [scraper deterrence](../advanced/scraper_deterrence.md). +A number of AI scrapers are known to ignore entries in `robots.txt` even if it explicitly matches their User-Agent. This means the `robots.txt` file is not a foolproof way of ensuring AI scrapers don't grab your content. In addition to this you might want to look into blocking User-Agents via [requester header filtering](request_filtering_modes.md). [airobots]: https://github.com/ai-robots-txt/ai.robots.txt/ diff --git a/docs/advanced/scraper_deterrence.md b/docs/advanced/scraper_deterrence.md deleted file mode 100644 index e20e3f6c6..000000000 --- a/docs/advanced/scraper_deterrence.md +++ /dev/null @@ -1,19 +0,0 @@ -# Scraper Deterrence - -GoToSocial provides an optional proof-of-work based scraper and automated HTTP client deterrence that can be enabled on profile and status web views. The way -it works is that it generates a unique but deterministic challenge for each incoming HTTP request based on client information and current time, that-is a hex encoded SHA256 hash. It then asks the client to find an integer addition to a portion of this that will generate an expected encoded hash result. This is served to the client as a minimal holding page with a single JavaScript worker that computes a solution to this. - -The number of hash encode rounds the client is required to complete may be configured, where high values will take the client longer to find a solution and vice-versa. We also instill a certain amount of jitter to make it harder for scrapers to "game" the algorithm. If your challenges take too long to solve, you may deter users from accessing your web pages. And conversely, the longer it takes for a solution to be found, the more you'll be incurring costs for scrapers (and in some cases, causing their operation to time-out). That balance is up to you to configure, hence why this is an advanced feature. - -Once a solution to this challenge has been provided, by refreshing the page with the solution in the query parameter, GoToSocial will verify this solution and on success will return the expected profile / status page with a cookie that provides challenge-less access to the instance for up-to the next hour. - -The outcomes of this, (when enabled), is that it should make scraping of your instance's profile / status pages economically unviable for automated data gathering (e.g. by AI companies, search engines). The only negative, is that it places a requirement on JavaScript being enabled for people to access your profile / status web views. - -This was heavily inspired by the great project that is [anubis], but ultimately we determined we could implement it ourselves with only the features we require, minimal code, and more granularity with our existing authorization / authentication procedures. - -The GoToSocial implementation of this scraper deterrence is still incredibly minimal, so if you're looking for more features or fine-grained control over your deterrence measures then by all means keep ours disabled and stand-up a service like [anubis] in front of your instance! - -!!! warning - This proof-of-work scraper deterrence does not protect user profile RSS feeds due to the extra complexity involved. If you rely on your RSS feed being exposed, this is one such case where [anubis] may be a better fit! - -[anubis]: https://github.com/TecharoHQ/anubis \ No newline at end of file diff --git a/docs/configuration/advanced.md b/docs/configuration/advanced.md index 0b8b3183f..88f4aff67 100644 --- a/docs/configuration/advanced.md +++ b/docs/configuration/advanced.md @@ -182,23 +182,4 @@ advanced-csp-extra-uris: [] # Options: ["block", "allow", ""] # Default: "" advanced-header-filter-mode: "" - -# Bool. Enables a proof-of-work based deterrence against scrapers -# on profile and status web pages. This will generate a unique but -# deterministic challenge for each HTTP client to complete before -# accessing the above mentioned endpoints, on success being given -# a cookie that permits challenge-less access within a 1hr window. -# -# The outcome of this is that it should make scraping of these -# endpoints economically unfeasible, while having a negligible -# performance impact on your own instance. -# -# The downside is that it requires javascript to be enabled. -# -# For more details please check the documentation at: -# https://docs.gotosocial.org/en/latest/admin/scraper_deterrence -# -# Options: [true, false] -# Default: true -advanced-scraper-deterrence: false ``` diff --git a/docs/locales/zh/admin/robots.md b/docs/locales/zh/admin/robots.md index c0c5b81ca..06f395087 100644 --- a/docs/locales/zh/admin/robots.md +++ b/docs/locales/zh/admin/robots.md @@ -10,6 +10,6 @@ GoToSocial 在主域名上提供一个 `robots.txt` 文件。该文件包含试 AI 爬虫来自一个[社区维护的仓库][airobots]。目前是手动保持同步的。如果你知道有任何遗漏的爬虫,请给他们提交一个 PR! -众所周知,很多 AI 爬虫在 `robots.txt` 不允许其 User-Agent 的情况下,仍然会忽略对应规则并继续抓去内容。这意味着 `robots.txt` 文件并不是确保 AI 爬虫不抓取你的内容的万无一失的方法。除此以外,你可能还需要考虑通过[请求标头过滤](request_filtering_modes.md)来阻止对应 User-Agent,以及启用基于工作证明的[爬虫防护](../advanced/scraper_deterrence.md)。 +众所周知,很多 AI 爬虫在 `robots.txt` 不允许其 User-Agent 的情况下,仍然会忽略对应规则并继续抓去内容。这意味着 `robots.txt` 文件并不是确保 AI 爬虫不抓取你的内容的万无一失的方法。除此以外,你可能还需要考虑通过[请求标头过滤](request_filtering_modes.md)来阻止对应 User-Agent。 [airobots]: https://github.com/ai-robots-txt/ai.robots.txt/ diff --git a/docs/locales/zh/advanced/scraper_deterrence.md b/docs/locales/zh/advanced/scraper_deterrence.md deleted file mode 100644 index 69ac8552f..000000000 --- a/docs/locales/zh/advanced/scraper_deterrence.md +++ /dev/null @@ -1,18 +0,0 @@ -# 爬虫防护 - -GoToSocial 提供一个可选的、基于工作量证明的爬虫和自动化 HTTP 客户端防护机制,可在账户页和贴文页的网页视图上启用。 - -它的工作原理是:针对每个传入的 HTTP 请求,系统会根据客户端信息和当前时间生成一个唯一质询(一个十六进制编码的 SHA256 哈希值)。然后,它要求客户端为该质询的一部分找到一个附加值,使(附加值+质询部分)组合计算出的新 SHA256 哈希值(同样为十六进制编码)至少包含 4 个前导 '0' 字符。这个质询会通过一个极简的等待页面呈现给客户端,该页面包含一个独立的 JavaScript worker 来计算解决方案。 - -一旦客户端提供了此质询的解,并通过在查询参数中携带该方案刷新页面,GoToSocial 将验证此方案。验证成功后,服务端会返回用户期望访问的账户或贴文页面,并设置一个 Cookie。该 Cookie 允许用户在接下来最多一小时内免验证访问该实例。 - -启用此功能的目的是让自动化数据收集(例如 AI 公司、搜索引擎)对你实例的账户和贴文页面进行爬取的行为,在经济上变得不可行。唯一的缺点是,用户需要启用 JavaScript 才能访问你的账户和贴文网页视图。 - -这个功能深受优秀的 [anubis] 项目的启发,但我们最终决定自己实现,只包含我们需要的功能,使用最少的代码,并能与我们现有的授权/认证流程实现更细粒度的结合。 - -GoToSocial 实现的这个爬虫防护功能仍然是极其精简的。因此,如果你需要更多功能或对防护措施进行更精细的控制,那么完全可以禁用我们的内置功能,并在你的实例前部署像 [anubis] 这样的服务! - -!!! warning "警告" - 这个基于工作量证明的爬虫防护机制并不保护用户账户页的 RSS feed,因为这会带来额外的复杂性。如果你需要确保 RSS feed 可被访问,那么在这种情况下,[anubis] 可能是更合适的选择! - -[anubis]: https://github.com/TecharoHQ/anubis \ No newline at end of file diff --git a/docs/locales/zh/configuration/advanced.md b/docs/locales/zh/configuration/advanced.md index d9ecab845..c41f3e47d 100644 --- a/docs/locales/zh/configuration/advanced.md +++ b/docs/locales/zh/configuration/advanced.md @@ -149,21 +149,4 @@ advanced-csp-extra-uris: [] # 选项: ["block", "allow", ""] # 默认: "" advanced-header-filter-mode: "" - -# 布尔值。启用基于工作量证明的爬虫威慑机制, -# 作用于账户页和贴文页面。这将为每个 HTTP 客户端生成一个唯一确定 -# 的质询,需要由客户端在访问上述端点时完成。 -# 完成后,客户端会获得一个 Cookie,允许其在 1 小时窗口内免验证访问。 -# -# 这样做的结果是,它理论上使得对这些端点的抓取在经济上变得不可行, -# 同时对你自己的实例的性能影响可以忽略不计。 -# -# 缺点是它要求客户端启用 JavaScript。 -# -# 更多详情请查阅文档: -# https://docs.gotosocial.org/zh-cn/latest/admin/scraper_deterrence -# -# 选项: [true, false] -# 默认值: true -advanced-scraper-deterrence: false ``` \ No newline at end of file diff --git a/docs/locales/zh/mkdocs.yml b/docs/locales/zh/mkdocs.yml index 5a011340d..94f8895ad 100644 --- a/docs/locales/zh/mkdocs.yml +++ b/docs/locales/zh/mkdocs.yml @@ -80,7 +80,6 @@ nav: - "advanced/tracing.md" - "advanced/metrics.md" - "advanced/replicating-sqlite.md" - - "advanced/scraper_deterrence.md" - "advanced/sqlite-networked-storage.md" - "适用进阶场景的构建": - "advanced/builds/nowasm.md" diff --git a/example/config.yaml b/example/config.yaml index a3b9ab5cd..3e7375627 100644 --- a/example/config.yaml +++ b/example/config.yaml @@ -1338,40 +1338,3 @@ advanced-csp-extra-uris: [] # Options: ["block", "allow", ""] # Default: "" advanced-header-filter-mode: "" - -# Bool. Enables a proof-of-work based deterrence against scrapers -# on profile and status web pages. This will generate a unique but -# deterministic challenge for each HTTP client to complete before -# accessing the above mentioned endpoints, on success being given -# a cookie that permits challenge-less access within a 1hr window. -# -# The outcome of this is that it should make scraping of these -# endpoints economically unfeasible, while having a negligible -# performance impact on your own instance. -# -# The downside is that it requires javascript to be enabled. -# -# For more details please check the documentation at: -# https://docs.gotosocial.org/en/latest/advanced/scraper_deterrence -# -# Options: [true, false] -# Default: true -advanced-scraper-deterrence-enabled: false - -# Uint. Allows tweaking the difficulty of the proof-of-work algorithm -# used in the scraper deterrence. This determines roughly how many hash -# encode rounds we require the client to complete to find a solution. -# Higher values will take longer to find solutions for, and vice-versa. -# -# The downside is that if your deterrence takes too long to solve, -# it may deter some users from viewing your web status / profile page. -# And conversely, the longer it takes for a solution to be found, the -# more you'll be incurring increased CPU usage for scrapers, and possibly -# even cause their operation to time out before completion. -# -# For more details please check the documentation at: -# https://docs.gotosocial.org/en/latest/advanced/scraper_deterrence -# -# Examples: [50000, 100000, 500000] -# Default: 100000 -advanced-scraper-deterrence-difficulty: 100000 diff --git a/internal/config/config.go b/internal/config/config.go index 3cab53732..8768584fa 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -279,13 +279,12 @@ type CacheConfiguration struct { } type AdvancedConfig struct { - CookiesSamesite string `name:"cookies-samesite" usage:"'strict' or 'lax', see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite"` - SenderMultiplier int `name:"sender-multiplier" usage:"Multiplier to use per cpu for batching outgoing fedi messages. 0 or less turns batching off (not recommended)."` - CSPExtraURIs []string `name:"csp-extra-uris" usage:"Additional URIs to allow when building content-security-policy for media + images."` - HeaderFilterMode string `name:"header-filter-mode" usage:"Set incoming request header filtering mode."` - RateLimit RateLimitConfig `name:"rate-limit"` - Throttling ThrottlingConfig `name:"throttling"` - ScraperDeterrence ScraperDeterrenceConfig `name:"scraper-deterrence"` + CookiesSamesite string `name:"cookies-samesite" usage:"'strict' or 'lax', see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie/SameSite"` + SenderMultiplier int `name:"sender-multiplier" usage:"Multiplier to use per cpu for batching outgoing fedi messages. 0 or less turns batching off (not recommended)."` + CSPExtraURIs []string `name:"csp-extra-uris" usage:"Additional URIs to allow when building content-security-policy for media + images."` + HeaderFilterMode string `name:"header-filter-mode" usage:"Set incoming request header filtering mode."` + RateLimit RateLimitConfig `name:"rate-limit"` + Throttling ThrottlingConfig `name:"throttling"` } type RateLimitConfig struct { @@ -297,8 +296,3 @@ type ThrottlingConfig struct { Multiplier int `name:"multiplier" usage:"Multiplier to use per cpu for http request throttling. 0 or less turns throttling off."` RetryAfter time.Duration `name:"retry-after" usage:"Retry-After duration response to send for throttled requests."` } - -type ScraperDeterrenceConfig struct { - Enabled bool `name:"enabled" usage:"Enable proof-of-work based scraper deterrence on profile / status pages"` - Difficulty uint32 `name:"difficulty" usage:"The proof-of-work difficulty, which determines roughly how many hash-encode rounds required of each client."` -} diff --git a/internal/config/config_test.go b/internal/config/config_test.go index a23fc20f4..f4e011b16 100644 --- a/internal/config/config_test.go +++ b/internal/config/config_test.go @@ -175,7 +175,6 @@ func TestCLIParsing(t *testing.T) { "--config-path", "testdata/test3.yaml", }, expected: expectedKV( - kv.Field{"advanced-scraper-deterrence-enabled", true}, kv.Field{"advanced-rate-limit-requests", 5000}, ), }, diff --git a/internal/config/defaults.go b/internal/config/defaults.go index f140d7877..e3e3c559c 100644 --- a/internal/config/defaults.go +++ b/internal/config/defaults.go @@ -154,11 +154,6 @@ var Defaults = Configuration{ Multiplier: 8, // 8 open requests per CPU RetryAfter: 30 * time.Second, }, - - ScraperDeterrence: ScraperDeterrenceConfig{ - Enabled: false, - Difficulty: 100000, - }, }, Cache: CacheConfiguration{ diff --git a/internal/config/helpers.gen.go b/internal/config/helpers.gen.go index 9f5d6f39c..d54d72b53 100644 --- a/internal/config/helpers.gen.go +++ b/internal/config/helpers.gen.go @@ -136,8 +136,6 @@ const ( AdvancedRateLimitExceptionsFlag = "advanced-rate-limit-exceptions" AdvancedThrottlingMultiplierFlag = "advanced-throttling-multiplier" AdvancedThrottlingRetryAfterFlag = "advanced-throttling-retry-after" - AdvancedScraperDeterrenceEnabledFlag = "advanced-scraper-deterrence-enabled" - AdvancedScraperDeterrenceDifficultyFlag = "advanced-scraper-deterrence-difficulty" HTTPClientAllowIPsFlag = "http-client-allow-ips" HTTPClientBlockIPsFlag = "http-client-block-ips" HTTPClientTimeoutFlag = "http-client-timeout" @@ -336,8 +334,6 @@ func (cfg *Configuration) RegisterFlags(flags *pflag.FlagSet) { flags.StringSlice("advanced-rate-limit-exceptions", cfg.Advanced.RateLimit.Exceptions.Strings(), "Slice of CIDRs to exclude from rate limit restrictions.") flags.Int("advanced-throttling-multiplier", cfg.Advanced.Throttling.Multiplier, "Multiplier to use per cpu for http request throttling. 0 or less turns throttling off.") flags.Duration("advanced-throttling-retry-after", cfg.Advanced.Throttling.RetryAfter, "Retry-After duration response to send for throttled requests.") - flags.Bool("advanced-scraper-deterrence-enabled", cfg.Advanced.ScraperDeterrence.Enabled, "Enable proof-of-work based scraper deterrence on profile / status pages") - flags.Uint32("advanced-scraper-deterrence-difficulty", cfg.Advanced.ScraperDeterrence.Difficulty, "The proof-of-work difficulty, which determines roughly how many hash-encode rounds required of each client.") flags.StringSlice("http-client-allow-ips", cfg.HTTPClient.AllowIPs, "") flags.StringSlice("http-client-block-ips", cfg.HTTPClient.BlockIPs, "") flags.Duration("http-client-timeout", cfg.HTTPClient.Timeout, "") @@ -420,7 +416,7 @@ func (cfg *Configuration) RegisterFlags(flags *pflag.FlagSet) { } func (cfg *Configuration) MarshalMap() map[string]any { - cfgmap := make(map[string]any, 197) + cfgmap := make(map[string]any, 195) cfgmap["log-level"] = cfg.LogLevel cfgmap["log-format"] = cfg.LogFormat cfgmap["log-timestamp-format"] = cfg.LogTimestampFormat @@ -528,8 +524,6 @@ func (cfg *Configuration) MarshalMap() map[string]any { cfgmap["advanced-rate-limit-exceptions"] = cfg.Advanced.RateLimit.Exceptions.Strings() cfgmap["advanced-throttling-multiplier"] = cfg.Advanced.Throttling.Multiplier cfgmap["advanced-throttling-retry-after"] = cfg.Advanced.Throttling.RetryAfter - cfgmap["advanced-scraper-deterrence-enabled"] = cfg.Advanced.ScraperDeterrence.Enabled - cfgmap["advanced-scraper-deterrence-difficulty"] = cfg.Advanced.ScraperDeterrence.Difficulty cfgmap["http-client-allow-ips"] = cfg.HTTPClient.AllowIPs cfgmap["http-client-block-ips"] = cfg.HTTPClient.BlockIPs cfgmap["http-client-timeout"] = cfg.HTTPClient.Timeout @@ -1496,22 +1490,6 @@ func (cfg *Configuration) UnmarshalMap(cfgmap map[string]any) error { } } - if ival, ok := cfgmap["advanced-scraper-deterrence-enabled"]; ok { - var err error - cfg.Advanced.ScraperDeterrence.Enabled, err = cast.ToBoolE(ival) - if err != nil { - return fmt.Errorf("error casting %#v -> bool for 'advanced-scraper-deterrence-enabled': %w", ival, err) - } - } - - if ival, ok := cfgmap["advanced-scraper-deterrence-difficulty"]; ok { - var err error - cfg.Advanced.ScraperDeterrence.Difficulty, err = cast.ToUint32E(ival) - if err != nil { - return fmt.Errorf("error casting %#v -> uint32 for 'advanced-scraper-deterrence-difficulty': %w", ival, err) - } - } - if ival, ok := cfgmap["http-client-allow-ips"]; ok { var err error cfg.HTTPClient.AllowIPs, err = toStringSlice(ival) @@ -2245,7 +2223,7 @@ func (st *ConfigState) GetLogLevel() (v string) { st.mutex.RLock() v = st.config.LogLevel st.mutex.RUnlock() - return + return v } // SetLogLevel safely sets the Configuration value for state's 'LogLevel' field @@ -2267,7 +2245,7 @@ func (st *ConfigState) GetLogFormat() (v string) { st.mutex.RLock() v = st.config.LogFormat st.mutex.RUnlock() - return + return v } // SetLogFormat safely sets the Configuration value for state's 'LogFormat' field @@ -2289,7 +2267,7 @@ func (st *ConfigState) GetLogTimestampFormat() (v string) { st.mutex.RLock() v = st.config.LogTimestampFormat st.mutex.RUnlock() - return + return v } // SetLogTimestampFormat safely sets the Configuration value for state's 'LogTimestampFormat' field @@ -2311,7 +2289,7 @@ func (st *ConfigState) GetLogDbQueries() (v bool) { st.mutex.RLock() v = st.config.LogDbQueries st.mutex.RUnlock() - return + return v } // SetLogDbQueries safely sets the Configuration value for state's 'LogDbQueries' field @@ -2333,7 +2311,7 @@ func (st *ConfigState) GetLogClientIP() (v bool) { st.mutex.RLock() v = st.config.LogClientIP st.mutex.RUnlock() - return + return v } // SetLogClientIP safely sets the Configuration value for state's 'LogClientIP' field @@ -2355,7 +2333,7 @@ func (st *ConfigState) GetRequestIDHeader() (v string) { st.mutex.RLock() v = st.config.RequestIDHeader st.mutex.RUnlock() - return + return v } // SetRequestIDHeader safely sets the Configuration value for state's 'RequestIDHeader' field @@ -2377,7 +2355,7 @@ func (st *ConfigState) GetConfigPath() (v string) { st.mutex.RLock() v = st.config.ConfigPath st.mutex.RUnlock() - return + return v } // SetConfigPath safely sets the Configuration value for state's 'ConfigPath' field @@ -2399,7 +2377,7 @@ func (st *ConfigState) GetApplicationName() (v string) { st.mutex.RLock() v = st.config.ApplicationName st.mutex.RUnlock() - return + return v } // SetApplicationName safely sets the Configuration value for state's 'ApplicationName' field @@ -2421,7 +2399,7 @@ func (st *ConfigState) GetLandingPageUser() (v string) { st.mutex.RLock() v = st.config.LandingPageUser st.mutex.RUnlock() - return + return v } // SetLandingPageUser safely sets the Configuration value for state's 'LandingPageUser' field @@ -2443,7 +2421,7 @@ func (st *ConfigState) GetHost() (v string) { st.mutex.RLock() v = st.config.Host st.mutex.RUnlock() - return + return v } // SetHost safely sets the Configuration value for state's 'Host' field @@ -2465,7 +2443,7 @@ func (st *ConfigState) GetAccountDomain() (v string) { st.mutex.RLock() v = st.config.AccountDomain st.mutex.RUnlock() - return + return v } // SetAccountDomain safely sets the Configuration value for state's 'AccountDomain' field @@ -2487,7 +2465,7 @@ func (st *ConfigState) GetProtocol() (v string) { st.mutex.RLock() v = st.config.Protocol st.mutex.RUnlock() - return + return v } // SetProtocol safely sets the Configuration value for state's 'Protocol' field @@ -2509,7 +2487,7 @@ func (st *ConfigState) GetBindAddress() (v string) { st.mutex.RLock() v = st.config.BindAddress st.mutex.RUnlock() - return + return v } // SetBindAddress safely sets the Configuration value for state's 'BindAddress' field @@ -2531,7 +2509,7 @@ func (st *ConfigState) GetPort() (v int) { st.mutex.RLock() v = st.config.Port st.mutex.RUnlock() - return + return v } // SetPort safely sets the Configuration value for state's 'Port' field @@ -2553,7 +2531,7 @@ func (st *ConfigState) GetTrustedProxies() (v []string) { st.mutex.RLock() v = st.config.TrustedProxies st.mutex.RUnlock() - return + return v } // SetTrustedProxies safely sets the Configuration value for state's 'TrustedProxies' field @@ -2575,7 +2553,7 @@ func (st *ConfigState) GetSoftwareVersion() (v string) { st.mutex.RLock() v = st.config.SoftwareVersion st.mutex.RUnlock() - return + return v } // SetSoftwareVersion safely sets the Configuration value for state's 'SoftwareVersion' field @@ -2597,7 +2575,7 @@ func (st *ConfigState) GetDbType() (v string) { st.mutex.RLock() v = st.config.DbType st.mutex.RUnlock() - return + return v } // SetDbType safely sets the Configuration value for state's 'DbType' field @@ -2619,7 +2597,7 @@ func (st *ConfigState) GetDbAddress() (v string) { st.mutex.RLock() v = st.config.DbAddress st.mutex.RUnlock() - return + return v } // SetDbAddress safely sets the Configuration value for state's 'DbAddress' field @@ -2641,7 +2619,7 @@ func (st *ConfigState) GetDbPort() (v int) { st.mutex.RLock() v = st.config.DbPort st.mutex.RUnlock() - return + return v } // SetDbPort safely sets the Configuration value for state's 'DbPort' field @@ -2663,7 +2641,7 @@ func (st *ConfigState) GetDbUser() (v string) { st.mutex.RLock() v = st.config.DbUser st.mutex.RUnlock() - return + return v } // SetDbUser safely sets the Configuration value for state's 'DbUser' field @@ -2685,7 +2663,7 @@ func (st *ConfigState) GetDbPassword() (v string) { st.mutex.RLock() v = st.config.DbPassword st.mutex.RUnlock() - return + return v } // SetDbPassword safely sets the Configuration value for state's 'DbPassword' field @@ -2707,7 +2685,7 @@ func (st *ConfigState) GetDbDatabase() (v string) { st.mutex.RLock() v = st.config.DbDatabase st.mutex.RUnlock() - return + return v } // SetDbDatabase safely sets the Configuration value for state's 'DbDatabase' field @@ -2729,7 +2707,7 @@ func (st *ConfigState) GetDbTLSMode() (v string) { st.mutex.RLock() v = st.config.DbTLSMode st.mutex.RUnlock() - return + return v } // SetDbTLSMode safely sets the Configuration value for state's 'DbTLSMode' field @@ -2751,7 +2729,7 @@ func (st *ConfigState) GetDbTLSCACert() (v string) { st.mutex.RLock() v = st.config.DbTLSCACert st.mutex.RUnlock() - return + return v } // SetDbTLSCACert safely sets the Configuration value for state's 'DbTLSCACert' field @@ -2773,7 +2751,7 @@ func (st *ConfigState) GetDbMaxOpenConnsMultiplier() (v int) { st.mutex.RLock() v = st.config.DbMaxOpenConnsMultiplier st.mutex.RUnlock() - return + return v } // SetDbMaxOpenConnsMultiplier safely sets the Configuration value for state's 'DbMaxOpenConnsMultiplier' field @@ -2795,7 +2773,7 @@ func (st *ConfigState) GetDbSqliteJournalMode() (v string) { st.mutex.RLock() v = st.config.DbSqliteJournalMode st.mutex.RUnlock() - return + return v } // SetDbSqliteJournalMode safely sets the Configuration value for state's 'DbSqliteJournalMode' field @@ -2817,7 +2795,7 @@ func (st *ConfigState) GetDbSqliteSynchronous() (v string) { st.mutex.RLock() v = st.config.DbSqliteSynchronous st.mutex.RUnlock() - return + return v } // SetDbSqliteSynchronous safely sets the Configuration value for state's 'DbSqliteSynchronous' field @@ -2839,7 +2817,7 @@ func (st *ConfigState) GetDbSqliteCacheSize() (v bytesize.Size) { st.mutex.RLock() v = st.config.DbSqliteCacheSize st.mutex.RUnlock() - return + return v } // SetDbSqliteCacheSize safely sets the Configuration value for state's 'DbSqliteCacheSize' field @@ -2861,7 +2839,7 @@ func (st *ConfigState) GetDbSqliteBusyTimeout() (v time.Duration) { st.mutex.RLock() v = st.config.DbSqliteBusyTimeout st.mutex.RUnlock() - return + return v } // SetDbSqliteBusyTimeout safely sets the Configuration value for state's 'DbSqliteBusyTimeout' field @@ -2883,7 +2861,7 @@ func (st *ConfigState) GetDbPostgresConnectionString() (v string) { st.mutex.RLock() v = st.config.DbPostgresConnectionString st.mutex.RUnlock() - return + return v } // SetDbPostgresConnectionString safely sets the Configuration value for state's 'DbPostgresConnectionString' field @@ -2905,7 +2883,7 @@ func (st *ConfigState) GetWebTemplateBaseDir() (v string) { st.mutex.RLock() v = st.config.WebTemplateBaseDir st.mutex.RUnlock() - return + return v } // SetWebTemplateBaseDir safely sets the Configuration value for state's 'WebTemplateBaseDir' field @@ -2927,7 +2905,7 @@ func (st *ConfigState) GetWebAssetBaseDir() (v string) { st.mutex.RLock() v = st.config.WebAssetBaseDir st.mutex.RUnlock() - return + return v } // SetWebAssetBaseDir safely sets the Configuration value for state's 'WebAssetBaseDir' field @@ -2949,7 +2927,7 @@ func (st *ConfigState) GetInstanceFederationMode() (v string) { st.mutex.RLock() v = st.config.InstanceFederationMode st.mutex.RUnlock() - return + return v } // SetInstanceFederationMode safely sets the Configuration value for state's 'InstanceFederationMode' field @@ -2971,7 +2949,7 @@ func (st *ConfigState) GetInstanceFederationSpamFilter() (v bool) { st.mutex.RLock() v = st.config.InstanceFederationSpamFilter st.mutex.RUnlock() - return + return v } // SetInstanceFederationSpamFilter safely sets the Configuration value for state's 'InstanceFederationSpamFilter' field @@ -2993,7 +2971,7 @@ func (st *ConfigState) GetInstanceExposePeers() (v bool) { st.mutex.RLock() v = st.config.InstanceExposePeers st.mutex.RUnlock() - return + return v } // SetInstanceExposePeers safely sets the Configuration value for state's 'InstanceExposePeers' field @@ -3015,7 +2993,7 @@ func (st *ConfigState) GetInstanceExposeBlocklist() (v bool) { st.mutex.RLock() v = st.config.InstanceExposeBlocklist st.mutex.RUnlock() - return + return v } // SetInstanceExposeBlocklist safely sets the Configuration value for state's 'InstanceExposeBlocklist' field @@ -3037,7 +3015,7 @@ func (st *ConfigState) GetInstanceExposeBlocklistWeb() (v bool) { st.mutex.RLock() v = st.config.InstanceExposeBlocklistWeb st.mutex.RUnlock() - return + return v } // SetInstanceExposeBlocklistWeb safely sets the Configuration value for state's 'InstanceExposeBlocklistWeb' field @@ -3059,7 +3037,7 @@ func (st *ConfigState) GetInstanceExposeAllowlist() (v bool) { st.mutex.RLock() v = st.config.InstanceExposeAllowlist st.mutex.RUnlock() - return + return v } // SetInstanceExposeAllowlist safely sets the Configuration value for state's 'InstanceExposeAllowlist' field @@ -3081,7 +3059,7 @@ func (st *ConfigState) GetInstanceExposeAllowlistWeb() (v bool) { st.mutex.RLock() v = st.config.InstanceExposeAllowlistWeb st.mutex.RUnlock() - return + return v } // SetInstanceExposeAllowlistWeb safely sets the Configuration value for state's 'InstanceExposeAllowlistWeb' field @@ -3103,7 +3081,7 @@ func (st *ConfigState) GetInstanceExposePublicTimeline() (v bool) { st.mutex.RLock() v = st.config.InstanceExposePublicTimeline st.mutex.RUnlock() - return + return v } // SetInstanceExposePublicTimeline safely sets the Configuration value for state's 'InstanceExposePublicTimeline' field @@ -3125,7 +3103,7 @@ func (st *ConfigState) GetInstanceExposeCustomEmojis() (v bool) { st.mutex.RLock() v = st.config.InstanceExposeCustomEmojis st.mutex.RUnlock() - return + return v } // SetInstanceExposeCustomEmojis safely sets the Configuration value for state's 'InstanceExposeCustomEmojis' field @@ -3147,7 +3125,7 @@ func (st *ConfigState) GetInstanceDeliverToSharedInboxes() (v bool) { st.mutex.RLock() v = st.config.InstanceDeliverToSharedInboxes st.mutex.RUnlock() - return + return v } // SetInstanceDeliverToSharedInboxes safely sets the Configuration value for state's 'InstanceDeliverToSharedInboxes' field @@ -3169,7 +3147,7 @@ func (st *ConfigState) GetInstanceInjectMastodonVersion() (v bool) { st.mutex.RLock() v = st.config.InstanceInjectMastodonVersion st.mutex.RUnlock() - return + return v } // SetInstanceInjectMastodonVersion safely sets the Configuration value for state's 'InstanceInjectMastodonVersion' field @@ -3191,7 +3169,7 @@ func (st *ConfigState) GetInstanceLanguages() (v language.Languages) { st.mutex.RLock() v = st.config.InstanceLanguages st.mutex.RUnlock() - return + return v } // SetInstanceLanguages safely sets the Configuration value for state's 'InstanceLanguages' field @@ -3213,7 +3191,7 @@ func (st *ConfigState) GetInstanceSubscriptionsProcessFrom() (v string) { st.mutex.RLock() v = st.config.InstanceSubscriptionsProcessFrom st.mutex.RUnlock() - return + return v } // SetInstanceSubscriptionsProcessFrom safely sets the Configuration value for state's 'InstanceSubscriptionsProcessFrom' field @@ -3237,7 +3215,7 @@ func (st *ConfigState) GetInstanceSubscriptionsProcessEvery() (v time.Duration) st.mutex.RLock() v = st.config.InstanceSubscriptionsProcessEvery st.mutex.RUnlock() - return + return v } // SetInstanceSubscriptionsProcessEvery safely sets the Configuration value for state's 'InstanceSubscriptionsProcessEvery' field @@ -3263,7 +3241,7 @@ func (st *ConfigState) GetInstanceStatsMode() (v string) { st.mutex.RLock() v = st.config.InstanceStatsMode st.mutex.RUnlock() - return + return v } // SetInstanceStatsMode safely sets the Configuration value for state's 'InstanceStatsMode' field @@ -3285,7 +3263,7 @@ func (st *ConfigState) GetInstanceAllowBackdatingStatuses() (v bool) { st.mutex.RLock() v = st.config.InstanceAllowBackdatingStatuses st.mutex.RUnlock() - return + return v } // SetInstanceAllowBackdatingStatuses safely sets the Configuration value for state's 'InstanceAllowBackdatingStatuses' field @@ -3307,7 +3285,7 @@ func (st *ConfigState) GetAccountsRegistrationOpen() (v bool) { st.mutex.RLock() v = st.config.AccountsRegistrationOpen st.mutex.RUnlock() - return + return v } // SetAccountsRegistrationOpen safely sets the Configuration value for state's 'AccountsRegistrationOpen' field @@ -3329,7 +3307,7 @@ func (st *ConfigState) GetAccountsReasonRequired() (v bool) { st.mutex.RLock() v = st.config.AccountsReasonRequired st.mutex.RUnlock() - return + return v } // SetAccountsReasonRequired safely sets the Configuration value for state's 'AccountsReasonRequired' field @@ -3351,7 +3329,7 @@ func (st *ConfigState) GetAccountsRegistrationDailyLimit() (v int) { st.mutex.RLock() v = st.config.AccountsRegistrationDailyLimit st.mutex.RUnlock() - return + return v } // SetAccountsRegistrationDailyLimit safely sets the Configuration value for state's 'AccountsRegistrationDailyLimit' field @@ -3373,7 +3351,7 @@ func (st *ConfigState) GetAccountsRegistrationBacklogLimit() (v int) { st.mutex.RLock() v = st.config.AccountsRegistrationBacklogLimit st.mutex.RUnlock() - return + return v } // SetAccountsRegistrationBacklogLimit safely sets the Configuration value for state's 'AccountsRegistrationBacklogLimit' field @@ -3395,7 +3373,7 @@ func (st *ConfigState) GetAccountsAllowCustomCSS() (v bool) { st.mutex.RLock() v = st.config.AccountsAllowCustomCSS st.mutex.RUnlock() - return + return v } // SetAccountsAllowCustomCSS safely sets the Configuration value for state's 'AccountsAllowCustomCSS' field @@ -3417,7 +3395,7 @@ func (st *ConfigState) GetAccountsCustomCSSLength() (v int) { st.mutex.RLock() v = st.config.AccountsCustomCSSLength st.mutex.RUnlock() - return + return v } // SetAccountsCustomCSSLength safely sets the Configuration value for state's 'AccountsCustomCSSLength' field @@ -3439,7 +3417,7 @@ func (st *ConfigState) GetAccountsMaxProfileFields() (v int) { st.mutex.RLock() v = st.config.AccountsMaxProfileFields st.mutex.RUnlock() - return + return v } // SetAccountsMaxProfileFields safely sets the Configuration value for state's 'AccountsMaxProfileFields' field @@ -3461,7 +3439,7 @@ func (st *ConfigState) GetStorageBackend() (v string) { st.mutex.RLock() v = st.config.StorageBackend st.mutex.RUnlock() - return + return v } // SetStorageBackend safely sets the Configuration value for state's 'StorageBackend' field @@ -3483,7 +3461,7 @@ func (st *ConfigState) GetStorageLocalBasePath() (v string) { st.mutex.RLock() v = st.config.StorageLocalBasePath st.mutex.RUnlock() - return + return v } // SetStorageLocalBasePath safely sets the Configuration value for state's 'StorageLocalBasePath' field @@ -3505,7 +3483,7 @@ func (st *ConfigState) GetStorageS3Endpoint() (v string) { st.mutex.RLock() v = st.config.StorageS3Endpoint st.mutex.RUnlock() - return + return v } // SetStorageS3Endpoint safely sets the Configuration value for state's 'StorageS3Endpoint' field @@ -3527,7 +3505,7 @@ func (st *ConfigState) GetStorageS3AccessKey() (v string) { st.mutex.RLock() v = st.config.StorageS3AccessKey st.mutex.RUnlock() - return + return v } // SetStorageS3AccessKey safely sets the Configuration value for state's 'StorageS3AccessKey' field @@ -3549,7 +3527,7 @@ func (st *ConfigState) GetStorageS3SecretKey() (v string) { st.mutex.RLock() v = st.config.StorageS3SecretKey st.mutex.RUnlock() - return + return v } // SetStorageS3SecretKey safely sets the Configuration value for state's 'StorageS3SecretKey' field @@ -3571,7 +3549,7 @@ func (st *ConfigState) GetStorageS3UseSSL() (v bool) { st.mutex.RLock() v = st.config.StorageS3UseSSL st.mutex.RUnlock() - return + return v } // SetStorageS3UseSSL safely sets the Configuration value for state's 'StorageS3UseSSL' field @@ -3593,7 +3571,7 @@ func (st *ConfigState) GetStorageS3BucketName() (v string) { st.mutex.RLock() v = st.config.StorageS3BucketName st.mutex.RUnlock() - return + return v } // SetStorageS3BucketName safely sets the Configuration value for state's 'StorageS3BucketName' field @@ -3615,7 +3593,7 @@ func (st *ConfigState) GetStorageS3Proxy() (v bool) { st.mutex.RLock() v = st.config.StorageS3Proxy st.mutex.RUnlock() - return + return v } // SetStorageS3Proxy safely sets the Configuration value for state's 'StorageS3Proxy' field @@ -3637,7 +3615,7 @@ func (st *ConfigState) GetStorageS3RedirectURL() (v string) { st.mutex.RLock() v = st.config.StorageS3RedirectURL st.mutex.RUnlock() - return + return v } // SetStorageS3RedirectURL safely sets the Configuration value for state's 'StorageS3RedirectURL' field @@ -3659,7 +3637,7 @@ func (st *ConfigState) GetStorageS3BucketLookup() (v string) { st.mutex.RLock() v = st.config.StorageS3BucketLookup st.mutex.RUnlock() - return + return v } // SetStorageS3BucketLookup safely sets the Configuration value for state's 'StorageS3BucketLookup' field @@ -3681,7 +3659,7 @@ func (st *ConfigState) GetStorageS3KeyPrefix() (v string) { st.mutex.RLock() v = st.config.StorageS3KeyPrefix st.mutex.RUnlock() - return + return v } // SetStorageS3KeyPrefix safely sets the Configuration value for state's 'StorageS3KeyPrefix' field @@ -3703,7 +3681,7 @@ func (st *ConfigState) GetStatusesMaxChars() (v int) { st.mutex.RLock() v = st.config.StatusesMaxChars st.mutex.RUnlock() - return + return v } // SetStatusesMaxChars safely sets the Configuration value for state's 'StatusesMaxChars' field @@ -3725,7 +3703,7 @@ func (st *ConfigState) GetStatusesPollMaxOptions() (v int) { st.mutex.RLock() v = st.config.StatusesPollMaxOptions st.mutex.RUnlock() - return + return v } // SetStatusesPollMaxOptions safely sets the Configuration value for state's 'StatusesPollMaxOptions' field @@ -3747,7 +3725,7 @@ func (st *ConfigState) GetStatusesPollOptionMaxChars() (v int) { st.mutex.RLock() v = st.config.StatusesPollOptionMaxChars st.mutex.RUnlock() - return + return v } // SetStatusesPollOptionMaxChars safely sets the Configuration value for state's 'StatusesPollOptionMaxChars' field @@ -3769,7 +3747,7 @@ func (st *ConfigState) GetStatusesMediaMaxFiles() (v int) { st.mutex.RLock() v = st.config.StatusesMediaMaxFiles st.mutex.RUnlock() - return + return v } // SetStatusesMediaMaxFiles safely sets the Configuration value for state's 'StatusesMediaMaxFiles' field @@ -3791,7 +3769,7 @@ func (st *ConfigState) GetScheduledStatusesMaxTotal() (v int) { st.mutex.RLock() v = st.config.ScheduledStatusesMaxTotal st.mutex.RUnlock() - return + return v } // SetScheduledStatusesMaxTotal safely sets the Configuration value for state's 'ScheduledStatusesMaxTotal' field @@ -3813,7 +3791,7 @@ func (st *ConfigState) GetScheduledStatusesMaxDaily() (v int) { st.mutex.RLock() v = st.config.ScheduledStatusesMaxDaily st.mutex.RUnlock() - return + return v } // SetScheduledStatusesMaxDaily safely sets the Configuration value for state's 'ScheduledStatusesMaxDaily' field @@ -3835,7 +3813,7 @@ func (st *ConfigState) GetLetsEncryptEnabled() (v bool) { st.mutex.RLock() v = st.config.LetsEncryptEnabled st.mutex.RUnlock() - return + return v } // SetLetsEncryptEnabled safely sets the Configuration value for state's 'LetsEncryptEnabled' field @@ -3857,7 +3835,7 @@ func (st *ConfigState) GetLetsEncryptPort() (v int) { st.mutex.RLock() v = st.config.LetsEncryptPort st.mutex.RUnlock() - return + return v } // SetLetsEncryptPort safely sets the Configuration value for state's 'LetsEncryptPort' field @@ -3879,7 +3857,7 @@ func (st *ConfigState) GetLetsEncryptCertDir() (v string) { st.mutex.RLock() v = st.config.LetsEncryptCertDir st.mutex.RUnlock() - return + return v } // SetLetsEncryptCertDir safely sets the Configuration value for state's 'LetsEncryptCertDir' field @@ -3901,7 +3879,7 @@ func (st *ConfigState) GetLetsEncryptEmailAddress() (v string) { st.mutex.RLock() v = st.config.LetsEncryptEmailAddress st.mutex.RUnlock() - return + return v } // SetLetsEncryptEmailAddress safely sets the Configuration value for state's 'LetsEncryptEmailAddress' field @@ -3923,7 +3901,7 @@ func (st *ConfigState) GetTLSCertificateChain() (v string) { st.mutex.RLock() v = st.config.TLSCertificateChain st.mutex.RUnlock() - return + return v } // SetTLSCertificateChain safely sets the Configuration value for state's 'TLSCertificateChain' field @@ -3945,7 +3923,7 @@ func (st *ConfigState) GetTLSCertificateKey() (v string) { st.mutex.RLock() v = st.config.TLSCertificateKey st.mutex.RUnlock() - return + return v } // SetTLSCertificateKey safely sets the Configuration value for state's 'TLSCertificateKey' field @@ -3967,7 +3945,7 @@ func (st *ConfigState) GetOIDCEnabled() (v bool) { st.mutex.RLock() v = st.config.OIDCEnabled st.mutex.RUnlock() - return + return v } // SetOIDCEnabled safely sets the Configuration value for state's 'OIDCEnabled' field @@ -3989,7 +3967,7 @@ func (st *ConfigState) GetOIDCIdpName() (v string) { st.mutex.RLock() v = st.config.OIDCIdpName st.mutex.RUnlock() - return + return v } // SetOIDCIdpName safely sets the Configuration value for state's 'OIDCIdpName' field @@ -4011,7 +3989,7 @@ func (st *ConfigState) GetOIDCSkipVerification() (v bool) { st.mutex.RLock() v = st.config.OIDCSkipVerification st.mutex.RUnlock() - return + return v } // SetOIDCSkipVerification safely sets the Configuration value for state's 'OIDCSkipVerification' field @@ -4033,7 +4011,7 @@ func (st *ConfigState) GetOIDCIssuer() (v string) { st.mutex.RLock() v = st.config.OIDCIssuer st.mutex.RUnlock() - return + return v } // SetOIDCIssuer safely sets the Configuration value for state's 'OIDCIssuer' field @@ -4055,7 +4033,7 @@ func (st *ConfigState) GetOIDCClientID() (v string) { st.mutex.RLock() v = st.config.OIDCClientID st.mutex.RUnlock() - return + return v } // SetOIDCClientID safely sets the Configuration value for state's 'OIDCClientID' field @@ -4077,7 +4055,7 @@ func (st *ConfigState) GetOIDCClientSecret() (v string) { st.mutex.RLock() v = st.config.OIDCClientSecret st.mutex.RUnlock() - return + return v } // SetOIDCClientSecret safely sets the Configuration value for state's 'OIDCClientSecret' field @@ -4099,7 +4077,7 @@ func (st *ConfigState) GetOIDCScopes() (v []string) { st.mutex.RLock() v = st.config.OIDCScopes st.mutex.RUnlock() - return + return v } // SetOIDCScopes safely sets the Configuration value for state's 'OIDCScopes' field @@ -4121,7 +4099,7 @@ func (st *ConfigState) GetOIDCLinkExisting() (v bool) { st.mutex.RLock() v = st.config.OIDCLinkExisting st.mutex.RUnlock() - return + return v } // SetOIDCLinkExisting safely sets the Configuration value for state's 'OIDCLinkExisting' field @@ -4143,7 +4121,7 @@ func (st *ConfigState) GetOIDCAllowedGroups() (v []string) { st.mutex.RLock() v = st.config.OIDCAllowedGroups st.mutex.RUnlock() - return + return v } // SetOIDCAllowedGroups safely sets the Configuration value for state's 'OIDCAllowedGroups' field @@ -4165,7 +4143,7 @@ func (st *ConfigState) GetOIDCAdminGroups() (v []string) { st.mutex.RLock() v = st.config.OIDCAdminGroups st.mutex.RUnlock() - return + return v } // SetOIDCAdminGroups safely sets the Configuration value for state's 'OIDCAdminGroups' field @@ -4187,7 +4165,7 @@ func (st *ConfigState) GetTracingEnabled() (v bool) { st.mutex.RLock() v = st.config.TracingEnabled st.mutex.RUnlock() - return + return v } // SetTracingEnabled safely sets the Configuration value for state's 'TracingEnabled' field @@ -4209,7 +4187,7 @@ func (st *ConfigState) GetMetricsEnabled() (v bool) { st.mutex.RLock() v = st.config.MetricsEnabled st.mutex.RUnlock() - return + return v } // SetMetricsEnabled safely sets the Configuration value for state's 'MetricsEnabled' field @@ -4231,7 +4209,7 @@ func (st *ConfigState) GetSMTPHost() (v string) { st.mutex.RLock() v = st.config.SMTPHost st.mutex.RUnlock() - return + return v } // SetSMTPHost safely sets the Configuration value for state's 'SMTPHost' field @@ -4253,7 +4231,7 @@ func (st *ConfigState) GetSMTPPort() (v int) { st.mutex.RLock() v = st.config.SMTPPort st.mutex.RUnlock() - return + return v } // SetSMTPPort safely sets the Configuration value for state's 'SMTPPort' field @@ -4275,7 +4253,7 @@ func (st *ConfigState) GetSMTPUsername() (v string) { st.mutex.RLock() v = st.config.SMTPUsername st.mutex.RUnlock() - return + return v } // SetSMTPUsername safely sets the Configuration value for state's 'SMTPUsername' field @@ -4297,7 +4275,7 @@ func (st *ConfigState) GetSMTPPassword() (v string) { st.mutex.RLock() v = st.config.SMTPPassword st.mutex.RUnlock() - return + return v } // SetSMTPPassword safely sets the Configuration value for state's 'SMTPPassword' field @@ -4319,7 +4297,7 @@ func (st *ConfigState) GetSMTPFrom() (v string) { st.mutex.RLock() v = st.config.SMTPFrom st.mutex.RUnlock() - return + return v } // SetSMTPFrom safely sets the Configuration value for state's 'SMTPFrom' field @@ -4341,7 +4319,7 @@ func (st *ConfigState) GetSMTPDiscloseRecipients() (v bool) { st.mutex.RLock() v = st.config.SMTPDiscloseRecipients st.mutex.RUnlock() - return + return v } // SetSMTPDiscloseRecipients safely sets the Configuration value for state's 'SMTPDiscloseRecipients' field @@ -4363,7 +4341,7 @@ func (st *ConfigState) GetSyslogEnabled() (v bool) { st.mutex.RLock() v = st.config.SyslogEnabled st.mutex.RUnlock() - return + return v } // SetSyslogEnabled safely sets the Configuration value for state's 'SyslogEnabled' field @@ -4385,7 +4363,7 @@ func (st *ConfigState) GetSyslogProtocol() (v string) { st.mutex.RLock() v = st.config.SyslogProtocol st.mutex.RUnlock() - return + return v } // SetSyslogProtocol safely sets the Configuration value for state's 'SyslogProtocol' field @@ -4407,7 +4385,7 @@ func (st *ConfigState) GetSyslogAddress() (v string) { st.mutex.RLock() v = st.config.SyslogAddress st.mutex.RUnlock() - return + return v } // SetSyslogAddress safely sets the Configuration value for state's 'SyslogAddress' field @@ -4429,7 +4407,7 @@ func (st *ConfigState) GetAdvancedCookiesSamesite() (v string) { st.mutex.RLock() v = st.config.Advanced.CookiesSamesite st.mutex.RUnlock() - return + return v } // SetAdvancedCookiesSamesite safely sets the Configuration value for state's 'Advanced.CookiesSamesite' field @@ -4451,7 +4429,7 @@ func (st *ConfigState) GetAdvancedSenderMultiplier() (v int) { st.mutex.RLock() v = st.config.Advanced.SenderMultiplier st.mutex.RUnlock() - return + return v } // SetAdvancedSenderMultiplier safely sets the Configuration value for state's 'Advanced.SenderMultiplier' field @@ -4473,7 +4451,7 @@ func (st *ConfigState) GetAdvancedCSPExtraURIs() (v []string) { st.mutex.RLock() v = st.config.Advanced.CSPExtraURIs st.mutex.RUnlock() - return + return v } // SetAdvancedCSPExtraURIs safely sets the Configuration value for state's 'Advanced.CSPExtraURIs' field @@ -4495,7 +4473,7 @@ func (st *ConfigState) GetAdvancedHeaderFilterMode() (v string) { st.mutex.RLock() v = st.config.Advanced.HeaderFilterMode st.mutex.RUnlock() - return + return v } // SetAdvancedHeaderFilterMode safely sets the Configuration value for state's 'Advanced.HeaderFilterMode' field @@ -4517,7 +4495,7 @@ func (st *ConfigState) GetAdvancedRateLimitRequests() (v int) { st.mutex.RLock() v = st.config.Advanced.RateLimit.Requests st.mutex.RUnlock() - return + return v } // SetAdvancedRateLimitRequests safely sets the Configuration value for state's 'Advanced.RateLimit.Requests' field @@ -4539,7 +4517,7 @@ func (st *ConfigState) GetAdvancedRateLimitExceptions() (v IPPrefixes) { st.mutex.RLock() v = st.config.Advanced.RateLimit.Exceptions st.mutex.RUnlock() - return + return v } // SetAdvancedRateLimitExceptions safely sets the Configuration value for state's 'Advanced.RateLimit.Exceptions' field @@ -4561,7 +4539,7 @@ func (st *ConfigState) GetAdvancedThrottlingMultiplier() (v int) { st.mutex.RLock() v = st.config.Advanced.Throttling.Multiplier st.mutex.RUnlock() - return + return v } // SetAdvancedThrottlingMultiplier safely sets the Configuration value for state's 'Advanced.Throttling.Multiplier' field @@ -4583,7 +4561,7 @@ func (st *ConfigState) GetAdvancedThrottlingRetryAfter() (v time.Duration) { st.mutex.RLock() v = st.config.Advanced.Throttling.RetryAfter st.mutex.RUnlock() - return + return v } // SetAdvancedThrottlingRetryAfter safely sets the Configuration value for state's 'Advanced.Throttling.RetryAfter' field @@ -4600,60 +4578,12 @@ func GetAdvancedThrottlingRetryAfter() time.Duration { return global.GetAdvanced // SetAdvancedThrottlingRetryAfter safely sets the value for global configuration 'Advanced.Throttling.RetryAfter' field func SetAdvancedThrottlingRetryAfter(v time.Duration) { global.SetAdvancedThrottlingRetryAfter(v) } -// GetAdvancedScraperDeterrenceEnabled safely fetches the Configuration value for state's 'Advanced.ScraperDeterrence.Enabled' field -func (st *ConfigState) GetAdvancedScraperDeterrenceEnabled() (v bool) { - st.mutex.RLock() - v = st.config.Advanced.ScraperDeterrence.Enabled - st.mutex.RUnlock() - return -} - -// SetAdvancedScraperDeterrenceEnabled safely sets the Configuration value for state's 'Advanced.ScraperDeterrence.Enabled' field -func (st *ConfigState) SetAdvancedScraperDeterrenceEnabled(v bool) { - st.mutex.Lock() - defer st.mutex.Unlock() - st.config.Advanced.ScraperDeterrence.Enabled = v - st.reloadToViper() -} - -// GetAdvancedScraperDeterrenceEnabled safely fetches the value for global configuration 'Advanced.ScraperDeterrence.Enabled' field -func GetAdvancedScraperDeterrenceEnabled() bool { return global.GetAdvancedScraperDeterrenceEnabled() } - -// SetAdvancedScraperDeterrenceEnabled safely sets the value for global configuration 'Advanced.ScraperDeterrence.Enabled' field -func SetAdvancedScraperDeterrenceEnabled(v bool) { global.SetAdvancedScraperDeterrenceEnabled(v) } - -// GetAdvancedScraperDeterrenceDifficulty safely fetches the Configuration value for state's 'Advanced.ScraperDeterrence.Difficulty' field -func (st *ConfigState) GetAdvancedScraperDeterrenceDifficulty() (v uint32) { - st.mutex.RLock() - v = st.config.Advanced.ScraperDeterrence.Difficulty - st.mutex.RUnlock() - return -} - -// SetAdvancedScraperDeterrenceDifficulty safely sets the Configuration value for state's 'Advanced.ScraperDeterrence.Difficulty' field -func (st *ConfigState) SetAdvancedScraperDeterrenceDifficulty(v uint32) { - st.mutex.Lock() - defer st.mutex.Unlock() - st.config.Advanced.ScraperDeterrence.Difficulty = v - st.reloadToViper() -} - -// GetAdvancedScraperDeterrenceDifficulty safely fetches the value for global configuration 'Advanced.ScraperDeterrence.Difficulty' field -func GetAdvancedScraperDeterrenceDifficulty() uint32 { - return global.GetAdvancedScraperDeterrenceDifficulty() -} - -// SetAdvancedScraperDeterrenceDifficulty safely sets the value for global configuration 'Advanced.ScraperDeterrence.Difficulty' field -func SetAdvancedScraperDeterrenceDifficulty(v uint32) { - global.SetAdvancedScraperDeterrenceDifficulty(v) -} - // GetHTTPClientAllowIPs safely fetches the Configuration value for state's 'HTTPClient.AllowIPs' field func (st *ConfigState) GetHTTPClientAllowIPs() (v []string) { st.mutex.RLock() v = st.config.HTTPClient.AllowIPs st.mutex.RUnlock() - return + return v } // SetHTTPClientAllowIPs safely sets the Configuration value for state's 'HTTPClient.AllowIPs' field @@ -4675,7 +4605,7 @@ func (st *ConfigState) GetHTTPClientBlockIPs() (v []string) { st.mutex.RLock() v = st.config.HTTPClient.BlockIPs st.mutex.RUnlock() - return + return v } // SetHTTPClientBlockIPs safely sets the Configuration value for state's 'HTTPClient.BlockIPs' field @@ -4697,7 +4627,7 @@ func (st *ConfigState) GetHTTPClientTimeout() (v time.Duration) { st.mutex.RLock() v = st.config.HTTPClient.Timeout st.mutex.RUnlock() - return + return v } // SetHTTPClientTimeout safely sets the Configuration value for state's 'HTTPClient.Timeout' field @@ -4719,7 +4649,7 @@ func (st *ConfigState) GetHTTPClientTLSInsecureSkipVerify() (v bool) { st.mutex.RLock() v = st.config.HTTPClient.TLSInsecureSkipVerify st.mutex.RUnlock() - return + return v } // SetHTTPClientTLSInsecureSkipVerify safely sets the Configuration value for state's 'HTTPClient.TLSInsecureSkipVerify' field @@ -4741,7 +4671,7 @@ func (st *ConfigState) GetHTTPClientInsecureOutgoing() (v bool) { st.mutex.RLock() v = st.config.HTTPClient.InsecureOutgoing st.mutex.RUnlock() - return + return v } // SetHTTPClientInsecureOutgoing safely sets the Configuration value for state's 'HTTPClient.InsecureOutgoing' field @@ -4763,7 +4693,7 @@ func (st *ConfigState) GetMediaDescriptionMinChars() (v int) { st.mutex.RLock() v = st.config.Media.DescriptionMinChars st.mutex.RUnlock() - return + return v } // SetMediaDescriptionMinChars safely sets the Configuration value for state's 'Media.DescriptionMinChars' field @@ -4785,7 +4715,7 @@ func (st *ConfigState) GetMediaDescriptionMaxChars() (v int) { st.mutex.RLock() v = st.config.Media.DescriptionMaxChars st.mutex.RUnlock() - return + return v } // SetMediaDescriptionMaxChars safely sets the Configuration value for state's 'Media.DescriptionMaxChars' field @@ -4807,7 +4737,7 @@ func (st *ConfigState) GetMediaRemoteCacheDays() (v int) { st.mutex.RLock() v = st.config.Media.RemoteCacheDays st.mutex.RUnlock() - return + return v } // SetMediaRemoteCacheDays safely sets the Configuration value for state's 'Media.RemoteCacheDays' field @@ -4829,7 +4759,7 @@ func (st *ConfigState) GetMediaEmojiLocalMaxSize() (v bytesize.Size) { st.mutex.RLock() v = st.config.Media.EmojiLocalMaxSize st.mutex.RUnlock() - return + return v } // SetMediaEmojiLocalMaxSize safely sets the Configuration value for state's 'Media.EmojiLocalMaxSize' field @@ -4851,7 +4781,7 @@ func (st *ConfigState) GetMediaEmojiRemoteMaxSize() (v bytesize.Size) { st.mutex.RLock() v = st.config.Media.EmojiRemoteMaxSize st.mutex.RUnlock() - return + return v } // SetMediaEmojiRemoteMaxSize safely sets the Configuration value for state's 'Media.EmojiRemoteMaxSize' field @@ -4873,7 +4803,7 @@ func (st *ConfigState) GetMediaImageSizeHint() (v bytesize.Size) { st.mutex.RLock() v = st.config.Media.ImageSizeHint st.mutex.RUnlock() - return + return v } // SetMediaImageSizeHint safely sets the Configuration value for state's 'Media.ImageSizeHint' field @@ -4895,7 +4825,7 @@ func (st *ConfigState) GetMediaVideoSizeHint() (v bytesize.Size) { st.mutex.RLock() v = st.config.Media.VideoSizeHint st.mutex.RUnlock() - return + return v } // SetMediaVideoSizeHint safely sets the Configuration value for state's 'Media.VideoSizeHint' field @@ -4917,7 +4847,7 @@ func (st *ConfigState) GetMediaLocalMaxSize() (v bytesize.Size) { st.mutex.RLock() v = st.config.Media.LocalMaxSize st.mutex.RUnlock() - return + return v } // SetMediaLocalMaxSize safely sets the Configuration value for state's 'Media.LocalMaxSize' field @@ -4939,7 +4869,7 @@ func (st *ConfigState) GetMediaRemoteMaxSize() (v bytesize.Size) { st.mutex.RLock() v = st.config.Media.RemoteMaxSize st.mutex.RUnlock() - return + return v } // SetMediaRemoteMaxSize safely sets the Configuration value for state's 'Media.RemoteMaxSize' field @@ -4961,7 +4891,7 @@ func (st *ConfigState) GetMediaCleanupFrom() (v string) { st.mutex.RLock() v = st.config.Media.CleanupFrom st.mutex.RUnlock() - return + return v } // SetMediaCleanupFrom safely sets the Configuration value for state's 'Media.CleanupFrom' field @@ -4983,7 +4913,7 @@ func (st *ConfigState) GetMediaCleanupEvery() (v time.Duration) { st.mutex.RLock() v = st.config.Media.CleanupEvery st.mutex.RUnlock() - return + return v } // SetMediaCleanupEvery safely sets the Configuration value for state's 'Media.CleanupEvery' field @@ -5005,7 +4935,7 @@ func (st *ConfigState) GetMediaFfmpegPoolSize() (v int) { st.mutex.RLock() v = st.config.Media.FfmpegPoolSize st.mutex.RUnlock() - return + return v } // SetMediaFfmpegPoolSize safely sets the Configuration value for state's 'Media.FfmpegPoolSize' field @@ -5027,7 +4957,7 @@ func (st *ConfigState) GetMediaThumbMaxPixels() (v int) { st.mutex.RLock() v = st.config.Media.ThumbMaxPixels st.mutex.RUnlock() - return + return v } // SetMediaThumbMaxPixels safely sets the Configuration value for state's 'Media.ThumbMaxPixels' field @@ -5049,7 +4979,7 @@ func (st *ConfigState) GetCacheMemoryTarget() (v bytesize.Size) { st.mutex.RLock() v = st.config.Cache.MemoryTarget st.mutex.RUnlock() - return + return v } // SetCacheMemoryTarget safely sets the Configuration value for state's 'Cache.MemoryTarget' field @@ -5071,7 +5001,7 @@ func (st *ConfigState) GetCacheAccountMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.AccountMemRatio st.mutex.RUnlock() - return + return v } // SetCacheAccountMemRatio safely sets the Configuration value for state's 'Cache.AccountMemRatio' field @@ -5093,7 +5023,7 @@ func (st *ConfigState) GetCacheAccountNoteMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.AccountNoteMemRatio st.mutex.RUnlock() - return + return v } // SetCacheAccountNoteMemRatio safely sets the Configuration value for state's 'Cache.AccountNoteMemRatio' field @@ -5115,7 +5045,7 @@ func (st *ConfigState) GetCacheAccountSettingsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.AccountSettingsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheAccountSettingsMemRatio safely sets the Configuration value for state's 'Cache.AccountSettingsMemRatio' field @@ -5137,7 +5067,7 @@ func (st *ConfigState) GetCacheAccountStatsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.AccountStatsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheAccountStatsMemRatio safely sets the Configuration value for state's 'Cache.AccountStatsMemRatio' field @@ -5159,7 +5089,7 @@ func (st *ConfigState) GetCacheApplicationMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ApplicationMemRatio st.mutex.RUnlock() - return + return v } // SetCacheApplicationMemRatio safely sets the Configuration value for state's 'Cache.ApplicationMemRatio' field @@ -5181,7 +5111,7 @@ func (st *ConfigState) GetCacheBlockMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.BlockMemRatio st.mutex.RUnlock() - return + return v } // SetCacheBlockMemRatio safely sets the Configuration value for state's 'Cache.BlockMemRatio' field @@ -5203,7 +5133,7 @@ func (st *ConfigState) GetCacheBlockIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.BlockIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheBlockIDsMemRatio safely sets the Configuration value for state's 'Cache.BlockIDsMemRatio' field @@ -5225,7 +5155,7 @@ func (st *ConfigState) GetCacheBoostOfIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.BoostOfIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheBoostOfIDsMemRatio safely sets the Configuration value for state's 'Cache.BoostOfIDsMemRatio' field @@ -5247,7 +5177,7 @@ func (st *ConfigState) GetCacheClientMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ClientMemRatio st.mutex.RUnlock() - return + return v } // SetCacheClientMemRatio safely sets the Configuration value for state's 'Cache.ClientMemRatio' field @@ -5269,7 +5199,7 @@ func (st *ConfigState) GetCacheConversationMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ConversationMemRatio st.mutex.RUnlock() - return + return v } // SetCacheConversationMemRatio safely sets the Configuration value for state's 'Cache.ConversationMemRatio' field @@ -5291,7 +5221,7 @@ func (st *ConfigState) GetCacheConversationLastStatusIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ConversationLastStatusIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheConversationLastStatusIDsMemRatio safely sets the Configuration value for state's 'Cache.ConversationLastStatusIDsMemRatio' field @@ -5317,7 +5247,7 @@ func (st *ConfigState) GetCacheDomainPermissionDraftMemRation() (v float64) { st.mutex.RLock() v = st.config.Cache.DomainPermissionDraftMemRation st.mutex.RUnlock() - return + return v } // SetCacheDomainPermissionDraftMemRation safely sets the Configuration value for state's 'Cache.DomainPermissionDraftMemRation' field @@ -5343,7 +5273,7 @@ func (st *ConfigState) GetCacheDomainPermissionSubscriptionMemRation() (v float6 st.mutex.RLock() v = st.config.Cache.DomainPermissionSubscriptionMemRation st.mutex.RUnlock() - return + return v } // SetCacheDomainPermissionSubscriptionMemRation safely sets the Configuration value for state's 'Cache.DomainPermissionSubscriptionMemRation' field @@ -5369,7 +5299,7 @@ func (st *ConfigState) GetCacheEmojiMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.EmojiMemRatio st.mutex.RUnlock() - return + return v } // SetCacheEmojiMemRatio safely sets the Configuration value for state's 'Cache.EmojiMemRatio' field @@ -5391,7 +5321,7 @@ func (st *ConfigState) GetCacheEmojiCategoryMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.EmojiCategoryMemRatio st.mutex.RUnlock() - return + return v } // SetCacheEmojiCategoryMemRatio safely sets the Configuration value for state's 'Cache.EmojiCategoryMemRatio' field @@ -5413,7 +5343,7 @@ func (st *ConfigState) GetCacheFilterMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FilterMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFilterMemRatio safely sets the Configuration value for state's 'Cache.FilterMemRatio' field @@ -5435,7 +5365,7 @@ func (st *ConfigState) GetCacheFilterIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FilterIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFilterIDsMemRatio safely sets the Configuration value for state's 'Cache.FilterIDsMemRatio' field @@ -5457,7 +5387,7 @@ func (st *ConfigState) GetCacheFilterKeywordMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FilterKeywordMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFilterKeywordMemRatio safely sets the Configuration value for state's 'Cache.FilterKeywordMemRatio' field @@ -5479,7 +5409,7 @@ func (st *ConfigState) GetCacheFilterStatusMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FilterStatusMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFilterStatusMemRatio safely sets the Configuration value for state's 'Cache.FilterStatusMemRatio' field @@ -5501,7 +5431,7 @@ func (st *ConfigState) GetCacheFollowMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FollowMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFollowMemRatio safely sets the Configuration value for state's 'Cache.FollowMemRatio' field @@ -5523,7 +5453,7 @@ func (st *ConfigState) GetCacheFollowIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FollowIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFollowIDsMemRatio safely sets the Configuration value for state's 'Cache.FollowIDsMemRatio' field @@ -5545,7 +5475,7 @@ func (st *ConfigState) GetCacheFollowRequestMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FollowRequestMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFollowRequestMemRatio safely sets the Configuration value for state's 'Cache.FollowRequestMemRatio' field @@ -5567,7 +5497,7 @@ func (st *ConfigState) GetCacheFollowRequestIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FollowRequestIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFollowRequestIDsMemRatio safely sets the Configuration value for state's 'Cache.FollowRequestIDsMemRatio' field @@ -5589,7 +5519,7 @@ func (st *ConfigState) GetCacheFollowingTagIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.FollowingTagIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheFollowingTagIDsMemRatio safely sets the Configuration value for state's 'Cache.FollowingTagIDsMemRatio' field @@ -5611,7 +5541,7 @@ func (st *ConfigState) GetCacheInReplyToIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.InReplyToIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheInReplyToIDsMemRatio safely sets the Configuration value for state's 'Cache.InReplyToIDsMemRatio' field @@ -5633,7 +5563,7 @@ func (st *ConfigState) GetCacheInstanceMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.InstanceMemRatio st.mutex.RUnlock() - return + return v } // SetCacheInstanceMemRatio safely sets the Configuration value for state's 'Cache.InstanceMemRatio' field @@ -5655,7 +5585,7 @@ func (st *ConfigState) GetCacheInteractionRequestMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.InteractionRequestMemRatio st.mutex.RUnlock() - return + return v } // SetCacheInteractionRequestMemRatio safely sets the Configuration value for state's 'Cache.InteractionRequestMemRatio' field @@ -5677,7 +5607,7 @@ func (st *ConfigState) GetCacheListMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ListMemRatio st.mutex.RUnlock() - return + return v } // SetCacheListMemRatio safely sets the Configuration value for state's 'Cache.ListMemRatio' field @@ -5699,7 +5629,7 @@ func (st *ConfigState) GetCacheListIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ListIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheListIDsMemRatio safely sets the Configuration value for state's 'Cache.ListIDsMemRatio' field @@ -5721,7 +5651,7 @@ func (st *ConfigState) GetCacheListedIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ListedIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheListedIDsMemRatio safely sets the Configuration value for state's 'Cache.ListedIDsMemRatio' field @@ -5743,7 +5673,7 @@ func (st *ConfigState) GetCacheMarkerMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.MarkerMemRatio st.mutex.RUnlock() - return + return v } // SetCacheMarkerMemRatio safely sets the Configuration value for state's 'Cache.MarkerMemRatio' field @@ -5765,7 +5695,7 @@ func (st *ConfigState) GetCacheMediaMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.MediaMemRatio st.mutex.RUnlock() - return + return v } // SetCacheMediaMemRatio safely sets the Configuration value for state's 'Cache.MediaMemRatio' field @@ -5787,7 +5717,7 @@ func (st *ConfigState) GetCacheMentionMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.MentionMemRatio st.mutex.RUnlock() - return + return v } // SetCacheMentionMemRatio safely sets the Configuration value for state's 'Cache.MentionMemRatio' field @@ -5809,7 +5739,7 @@ func (st *ConfigState) GetCacheMoveMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.MoveMemRatio st.mutex.RUnlock() - return + return v } // SetCacheMoveMemRatio safely sets the Configuration value for state's 'Cache.MoveMemRatio' field @@ -5831,7 +5761,7 @@ func (st *ConfigState) GetCacheNotificationMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.NotificationMemRatio st.mutex.RUnlock() - return + return v } // SetCacheNotificationMemRatio safely sets the Configuration value for state's 'Cache.NotificationMemRatio' field @@ -5853,7 +5783,7 @@ func (st *ConfigState) GetCachePollMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.PollMemRatio st.mutex.RUnlock() - return + return v } // SetCachePollMemRatio safely sets the Configuration value for state's 'Cache.PollMemRatio' field @@ -5875,7 +5805,7 @@ func (st *ConfigState) GetCachePollVoteMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.PollVoteMemRatio st.mutex.RUnlock() - return + return v } // SetCachePollVoteMemRatio safely sets the Configuration value for state's 'Cache.PollVoteMemRatio' field @@ -5897,7 +5827,7 @@ func (st *ConfigState) GetCachePollVoteIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.PollVoteIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCachePollVoteIDsMemRatio safely sets the Configuration value for state's 'Cache.PollVoteIDsMemRatio' field @@ -5919,7 +5849,7 @@ func (st *ConfigState) GetCacheReportMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ReportMemRatio st.mutex.RUnlock() - return + return v } // SetCacheReportMemRatio safely sets the Configuration value for state's 'Cache.ReportMemRatio' field @@ -5941,7 +5871,7 @@ func (st *ConfigState) GetCacheScheduledStatusMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ScheduledStatusMemRatio st.mutex.RUnlock() - return + return v } // SetCacheScheduledStatusMemRatio safely sets the Configuration value for state's 'Cache.ScheduledStatusMemRatio' field @@ -5963,7 +5893,7 @@ func (st *ConfigState) GetCacheSinBinStatusMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.SinBinStatusMemRatio st.mutex.RUnlock() - return + return v } // SetCacheSinBinStatusMemRatio safely sets the Configuration value for state's 'Cache.SinBinStatusMemRatio' field @@ -5985,7 +5915,7 @@ func (st *ConfigState) GetCacheStatusMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.StatusMemRatio st.mutex.RUnlock() - return + return v } // SetCacheStatusMemRatio safely sets the Configuration value for state's 'Cache.StatusMemRatio' field @@ -6007,7 +5937,7 @@ func (st *ConfigState) GetCacheStatusBookmarkMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.StatusBookmarkMemRatio st.mutex.RUnlock() - return + return v } // SetCacheStatusBookmarkMemRatio safely sets the Configuration value for state's 'Cache.StatusBookmarkMemRatio' field @@ -6029,7 +5959,7 @@ func (st *ConfigState) GetCacheStatusBookmarkIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.StatusBookmarkIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheStatusBookmarkIDsMemRatio safely sets the Configuration value for state's 'Cache.StatusBookmarkIDsMemRatio' field @@ -6051,7 +5981,7 @@ func (st *ConfigState) GetCacheStatusEditMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.StatusEditMemRatio st.mutex.RUnlock() - return + return v } // SetCacheStatusEditMemRatio safely sets the Configuration value for state's 'Cache.StatusEditMemRatio' field @@ -6073,7 +6003,7 @@ func (st *ConfigState) GetCacheStatusFaveMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.StatusFaveMemRatio st.mutex.RUnlock() - return + return v } // SetCacheStatusFaveMemRatio safely sets the Configuration value for state's 'Cache.StatusFaveMemRatio' field @@ -6095,7 +6025,7 @@ func (st *ConfigState) GetCacheStatusFaveIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.StatusFaveIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheStatusFaveIDsMemRatio safely sets the Configuration value for state's 'Cache.StatusFaveIDsMemRatio' field @@ -6117,7 +6047,7 @@ func (st *ConfigState) GetCacheTagMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.TagMemRatio st.mutex.RUnlock() - return + return v } // SetCacheTagMemRatio safely sets the Configuration value for state's 'Cache.TagMemRatio' field @@ -6139,7 +6069,7 @@ func (st *ConfigState) GetCacheThreadMuteMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.ThreadMuteMemRatio st.mutex.RUnlock() - return + return v } // SetCacheThreadMuteMemRatio safely sets the Configuration value for state's 'Cache.ThreadMuteMemRatio' field @@ -6161,7 +6091,7 @@ func (st *ConfigState) GetCacheTokenMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.TokenMemRatio st.mutex.RUnlock() - return + return v } // SetCacheTokenMemRatio safely sets the Configuration value for state's 'Cache.TokenMemRatio' field @@ -6183,7 +6113,7 @@ func (st *ConfigState) GetCacheTombstoneMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.TombstoneMemRatio st.mutex.RUnlock() - return + return v } // SetCacheTombstoneMemRatio safely sets the Configuration value for state's 'Cache.TombstoneMemRatio' field @@ -6205,7 +6135,7 @@ func (st *ConfigState) GetCacheUserMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.UserMemRatio st.mutex.RUnlock() - return + return v } // SetCacheUserMemRatio safely sets the Configuration value for state's 'Cache.UserMemRatio' field @@ -6227,7 +6157,7 @@ func (st *ConfigState) GetCacheUserMuteMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.UserMuteMemRatio st.mutex.RUnlock() - return + return v } // SetCacheUserMuteMemRatio safely sets the Configuration value for state's 'Cache.UserMuteMemRatio' field @@ -6249,7 +6179,7 @@ func (st *ConfigState) GetCacheUserMuteIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.UserMuteIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheUserMuteIDsMemRatio safely sets the Configuration value for state's 'Cache.UserMuteIDsMemRatio' field @@ -6271,7 +6201,7 @@ func (st *ConfigState) GetCacheWebfingerMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.WebfingerMemRatio st.mutex.RUnlock() - return + return v } // SetCacheWebfingerMemRatio safely sets the Configuration value for state's 'Cache.WebfingerMemRatio' field @@ -6293,7 +6223,7 @@ func (st *ConfigState) GetCacheWebPushSubscriptionMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.WebPushSubscriptionMemRatio st.mutex.RUnlock() - return + return v } // SetCacheWebPushSubscriptionMemRatio safely sets the Configuration value for state's 'Cache.WebPushSubscriptionMemRatio' field @@ -6317,7 +6247,7 @@ func (st *ConfigState) GetCacheWebPushSubscriptionIDsMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.WebPushSubscriptionIDsMemRatio st.mutex.RUnlock() - return + return v } // SetCacheWebPushSubscriptionIDsMemRatio safely sets the Configuration value for state's 'Cache.WebPushSubscriptionIDsMemRatio' field @@ -6343,7 +6273,7 @@ func (st *ConfigState) GetCacheMutesMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.MutesMemRatio st.mutex.RUnlock() - return + return v } // SetCacheMutesMemRatio safely sets the Configuration value for state's 'Cache.MutesMemRatio' field @@ -6365,7 +6295,7 @@ func (st *ConfigState) GetCacheStatusFilterMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.StatusFilterMemRatio st.mutex.RUnlock() - return + return v } // SetCacheStatusFilterMemRatio safely sets the Configuration value for state's 'Cache.StatusFilterMemRatio' field @@ -6387,7 +6317,7 @@ func (st *ConfigState) GetCacheVisibilityMemRatio() (v float64) { st.mutex.RLock() v = st.config.Cache.VisibilityMemRatio st.mutex.RUnlock() - return + return v } // SetCacheVisibilityMemRatio safely sets the Configuration value for state's 'Cache.VisibilityMemRatio' field @@ -6409,7 +6339,7 @@ func (st *ConfigState) GetAdminAccountUsername() (v string) { st.mutex.RLock() v = st.config.AdminAccountUsername st.mutex.RUnlock() - return + return v } // SetAdminAccountUsername safely sets the Configuration value for state's 'AdminAccountUsername' field @@ -6431,7 +6361,7 @@ func (st *ConfigState) GetAdminAccountEmail() (v string) { st.mutex.RLock() v = st.config.AdminAccountEmail st.mutex.RUnlock() - return + return v } // SetAdminAccountEmail safely sets the Configuration value for state's 'AdminAccountEmail' field @@ -6453,7 +6383,7 @@ func (st *ConfigState) GetAdminAccountPassword() (v string) { st.mutex.RLock() v = st.config.AdminAccountPassword st.mutex.RUnlock() - return + return v } // SetAdminAccountPassword safely sets the Configuration value for state's 'AdminAccountPassword' field @@ -6475,7 +6405,7 @@ func (st *ConfigState) GetAdminTransPath() (v string) { st.mutex.RLock() v = st.config.AdminTransPath st.mutex.RUnlock() - return + return v } // SetAdminTransPath safely sets the Configuration value for state's 'AdminTransPath' field @@ -6497,7 +6427,7 @@ func (st *ConfigState) GetAdminMediaPruneDryRun() (v bool) { st.mutex.RLock() v = st.config.AdminMediaPruneDryRun st.mutex.RUnlock() - return + return v } // SetAdminMediaPruneDryRun safely sets the Configuration value for state's 'AdminMediaPruneDryRun' field @@ -6519,7 +6449,7 @@ func (st *ConfigState) GetAdminMediaListLocalOnly() (v bool) { st.mutex.RLock() v = st.config.AdminMediaListLocalOnly st.mutex.RUnlock() - return + return v } // SetAdminMediaListLocalOnly safely sets the Configuration value for state's 'AdminMediaListLocalOnly' field @@ -6541,7 +6471,7 @@ func (st *ConfigState) GetAdminMediaListRemoteOnly() (v bool) { st.mutex.RLock() v = st.config.AdminMediaListRemoteOnly st.mutex.RUnlock() - return + return v } // SetAdminMediaListRemoteOnly safely sets the Configuration value for state's 'AdminMediaListRemoteOnly' field @@ -6563,7 +6493,7 @@ func (st *ConfigState) GetTestrigSkipDBSetup() (v bool) { st.mutex.RLock() v = st.config.TestrigSkipDBSetup st.mutex.RUnlock() - return + return v } // SetTestrigSkipDBSetup safely sets the Configuration value for state's 'TestrigSkipDBSetup' field @@ -6585,7 +6515,7 @@ func (st *ConfigState) GetTestrigSkipDBTeardown() (v bool) { st.mutex.RLock() v = st.config.TestrigSkipDBTeardown st.mutex.RUnlock() - return + return v } // SetTestrigSkipDBTeardown safely sets the Configuration value for state's 'TestrigSkipDBTeardown' field @@ -6666,7 +6596,7 @@ func (st *ConfigState) GetTotalOfMemRatios() (total float64) { total += st.config.Cache.StatusFilterMemRatio total += st.config.Cache.VisibilityMemRatio st.mutex.RUnlock() - return + return total } // GetTotalOfMemRatios safely fetches the combined value for all the global state's mem ratio fields @@ -6766,30 +6696,6 @@ func flattenConfigMap(cfgmap map[string]any) { } } - for _, key := range [][]string{ - {"advanced-scraper-deterrence", "enabled"}, - {"advanced", "scraper-deterrence", "enabled"}, - } { - ival, ok := mapGet(cfgmap, key...) - if ok { - cfgmap["advanced-scraper-deterrence-enabled"] = ival - nestedKeys[key[0]] = struct{}{} - break - } - } - - for _, key := range [][]string{ - {"advanced-scraper-deterrence", "difficulty"}, - {"advanced", "scraper-deterrence", "difficulty"}, - } { - ival, ok := mapGet(cfgmap, key...) - if ok { - cfgmap["advanced-scraper-deterrence-difficulty"] = ival - nestedKeys[key[0]] = struct{}{} - break - } - } - for _, key := range [][]string{ {"http-client", "allow-ips"}, } { diff --git a/internal/config/testdata/test3.yaml b/internal/config/testdata/test3.yaml index d383fdd80..b0d526380 100644 --- a/internal/config/testdata/test3.yaml +++ b/internal/config/testdata/test3.yaml @@ -1,5 +1,3 @@ advanced: - scraper-deterrence: - enabled: true rate-limit: requests: 5000 diff --git a/internal/middleware/nollamas.go b/internal/middleware/nollamas.go deleted file mode 100644 index 6191ebe3b..000000000 --- a/internal/middleware/nollamas.go +++ /dev/null @@ -1,385 +0,0 @@ -// GoToSocial -// Copyright (C) GoToSocial Authors admin@gotosocial.org -// SPDX-License-Identifier: AGPL-3.0-or-later -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . - -package middleware - -import ( - "context" - "crypto/rand" - "crypto/sha256" - "crypto/subtle" - "encoding/hex" - "hash" - "io" - "net/http" - "strconv" - "time" - - apimodel "code.superseriousbusiness.org/gotosocial/internal/api/model" - apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util" - "code.superseriousbusiness.org/gotosocial/internal/config" - "code.superseriousbusiness.org/gotosocial/internal/gtscontext" - "code.superseriousbusiness.org/gotosocial/internal/gtserror" - "code.superseriousbusiness.org/gotosocial/internal/log" - "code.superseriousbusiness.org/gotosocial/internal/oauth" - "codeberg.org/gruf/go-bitutil" - "codeberg.org/gruf/go-byteutil" - "github.com/gin-gonic/gin" -) - -// NoLLaMas returns a piece of HTTP middleware that provides a deterrence -// on routes it is applied to, against bots and scrapers. It generates a -// unique but deterministic challenge for each HTTP client within an hour -// TTL that requires a proof-of-work solution to pass onto the next handler. -// On successful solution, the client is provided a cookie that allows them -// to bypass this check within that hour TTL. The outcome of this is that it -// should make scraping of these endpoints economically unfeasible, when enabled, -// and with an absurdly minimal performance impact. The downside is that it -// requires javascript to be enabled on the client to pass the middleware check. -// -// Heavily inspired by: https://github.com/TecharoHQ/anubis -func NoLLaMas( - cookiePolicy apiutil.CookiePolicy, - getInstanceV1 func(context.Context) (*apimodel.InstanceV1, gtserror.WithCode), -) gin.HandlerFunc { - - if !config.GetAdvancedScraperDeterrenceEnabled() { - // NoLLaMas middleware disabled. - return func(*gin.Context) {} - } - - var seed [32]byte - - // Read random data for the token seed. - _, err := io.ReadFull(rand.Reader, seed[:]) - if err != nil { - panic(err) - } - - // Configure nollamas. - var nollamas nollamas - nollamas.entropy = seed - nollamas.ttl = time.Hour - nollamas.rounds = config.GetAdvancedScraperDeterrenceDifficulty() - nollamas.getInstanceV1 = getInstanceV1 - nollamas.policy = cookiePolicy - return nollamas.Serve -} - -// i.e. hash slice length. -const hashLen = sha256.Size - -// i.e. hex.EncodedLen(hashLen). -const encodedHashLen = 2 * hashLen - -// hashWithBufs encompasses a hash along -// with the necessary buffers to generate -// a hashsum and then encode that sum. -type hashWithBufs struct { - hash hash.Hash - hbuf [hashLen]byte - ebuf [encodedHashLen]byte -} - -// write is a passthrough to hash.Hash{}.Write(). -func (h *hashWithBufs) write(b []byte) { - _, _ = h.hash.Write(b) -} - -// writeString is a passthrough to hash.Hash{}.Write([]byte(s)). -func (h *hashWithBufs) writeString(s string) { - _, _ = h.hash.Write(byteutil.S2B(s)) -} - -// EncodedSum returns the hex encoded sum of hash.Sum(). -func (h *hashWithBufs) EncodedSum() string { - _ = h.hash.Sum(h.hbuf[:0]) - hex.Encode(h.ebuf[:], h.hbuf[:]) - return string(h.ebuf[:]) -} - -// Reset will reset hash and buffers. -func (h *hashWithBufs) Reset() { - h.ebuf = [encodedHashLen]byte{} - h.hbuf = [hashLen]byte{} - h.hash.Reset() -} - -type nollamas struct { - // our instance cookie policy. - policy apiutil.CookiePolicy - - // unique entropy - // to prevent hashes - // being guessable - entropy [32]byte - - // success cookie TTL - ttl time.Duration - - // rounds determines roughly how - // many hash-encode rounds each - // client is required to complete. - rounds uint32 - - // extra fields required for - // our template rendering. - getInstanceV1 func(ctx context.Context) (*apimodel.InstanceV1, gtserror.WithCode) -} - -func (m *nollamas) Serve(c *gin.Context) { - if c.Request.Method != http.MethodGet { - // Only interested in protecting - // crawlable 'GET' endpoints. - c.Next() - return - } - - // Extract request context. - ctx := c.Request.Context() - - if ctx.Value(oauth.SessionAuthorizedToken) != nil { - // Don't guard against requests - // providing valid OAuth tokens. - c.Next() - return - } - - if gtscontext.HTTPSignature(ctx) != "" { - // Don't guard against requests - // providing HTTP signatures. - c.Next() - return - } - - // Prepare new hash with buffers. - hash := hashWithBufs{hash: sha256.New()} - - // Extract client fingerprint data. - userAgent := c.GetHeader("User-Agent") - clientIP := c.ClientIP() - - // Generate a unique token for this request, - // only valid for a period of now +- m.ttl. - token := m.getToken(&hash, userAgent, clientIP) - - // Check for a provided success token. - cookie, _ := c.Cookie("gts-nollamas") - - // Check whether passed cookie - // is the expected success token. - if subtle.ConstantTimeCompare( - byteutil.S2B(cookie), - byteutil.S2B(token), - ) == 1 { - - // They passed us a valid, expected - // token. They already passed checks. - c.Next() - return - } - - // From here-on out, all - // possibilities are handled - // by us. Prevent further http - // handlers from being called. - c.Abort() - - // Generate challenge for this unique (yet deterministic) token, - // returning seed, wanted 'challenge' result and expected solution. - seed, challenge, solution := m.getChallenge(&hash, token) - - // Prepare new log entry. - l := log.WithContext(ctx). - WithField("userAgent", userAgent). - WithField("seed", seed). - WithField("rounds", solution) - - // Extract and parse query. - query := c.Request.URL.Query() - - // Check query to see if an in-progress - // challenge solution has been provided. - nonce := query.Get("nollamas_solution") - if nonce == "" { - - // No solution given, likely new client! - // Simply present them with challenge. - m.renderChallenge(c, seed, challenge) - l.Info("posing new challenge") - return - } - - // Check nonce matches expected. - if subtle.ConstantTimeCompare( - byteutil.S2B(solution), - byteutil.S2B(nonce), - ) != 1 { - - // Their nonce failed, re-challenge them. - m.renderChallenge(c, challenge, solution) - l.Infof("invalid solution provided: %s", nonce) - return - } - - l.Info("challenge passed") - - // Drop solution query and encode. - query.Del("nollamas_solution") - c.Request.URL.RawQuery = query.Encode() - - // They passed the challenge! Set success token - // cookie and allow them to continue to next handlers. - m.policy.SetCookie(c, "gts-nollamas", token, int(m.ttl/time.Second), "/") - c.Redirect(http.StatusTemporaryRedirect, c.Request.URL.RequestURI()) -} - -func (m *nollamas) renderChallenge(c *gin.Context, seed, challenge string) { - // Fetch current instance information for templating vars. - instance, errWithCode := m.getInstanceV1(c.Request.Context()) - if errWithCode != nil { - apiutil.ErrorHandler(c, errWithCode, m.getInstanceV1) - return - } - - // Write templated challenge response to client. - apiutil.TemplateWebPage(c, apiutil.WebPage{ - Template: "nollamas.tmpl", - Instance: instance, - Stylesheets: []string{ - "/assets/dist/nollamas.css", - // Include fork-awesome stylesheet - // to get nice loading spinner. - "/assets/Fork-Awesome/css/fork-awesome.min.css", - }, - Extra: map[string]any{ - "seed": seed, - "challenge": challenge, - }, - Javascript: []apiutil.JavascriptEntry{ - { - Src: "/assets/dist/nollamas.js", - Defer: true, - }, - }, - }) -} - -// getToken generates a unique yet deterministic token for given HTTP request -// details, seeded by runtime generated entropy data and ttl rounded timestamp. -func (m *nollamas) getToken(hash *hashWithBufs, userAgent, clientIP string) string { - - // Reset before - // using hash. - hash.Reset() - - // Use our unique entropy to seed hash, - // to ensure we have cryptographically - // unique, yet deterministic, tokens - // generated for a given http client. - hash.write(m.entropy[:]) - - // Also seed the generated input with - // current time rounded to TTL, so our - // single comparison handles expiries. - now := time.Now().Round(m.ttl).Unix() - hash.write([]byte{ - byte(now >> 56), - byte(now >> 48), - byte(now >> 40), - byte(now >> 32), - byte(now >> 24), - byte(now >> 16), - byte(now >> 8), - byte(now), - }) - - // Append client request data. - hash.writeString(userAgent) - hash.writeString(clientIP) - - // Return hex encoded hash. - return hash.EncodedSum() -} - -// getChallenge prepares a new challenge given the deterministic input token for this request. -// it will return an input seed string, a challenge string which is the end result the client -// should be looking for, and the solution for this such that challenge = hex(sha256(seed + solution)). -// the solution will always be a string-encoded 64bit integer calculated from m.rounds + random jitter. -func (m *nollamas) getChallenge(hash *hashWithBufs, token string) (seed, challenge, solution string) { - - // For their unique seed string just use a - // single portion of their 'success' token. - // SHA256 is not yet cracked, this is not an - // application of a hash requiring serious - // cryptographic security and it rotates on - // a TTL basis, so it should be fine. - seed = token[:len(token)/4] - - // BEFORE resetting the hash, get the last - // two bytes of NON-hex-encoded data from - // token generation to use for random jitter. - // This is taken from the end of the hash as - // this is the "unseen" end part of token. - // - // (if we used hex-encoded data it would - // only ever be '0-9' or 'a-z' ASCII chars). - // - // Security-wise, same applies as-above. - jitter := int16(hash.hbuf[len(hash.hbuf)-2]) | - int16(hash.hbuf[len(hash.hbuf)-1])<<8 - - var rounds int64 - switch { - // For some small percentage of - // clients we purposely low-ball - // their rounds required, to make - // it so gaming it with a starting - // nonce value may suddenly fail. - case jitter%37 == 0: - rounds = int64(m.rounds/10) + int64(jitter/10) - case jitter%31 == 0: - rounds = int64(m.rounds/5) + int64(jitter/5) - case jitter%29 == 0: - rounds = int64(m.rounds/3) + int64(jitter/3) - case jitter%13 == 0: - rounds = int64(m.rounds/2) + int64(jitter/2) - - // Determine an appropriate number of hash rounds - // we want the client to perform on input seed. This - // is determined as configured m.rounds +- jitter. - // This will be the 'solution' to create 'challenge'. - default: - rounds = int64(m.rounds) + int64(jitter) //nolint:gosec - } - - // Encode (positive) determined hash rounds as string. - solution = strconv.FormatInt(bitutil.Abs64(rounds), 10) - - // Reset before - // using hash. - hash.Reset() - - // Calculate the expected result - // of hex(sha256(seed + solution)), - // i.e. the proposed 'challenge'. - hash.writeString(seed) - hash.writeString(solution) - challenge = hash.EncodedSum() - - return -} diff --git a/internal/middleware/nollamas_test.go b/internal/middleware/nollamas_test.go deleted file mode 100644 index f6b8e0e02..000000000 --- a/internal/middleware/nollamas_test.go +++ /dev/null @@ -1,178 +0,0 @@ -// GoToSocial -// Copyright (C) GoToSocial Authors admin@gotosocial.org -// SPDX-License-Identifier: AGPL-3.0-or-later -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . - -package middleware_test - -import ( - "context" - "crypto/sha256" - "encoding/hex" - "io" - "net/http" - "net/http/httptest" - "slices" - "strconv" - "strings" - "testing" - - "code.superseriousbusiness.org/gotosocial/internal/api/model" - apiutil "code.superseriousbusiness.org/gotosocial/internal/api/util" - "code.superseriousbusiness.org/gotosocial/internal/config" - "code.superseriousbusiness.org/gotosocial/internal/gtserror" - "code.superseriousbusiness.org/gotosocial/internal/middleware" - "code.superseriousbusiness.org/gotosocial/internal/router" - "codeberg.org/gruf/go-byteutil" - "github.com/gin-gonic/gin" - "github.com/stretchr/testify/assert" -) - -func TestNoLLaMasMiddleware(t *testing.T) { - // Gin test engine. - e := gin.New() - - // Setup necessary configuration variables. - config.SetAdvancedScraperDeterrenceEnabled(true) - config.SetWebTemplateBaseDir("../../web/template") - - // Load templates into engine. - err := router.LoadTemplates(e) - assert.NoError(t, err) - - // Add middleware to the gin engine handler stack. - middleware := middleware.NoLLaMas(apiutil.CookiePolicy{}, getInstanceV1) - e.Use(middleware) - - // Set test handler we can - // easily check if was used. - e.Handle("GET", "/", testHandler) - - // Test with differing user-agents. - for _, userAgent := range []string{ - "CURL", - "Mozilla FireSox", - "Google Gnome", - } { - testNoLLaMasMiddleware(t, e, userAgent) - } -} - -func testNoLLaMasMiddleware(t *testing.T, e *gin.Engine, userAgent string) { - // Prepare a test request for gin engine. - r := httptest.NewRequest("GET", "/", nil) - r.Header.Set("User-Agent", userAgent) - rw := httptest.NewRecorder() - - // Pass req through - // engine handler. - e.ServeHTTP(rw, r) - - // Get http result. - res := rw.Result() - - // It should have been stopped - // by middleware and NOT used - // the expected test handler. - ok := usedTestHandler(res) - assert.False(t, ok) - - // Read entire response body. - b, err := io.ReadAll(res.Body) - if err != nil { - panic(err) - } - - var seed string - var challenge string - - // Parse output body and find the challenge / difficulty. - for _, line := range strings.Split(string(b), "\n") { - line = strings.TrimSpace(line) - switch { - case strings.HasPrefix(line, "data-nollamas-seed=\""): - line = line[20:] - line = line[:len(line)-1] - seed = line - case strings.HasPrefix(line, "data-nollamas-challenge=\""): - line = line[25:] - line = line[:len(line)-1] - challenge = line - } - } - - // Ensure valid posed challenge. - assert.NotEmpty(t, challenge) - assert.NotEmpty(t, seed) - - // Prepare a test request for gin engine. - r = httptest.NewRequest("GET", "/", nil) - r.Header.Set("User-Agent", userAgent) - rw = httptest.NewRecorder() - - t.Logf("seed=%s", seed) - t.Logf("challenge=%s", challenge) - - // Now compute and set solution query paramater. - solution := computeSolution(seed, challenge) - r.URL.RawQuery = "nollamas_solution=" + solution - t.Logf("solution=%s", solution) - - // Pass req through - // engine handler. - e.ServeHTTP(rw, r) - - // Get http result. - res = rw.Result() - - // Should have received redirect. - uri, err := res.Location() - assert.NoError(t, err) - assert.Equal(t, uri.String(), "/") - - // Ensure our expected solution cookie (to bypass challenge) was set. - ok = slices.ContainsFunc(res.Cookies(), func(c *http.Cookie) bool { - return c.Name == "gts-nollamas" - }) - assert.True(t, ok) -} - -// computeSolution does the functional equivalent of our nollamas workerTask.js. -func computeSolution(seed, challenge string) string { - for i := 0; ; i++ { - solution := strconv.Itoa(i) - combined := seed + solution - hash := sha256.Sum256(byteutil.S2B(combined)) - encoded := hex.EncodeToString(hash[:]) - if encoded != challenge { - continue - } - return solution - } -} - -// usedTestHandler returns whether testHandler() was used. -func usedTestHandler(res *http.Response) bool { - return res.Header.Get("test-handler") == "ok" -} - -func testHandler(c *gin.Context) { - c.Writer.Header().Set("test-handler", "ok") - c.Writer.WriteHeader(http.StatusOK) -} - -func getInstanceV1(context.Context) (*model.InstanceV1, gtserror.WithCode) { - return &model.InstanceV1{}, nil -} diff --git a/internal/web/web.go b/internal/web/web.go index c7b7c9f25..3468ef63b 100644 --- a/internal/web/web.go +++ b/internal/web/web.go @@ -101,16 +101,12 @@ func (m *Module) Route(r *router.Router, mi ...gin.HandlerFunc) { // Handlers that serve profiles and statuses should use // the SignatureCheck middleware, so that requests with - // content-type application/activity+json can be served, - // and (if enabled) the nollamas middleware, to protect - // against scraping by shitty LLM bullshit. + // content-type application/activity+json can be served. profileGroup := r.AttachGroup(profileGroupPath) profileGroup.Use(mi...) profileGroup.Use(middleware.SignatureCheck(m.isURIBlocked), middleware.CacheControl(middleware.CacheControlConfig{ Directives: []string{"no-store"}, })) - nollamas := middleware.NoLLaMas(m.cookiePolicy, m.processor.InstanceGetV1) - profileGroup.Use(nollamas) profileGroup.Handle(http.MethodGet, "", m.profileGETHandler) // use empty path here since it's the base of the group profileGroup.Handle(http.MethodGet, statusPath, m.threadGETHandler) diff --git a/mkdocs.yml b/mkdocs.yml index 255ae8f7b..02dadf4cf 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -131,7 +131,6 @@ nav: - "advanced/tracing.md" - "advanced/metrics.md" - "advanced/replicating-sqlite.md" - - "advanced/scraper_deterrence.md" - "advanced/sqlite-networked-storage.md" - "Advanced builds": - "advanced/builds/nowasm.md" diff --git a/scripts/bundle_licenses.sh b/scripts/bundle_licenses.sh index ae94837d6..0886f897e 100755 --- a/scripts/bundle_licenses.sh +++ b/scripts/bundle_licenses.sh @@ -33,8 +33,7 @@ for file in $(find ./web/source | license_filter); do done # Copy over misc other licenses -for file in ./LICENSE \ - ./web/source/nollamasworker/sha256.js; do +for file in ./LICENSE; do echo "----------------------------------------------------------" >> "$OUTPUT" echo >> "$OUTPUT" echo "${file}:" >> "$OUTPUT" diff --git a/test/envparsing.sh b/test/envparsing.sh index d61a1a728..36fd847c5 100755 --- a/test/envparsing.sh +++ b/test/envparsing.sh @@ -20,8 +20,6 @@ EXPECT=$(cat << "EOF" "127.0.0.1/32" ], "advanced-rate-limit-requests": 6969, - "advanced-scraper-deterrence-difficulty": 500000, - "advanced-scraper-deterrence-enabled": true, "advanced-sender-multiplier": -1, "advanced-throttling-multiplier": -1, "advanced-throttling-retry-after": 10000000000, @@ -325,8 +323,6 @@ GTS_SYSLOG_ADDRESS='127.0.0.1:6969' \ GTS_ADVANCED_COOKIES_SAMESITE='strict' \ GTS_ADVANCED_RATE_LIMIT_EXCEPTIONS="192.0.2.0/24,127.0.0.1/32" \ GTS_ADVANCED_RATE_LIMIT_REQUESTS=6969 \ -GTS_ADVANCED_SCRAPER_DETERRENCE_DIFFICULTY=500000 \ -GTS_ADVANCED_SCRAPER_DETERRENCE_ENABLED=true \ GTS_ADVANCED_SENDER_MULTIPLIER=-1 \ GTS_ADVANCED_THROTTLING_MULTIPLIER=-1 \ GTS_ADVANCED_THROTTLING_RETRY_AFTER='10s' \ diff --git a/testrig/config.go b/testrig/config.go index 991382bd2..f3e3e6fe0 100644 --- a/testrig/config.go +++ b/testrig/config.go @@ -184,11 +184,6 @@ func testDefaults() config.Configuration { Throttling: config.ThrottlingConfig{ Multiplier: 0, // disabled }, - - ScraperDeterrence: config.ScraperDeterrenceConfig{ - Enabled: envBool("GTS_ADVANCED_SCRAPER_DETERRENCE_ENABLED", false), - Difficulty: uint32(envInt("GTS_ADVANCED_SCRAPER_DETERRENCE_DIFFICULTY", 100000)), //nolint - }, }, SoftwareVersion: "0.0.0-testrig", diff --git a/web/source/.eslintignore b/web/source/.eslintignore index 4ce4ebebe..ae325e9c8 100644 --- a/web/source/.eslintignore +++ b/web/source/.eslintignore @@ -1,4 +1,3 @@ node_modules prism.js prism.css -nollamasworker/sha256.js \ No newline at end of file diff --git a/web/source/css/nollamas.css b/web/source/css/nollamas.css deleted file mode 100644 index 5fe861364..000000000 --- a/web/source/css/nollamas.css +++ /dev/null @@ -1,30 +0,0 @@ -/* - GoToSocial - Copyright (C) GoToSocial Authors admin@gotosocial.org - SPDX-License-Identifier: AGPL-3.0-or-later - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - -.nollamas { - display: flex; - flex-direction: column; - - .nollamas-status { - display: flex; - flex-direction: column; - align-self: center; - align-items: center; - } -} diff --git a/web/source/index.js b/web/source/index.js index b9d608318..6a218cd08 100644 --- a/web/source/index.js +++ b/web/source/index.js @@ -73,24 +73,6 @@ skulk({ ["babelify", { global: true }] ], }, - nollamas: { - entryFile: "nollamas", - outputFile: "nollamas.js", - preset: ["js"], - prodCfg: prodCfg, - transform: [ - ["babelify", { global: true }] - ], - }, - nollamasworker: { - entryFile: "nollamasworker", - outputFile: "nollamasworker.js", - preset: ["js"], - prodCfg: prodCfg, - transform: [ - ["babelify", { global: true }] - ], - }, settings: { entryFile: "settings", outputFile: "settings.js", diff --git a/web/source/nollamas/index.js b/web/source/nollamas/index.js deleted file mode 100644 index b04a97c23..000000000 --- a/web/source/nollamas/index.js +++ /dev/null @@ -1,129 +0,0 @@ -/* - GoToSocial - Copyright (C) GoToSocial Authors admin@gotosocial.org - SPDX-License-Identifier: AGPL-3.0-or-later - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - -const explanation = "Your browser is currently solving a proof-of-work challenge designed to deter \"ai\" scrapers. This should take no more than a few seconds..."; - -document.addEventListener("DOMContentLoaded", function() { - // Get the nollamas section container. - const nollamas = document.querySelector(".nollamas"); - - // Add some "loading" text to show that - // a proof-of-work captcha is being done. - const p = this.createElement("p"); - p.className = "nollamas-explanation"; - p.appendChild(document.createTextNode(explanation)); - nollamas.appendChild(p); - - // Add a loading spinner, but only - // animate it if motion is allowed. - const spinner = document.createElement("i"); - spinner.className = "fa fa-spinner fa-2x fa-fw nollamas-status"; - if (!window.matchMedia('(prefers-reduced-motion: reduce)').matches) { - spinner.className += " fa-pulse"; - } - spinner.setAttribute("title","Solving..."); - spinner.setAttribute("aria-label", "Solving"); - nollamas.appendChild(spinner); - - // Read the challenge and difficulty from - // data attributes on the nollamas section. - const seed = nollamas.dataset.nollamasSeed; - const challenge = nollamas.dataset.nollamasChallenge; - const threads = navigator.hardwareConcurrency; - if (typeof(threads) != "number" || threads < 1) { threads = 1; } - - console.log("seed:", seed); // eslint-disable-line no-console - console.log("challenge:", challenge); // eslint-disable-line no-console - console.log("threads:", threads); // eslint-disable-line no-console - - // Create an array to track - // all workers such that we - // can terminate them all. - const workers = []; - const terminateAll = () => { workers.forEach((worker) => worker.terminate() ); }; - - // Get time before task completion. - const startTime = performance.now(); - - // Prepare and start each worker, - // adding them to the workers array. - for (let i = 0; i < threads; i++) { - const worker = new Worker("/assets/dist/nollamasworker.js"); - workers.push(worker); - - // On any error terminate. - worker.onerror = (ev) => { - console.error("worker error:", ev); // eslint-disable-line no-console - terminateAll(); - }; - - // Post worker message, where each - // worker will compute nonces in range: - // $threadNumber + $totalThreads * n - worker.postMessage({ - challenge: challenge, - threads: threads, - thread: i, - seed: seed, - }); - - // Set main on-success function. - worker.onmessage = function (e) { - if (e.data.done) { - // Stop workers. - terminateAll(); - - // Log which thread found the solution. - console.log("solution from:", e.data.thread); // eslint-disable-line no-console - - // Get total computation duration. - const endTime = performance.now(); - const duration = endTime - startTime; - - // Remove spinner and replace it with a tick - // and info about how long it took to solve. - nollamas.removeChild(spinner); - const solutionWrapper = document.createElement("div"); - solutionWrapper.className = "nollamas-status"; - - const tick = document.createElement("i"); - tick.className = "fa fa-check fa-2x fa-fw"; - tick.setAttribute("title","Solved!"); - tick.setAttribute("aria-label", "Solved!"); - solutionWrapper.appendChild(tick); - - const took = document.createElement("span"); - const solvedText = `Solved after ${e.data.nonce} iterations by worker ${e.data.thread} of ${threads}, in ${duration.toString()}ms!`; - took.appendChild(document.createTextNode(solvedText)); - solutionWrapper.appendChild(took); - - nollamas.appendChild(solutionWrapper); - - // Wait for 500ms before redirecting, to give - // visitors a shot at reading the message, but - // not so long that they have to wait unduly. - setTimeout(() => { - let url = new URL(window.location.href); - url.searchParams.set("nollamas_solution", e.data.nonce); - window.location.replace(url.toString()); - }, 500); - } - }; - } -}); diff --git a/web/source/nollamasworker/index.js b/web/source/nollamasworker/index.js deleted file mode 100644 index 0a7711ce1..000000000 --- a/web/source/nollamasworker/index.js +++ /dev/null @@ -1,56 +0,0 @@ -/* - GoToSocial - Copyright (C) GoToSocial Authors admin@gotosocial.org - SPDX-License-Identifier: AGPL-3.0-or-later - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU Affero General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU Affero General Public License for more details. - - You should have received a copy of the GNU Affero General Public License - along with this program. If not, see . -*/ - -import sha256 from "./sha256"; - -let compute = async function(seedStr, challengeStr, start, iter) { - const textEncoder = new TextEncoder(); - - let nonce = start; - while (true) { // eslint-disable-line no-constant-condition - - // Create possible solution string from challenge string + nonce. - const solution = textEncoder.encode(seedStr + nonce.toString()); - - // Generate hex encoded SHA256 hashsum of solution. - const hashArray = Array.from(sha256(solution)); - const hashAsHex = hashArray.map(b => b.toString(16).padStart(2, "0")).join(""); - - // Check whether hex encoded - // solution matches challenge. - if (hashAsHex == challengeStr) { - return nonce; - } - - // Iter nonce. - nonce += iter; - } -}; - -onmessage = async function(e) { - const thread = e.data.thread; - const threads = e.data.threads; - console.log("worker started:", thread); // eslint-disable-line no-console - - // Compute nonce value that produces 'challenge', for our allotted thread. - let nonce = await compute(e.data.seed, e.data.challenge, thread, threads); - - // Post the solution nonce back to caller with thread no. - postMessage({ nonce: nonce, done: true, thread: thread }); -}; diff --git a/web/source/nollamasworker/sha256.js b/web/source/nollamasworker/sha256.js deleted file mode 100644 index 553442d7c..000000000 --- a/web/source/nollamasworker/sha256.js +++ /dev/null @@ -1,113 +0,0 @@ -/* - Copyright 2022 Andrea Griffini - - Permission is hereby granted, free of charge, to any person obtaining - a copy of this software and associated documentation files (the - "Software"), to deal in the Software without restriction, including - without limitation the rights to use, copy, modify, merge, publish, - distribute, sublicense, and/or sell copies of the Software, and to - permit persons to whom the Software is furnished to do so, subject to - the following conditions: - - The above copyright notice and this permission notice shall be - included in all copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE - LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION - OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION - WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - -*/ - -// sha256(data) returns the digest of an input piece of data. -// sha256(none) returns an object you can call .add(data), and .digest() at the end. -// the returned digest is a 32-byte Uint8Array instance with an added .hex() function. -// input should be string (that will be encoded as UTF-8) or an array-like with values 0..255. -// source: https://github.com/6502/sha256 -export default function sha256(data) { - let h0 = 0x6a09e667, h1 = 0xbb67ae85, h2 = 0x3c6ef372, h3 = 0xa54ff53a, - h4 = 0x510e527f, h5 = 0x9b05688c, h6 = 0x1f83d9ab, h7 = 0x5be0cd19, - tsz = 0, bp = 0; - const k = [0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, - 0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, - 0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, - 0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, - 0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, - 0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, - 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, - 0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2], - rrot = (x, n) => (x >>> n) | (x << (32-n)), - w = new Uint32Array(64), - buf = new Uint8Array(64), - process = () => { - for (let j=0,r=0; j<16; j++,r+=4) { - w[j] = (buf[r]<<24) | (buf[r+1]<<16) | (buf[r+2]<<8) | buf[r+3]; - } - for (let j=16; j<64; j++) { - let s0 = rrot(w[j-15], 7) ^ rrot(w[j-15], 18) ^ (w[j-15] >>> 3); - let s1 = rrot(w[j-2], 17) ^ rrot(w[j-2], 19) ^ (w[j-2] >>> 10); - w[j] = (w[j-16] + s0 + w[j-7] + s1) | 0; - } - let a = h0, b = h1, c = h2, d = h3, e = h4, f = h5, g = h6, h = h7; - for (let j=0; j<64; j++) { - let S1 = rrot(e, 6) ^ rrot(e, 11) ^ rrot(e, 25), - ch = (e & f) ^ ((~e) & g), - t1 = (h + S1 + ch + k[j] + w[j]) | 0, - S0 = rrot(a, 2) ^ rrot(a, 13) ^ rrot(a, 22), - maj = (a & b) ^ (a & c) ^ (b & c), - t2 = (S0 + maj) | 0; - h = g; g = f; f = e; e = (d + t1)|0; d = c; c = b; b = a; a = (t1 + t2)|0; - } - h0 = (h0 + a)|0; h1 = (h1 + b)|0; h2 = (h2 + c)|0; h3 = (h3 + d)|0; - h4 = (h4 + e)|0; h5 = (h5 + f)|0; h6 = (h6 + g)|0; h7 = (h7 + h)|0; - bp = 0; - }, - add = data => { - if (typeof data === "string") { - data = typeof TextEncoder === "undefined" ? Buffer.from(data) : (new TextEncoder).encode(data); - } - for (let i=0; i { - buf[bp++] = 0x80; if (bp == 64) {process();} - if (bp + 8 > 64) { - while (bp < 64) {buf[bp++] = 0x00;} - process(); - } - while (bp < 58) {buf[bp++] = 0x00;} - // Max number of bytes is 35,184,372,088,831 - let L = tsz * 8; - buf[bp++] = (L / 1099511627776.) & 255; - buf[bp++] = (L / 4294967296.) & 255; - buf[bp++] = L >>> 24; - buf[bp++] = (L >>> 16) & 255; - buf[bp++] = (L >>> 8) & 255; - buf[bp++] = L & 255; - process(); - let reply = new Uint8Array(32); - reply[ 0] = h0 >>> 24; reply[ 1] = (h0 >>> 16) & 255; reply[ 2] = (h0 >>> 8) & 255; reply[ 3] = h0 & 255; - reply[ 4] = h1 >>> 24; reply[ 5] = (h1 >>> 16) & 255; reply[ 6] = (h1 >>> 8) & 255; reply[ 7] = h1 & 255; - reply[ 8] = h2 >>> 24; reply[ 9] = (h2 >>> 16) & 255; reply[10] = (h2 >>> 8) & 255; reply[11] = h2 & 255; - reply[12] = h3 >>> 24; reply[13] = (h3 >>> 16) & 255; reply[14] = (h3 >>> 8) & 255; reply[15] = h3 & 255; - reply[16] = h4 >>> 24; reply[17] = (h4 >>> 16) & 255; reply[18] = (h4 >>> 8) & 255; reply[19] = h4 & 255; - reply[20] = h5 >>> 24; reply[21] = (h5 >>> 16) & 255; reply[22] = (h5 >>> 8) & 255; reply[23] = h5 & 255; - reply[24] = h6 >>> 24; reply[25] = (h6 >>> 16) & 255; reply[26] = (h6 >>> 8) & 255; reply[27] = h6 & 255; - reply[28] = h7 >>> 24; reply[29] = (h7 >>> 16) & 255; reply[30] = (h7 >>> 8) & 255; reply[31] = h7 & 255; - reply.hex = () => { - let res = ""; - reply.forEach(x => res += ("0" + x.toString(16)).slice(-2)); // eslint-disable-line no-return-assign - return res; - }; - return reply; - }; - if (data === undefined) {return {add, digest};} - add(data); - return digest(); -} diff --git a/web/template/nollamas.tmpl b/web/template/nollamas.tmpl deleted file mode 100644 index a7511e7ae..000000000 --- a/web/template/nollamas.tmpl +++ /dev/null @@ -1,43 +0,0 @@ -{{- /* -// GoToSocial -// Copyright (C) GoToSocial Authors admin@gotosocial.org -// SPDX-License-Identifier: AGPL-3.0-or-later -// -// This program is free software: you can redistribute it and/or modify -// it under the terms of the GNU Affero General Public License as published by -// the Free Software Foundation, either version 3 of the License, or -// (at your option) any later version. -// -// This program is distributed in the hope that it will be useful, -// but WITHOUT ANY WARRANTY; without even the implied warranty of -// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -// GNU Affero General Public License for more details. -// -// You should have received a copy of the GNU Affero General Public License -// along with this program. If not, see . -*/ -}} - -{{- with . }} -
-
-

Checking you're not a creepy crawler...

- -
-
-{{- end }} \ No newline at end of file