mirrors/activitypub-federation-rust
1
0
Fork 0
mirror of https://github.com/LemmyNet/activitypub-federation-rust.git synced 2024-05-18 00:52:40 +00:00
Code Issues Projects Releases Wiki Activity

content-type

Browse source
This commit is contained in:
Felix Ableitner 2024-03-07 15:49:33 +01:00
parent 26ac6e82dc
commit b3978cf418
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/fetch/mod.rs
View file

@ -57,11 +57,15 @@ pub async fn fetch_object_http<T: Clone, Kind: DeserializeOwned>(
static ALT_CONTENT_TYPE: HeaderValue = HeaderValue::from_static(
r#"application/ld+json; profile="https://www.w3.org/ns/activitystreams""#,
);
static ALT_CONTENT_TYPE_MASTODON: HeaderValue = HeaderValue::from_static(
r#"application/activity+json; charset=utf-8"#,
);
let res = fetch_object_http_with_accept(url, data, &CONTENT_TYPE).await?;
// Ensure correct content-type to prevent vulnerabilities.
if res.content_type.as_ref() != Some(&CONTENT_TYPE)
&& res.content_type.as_ref() != Some(&ALT_CONTENT_TYPE)
&& res.content_type.as_ref() != Some(&ALT_CONTENT_TYPE_MASTODON)
{
return Err(Error::FetchInvalidContentType(res.url));
}