feat: validate proxy targets during signing and proxy fetch
This commit is contained in:
@@ -7,6 +7,7 @@ import (
|
||||
"mal/integrations/jikan"
|
||||
"mal/internal/domain"
|
||||
"mal/internal/observability"
|
||||
"mal/internal/playback/proxytarget"
|
||||
errlog "mal/pkg"
|
||||
netutil "mal/pkg/net"
|
||||
"net/http"
|
||||
@@ -43,6 +44,9 @@ func (s *playbackService) SignProxyToken(targetURL, referer, scope string) (stri
|
||||
if s.proxyTokenKey == "" {
|
||||
return "", nil
|
||||
}
|
||||
if err := proxytarget.Validate(targetURL); err != nil {
|
||||
return "", err
|
||||
}
|
||||
return s.proxyTokens.create(targetURL, referer, scope, 2*time.Hour, time.Now())
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user