mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-11-02 13:32:26 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

[feature] domain block wildcarding (#1178)

Browse source 
* for domain block lookups, lookup along subdomain parts

Signed-off-by: kim <grufwub@gmail.com>

* only lookup up to a max of 5 domain parts to prevent DOS, limit inserted domains to max of 5 subdomains

Signed-off-by: kim <grufwub@gmail.com>

* add test for domain block wildcarding

Signed-off-by: kim <grufwub@gmail.com>

* check cached status first, increase cached domain time

Signed-off-by: kim <grufwub@gmail.com>

* fix domain wildcard part building logic

Signed-off-by: kim <grufwub@gmail.com>

* create separate domain.BlockCache{} type to hold all domain blocks in memory

Signed-off-by: kim <grufwub@gmail.com>

* remove unused variable

Signed-off-by: kim <grufwub@gmail.com>

* add docs and test to domain block cache, check for domain == host in domain block getter funcs

Signed-off-by: kim <grufwub@gmail.com>

* add license text

Signed-off-by: kim <grufwub@gmail.com>

* check order in which we check primary cache

Signed-off-by: kim <grufwub@gmail.com>

* add better documentation of how domain block checking is performed

Signed-off-by: kim <grufwub@gmail.com>

* change

Signed-off-by: kim <grufwub@gmail.com>

Signed-off-by: kim <grufwub@gmail.com>
This commit is contained in:
kim 2022-12-14 09:55:36 +00:00 committed by GitHub
commit 69dd5fed2c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 350 additions and 39 deletions
Download patch file Download diff file Expand all files Collapse all files

32
internal/db/bundb/domain_test.go
View file

@ -56,6 +56,38 @@ func (suite *DomainTestSuite) TestIsDomainBlocked() {
suite.WithinDuration(time.Now(), domainBlock.CreatedAt, 10*time.Second)
}
func (suite *DomainTestSuite) TestIsDomainBlockedWildcard() {
ctx := context.Background()
domainBlock := &gtsmodel.DomainBlock{
ID: "01G204214Y9TNJEBX39C7G88SW",
Domain: "bad.apples",
CreatedByAccountID: suite.testAccounts["admin_account"].ID,
CreatedByAccount: suite.testAccounts["admin_account"],
}
// no domain block exists for the given domain yet
blocked, err := suite.db.IsDomainBlocked(ctx, domainBlock.Domain)
suite.NoError(err)
suite.False(blocked)
err = suite.db.CreateDomainBlock(ctx, domainBlock)
suite.NoError(err)
// Start with the base block domain
domain := domainBlock.Domain
for _, part := range []string{"extra", "domain", "parts"} {
// Prepend the next domain part
domain = part + "." + domain
// Check that domain block is wildcarded for this subdomain
blocked, err = suite.db.IsDomainBlocked(ctx, domainBlock.Domain)
suite.NoError(err)
suite.True(blocked)
}
}
func (suite *DomainTestSuite) TestIsDomainBlockedNonASCII() {
ctx := context.Background()