laantungir/nostr-tools
1
0
Fork 0
mirror of https://github.com/nbd-wtf/nostr-tools.git synced 2025-12-10 09:08:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Clean up nip96 upload validation and make it less strict

Browse Source
This commit is contained in:
Jon Staab
2025-02-11 10:17:52 -08:00
committed by fiatjaf_
parent 3daade322c
commit 86f37d6003
2 changed files with 37 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nip55.test.ts
View File

@@ -2,7 +2,7 @@ import { test, expect } from 'bun:test'
import * as nip55 from './nip55.js' import * as nip55 from './nip55.js'
// Function to parse the NostrSigner URI // Function to parse the NostrSigner URI
function parseNostrSignerUri(uri) { function parseNostrSignerUri(uri: string) {
const [base, query] = uri.split('?') const [base, query] = uri.split('?')
const basePart = base.replace('nostrsigner:', '') const basePart = base.replace('nostrsigner:', '')

89
nip96.ts
View File

@@ -267,13 +267,11 @@ export async function readServerConfig(serverUrl: string): Promise<ServerConfigu
* @returns true if the object is a valid FileUploadResponse, otherwise false. * @returns true if the object is a valid FileUploadResponse, otherwise false.
*/ */
export function validateFileUploadResponse(response: any): response is FileUploadResponse { export function validateFileUploadResponse(response: any): response is FileUploadResponse {
if (typeof response !== 'object' || response === null) return false if (typeof response !== 'object' || response === null) {
if (!response.status || !response.message) {
return false return false
} }
if (response.status !== 'success' && response.status !== 'error' && response.status !== 'processing') { if (!['success', 'error', 'processing'].includes(response.status)) {
return false return false
} }
@@ -285,10 +283,8 @@ export function validateFileUploadResponse(response: any): response is FileUploa
return false return false
} }
if (response.processing_url) { if (response.processing_url && typeof response.processing_url !== 'string') {
if (typeof response.processing_url !== 'string') { return false
return false
}
} }
if (response.status === 'success' && !response.nip94_event) { if (response.status === 'success' && !response.nip94_event) {
@@ -296,25 +292,21 @@ export function validateFileUploadResponse(response: any): response is FileUploa
} }
if (response.nip94_event) { if (response.nip94_event) {
if ( const tags = response.nip94_event.tags as string[][]
!response.nip94_event.tags ||
!Array.isArray(response.nip94_event.tags) || if (!Array.isArray(tags)) {
response.nip94_event.tags.length === 0
) {
return false return false
} }
for (const tag of response.nip94_event.tags) { if (tags.some(t => t.length < 2 || t.some(x => typeof x !== 'string'))) {
if (!Array.isArray(tag) || tag.length !== 2) return false
if (typeof tag[0] !== 'string' || typeof tag[1] !== 'string') return false
}
if (!(response.nip94_event.tags as string[]).find(t => t[0] === 'url')) {
return false return false
} }
if (!(response.nip94_event.tags as string[]).find(t => t[0] === 'ox')) { if (!tags.some(t => t[0] === 'url')) {
return false
}
if (!tags.some(t => t[0] === 'ox')) {
return false return false
} }
} }
@@ -385,17 +377,13 @@ export async function uploadFile(
throw new Error('Unknown error in uploading file!') throw new Error('Unknown error in uploading file!')
} }
try { const parsedResponse = await response.json()
const parsedResponse = await response.json()
if (!validateFileUploadResponse(parsedResponse)) { if (!validateFileUploadResponse(parsedResponse)) {
throw new Error('Invalid response from the server!') throw new Error('Failed to validate upload response!')
}
return parsedResponse
} catch (error) {
throw new Error('Error parsing JSON response!')
} }
return parsedResponse
} }
/** /**
@@ -512,33 +500,28 @@ export async function checkFileProcessingStatus(
} }
// Parse the response // Parse the response
try { const parsedResponse = await response.json()
const parsedResponse = await response.json()
// 201 Created: Indicates the processing is over. // 201 Created: Indicates the processing is over.
if (response.status === 201) { if (response.status === 201) {
// Validate the response if (!validateFileUploadResponse(parsedResponse)) {
if (!validateFileUploadResponse(parsedResponse)) { throw new Error('Failed to validate upload response!')
throw new Error('Invalid response from the server!')
}
return parsedResponse
} }
// 200 OK: Indicates the processing is still ongoing. return parsedResponse as FileUploadResponse
if (response.status === 200) {
// Validate the response
if (!validateDelayedProcessingResponse(parsedResponse)) {
throw new Error('Invalid response from the server!')
}
return parsedResponse
}
throw new Error('Invalid response from the server!')
} catch (error) {
throw new Error('Error parsing JSON response!')
} }
// 200 OK: Indicates the processing is still ongoing.
if (response.status === 200) {
// Validate the response
if (!validateDelayedProcessingResponse(parsedResponse)) {
throw new Error('Invalid response from the server!')
}
return parsedResponse
}
throw new Error('Invalid response from the server!')
} }
/** /**