Move JS source from packs to entrypoints (#30037)
This commit is contained in:
Matt Jankowski
GitHub
parent
32ead51e5a
commit
3f6887557b
13 changed files with 2 additions and 2 deletions
174
app/javascript/entrypoints/remote_interaction_helper.ts
Normal file
174
app/javascript/entrypoints/remote_interaction_helper.ts
Normal file
|
|
@ -0,0 +1,174 @@
|
|||
/*
|
||||
|
||||
This script is meant to to be used in an `iframe` with the sole purpose of doing webfinger queries
|
||||
client-side without being restricted by a strict `connect-src` Content-Security-Policy directive.
|
||||
|
||||
It communicates with the parent window through message events that are authenticated by origin,
|
||||
and performs no other task.
|
||||
|
||||
*/
|
||||
|
||||
import './public-path';
|
||||
|
||||
import axios from 'axios';
|
||||
|
||||
interface JRDLink {
|
||||
rel: string;
|
||||
template?: string;
|
||||
href?: string;
|
||||
}
|
||||
|
||||
const isJRDLink = (link: unknown): link is JRDLink =>
|
||||
typeof link === 'object' &&
|
||||
link !== null &&
|
||||
'rel' in link &&
|
||||
typeof link.rel === 'string' &&
|
||||
(!('template' in link) || typeof link.template === 'string') &&
|
||||
(!('href' in link) || typeof link.href === 'string');
|
||||
|
||||
const findLink = (rel: string, data: unknown): JRDLink | undefined => {
|
||||
if (
|
||||
typeof data === 'object' &&
|
||||
data !== null &&
|
||||
'links' in data &&
|
||||
data.links instanceof Array
|
||||
) {
|
||||
return data.links.find(
|
||||
(link): link is JRDLink => isJRDLink(link) && link.rel === rel,
|
||||
);
|
||||
} else {
|
||||
return undefined;
|
||||
}
|
||||
};
|
||||
|
||||
const findTemplateLink = (data: unknown) =>
|
||||
findLink('http://ostatus.org/schema/1.0/subscribe', data)?.template;
|
||||
|
||||
const fetchInteractionURLSuccess = (
|
||||
uri_or_domain: string,
|
||||
template: string,
|
||||
) => {
|
||||
window.parent.postMessage(
|
||||
{
|
||||
type: 'fetchInteractionURL-success',
|
||||
uri_or_domain,
|
||||
template,
|
||||
},
|
||||
window.origin,
|
||||
);
|
||||
};
|
||||
|
||||
const fetchInteractionURLFailure = () => {
|
||||
window.parent.postMessage(
|
||||
{
|
||||
type: 'fetchInteractionURL-failure',
|
||||
},
|
||||
window.origin,
|
||||
);
|
||||
};
|
||||
|
||||
const isValidDomain = (value: string) => {
|
||||
const url = new URL('https:///path');
|
||||
url.hostname = value;
|
||||
return url.hostname === value;
|
||||
};
|
||||
|
||||
// Attempt to find a remote interaction URL from a domain
|
||||
const fromDomain = (domain: string) => {
|
||||
const fallbackTemplate = `https://${domain}/authorize_interaction?uri={uri}`;
|
||||
|
||||
axios
|
||||
.get(`https://${domain}/.well-known/webfinger`, {
|
||||
params: { resource: `https://${domain}` },
|
||||
})
|
||||
.then(({ data }) => {
|
||||
const template = findTemplateLink(data);
|
||||
fetchInteractionURLSuccess(domain, template ?? fallbackTemplate);
|
||||
return;
|
||||
})
|
||||
.catch(() => {
|
||||
fetchInteractionURLSuccess(domain, fallbackTemplate);
|
||||
});
|
||||
};
|
||||
|
||||
// Attempt to find a remote interaction URL from an arbitrary URL
|
||||
const fromURL = (url: string) => {
|
||||
const domain = new URL(url).host;
|
||||
const fallbackTemplate = `https://${domain}/authorize_interaction?uri={uri}`;
|
||||
|
||||
axios
|
||||
.get(`https://${domain}/.well-known/webfinger`, {
|
||||
params: { resource: url },
|
||||
})
|
||||
.then(({ data }) => {
|
||||
const template = findTemplateLink(data);
|
||||
fetchInteractionURLSuccess(url, template ?? fallbackTemplate);
|
||||
return;
|
||||
})
|
||||
.catch(() => {
|
||||
fromDomain(domain);
|
||||
});
|
||||
};
|
||||
|
||||
// Attempt to find a remote interaction URL from a `user@domain` string
|
||||
const fromAcct = (acct: string) => {
|
||||
acct = acct.replace(/^@/, '');
|
||||
|
||||
const segments = acct.split('@');
|
||||
|
||||
if (segments.length !== 2 || !segments[0] || !isValidDomain(segments[1])) {
|
||||
fetchInteractionURLFailure();
|
||||
return;
|
||||
}
|
||||
|
||||
const domain = segments[1];
|
||||
const fallbackTemplate = `https://${domain}/authorize_interaction?uri={uri}`;
|
||||
|
||||
axios
|
||||
.get(`https://${domain}/.well-known/webfinger`, {
|
||||
params: { resource: `acct:${acct}` },
|
||||
})
|
||||
.then(({ data }) => {
|
||||
const template = findTemplateLink(data);
|
||||
fetchInteractionURLSuccess(acct, template ?? fallbackTemplate);
|
||||
return;
|
||||
})
|
||||
.catch(() => {
|
||||
// TODO: handle host-meta?
|
||||
fromDomain(domain);
|
||||
});
|
||||
};
|
||||
|
||||
const fetchInteractionURL = (uri_or_domain: string) => {
|
||||
if (uri_or_domain === '') {
|
||||
fetchInteractionURLFailure();
|
||||
} else if (/^https?:\/\//.test(uri_or_domain)) {
|
||||
fromURL(uri_or_domain);
|
||||
} else if (uri_or_domain.includes('@')) {
|
||||
fromAcct(uri_or_domain);
|
||||
} else {
|
||||
fromDomain(uri_or_domain);
|
||||
}
|
||||
};
|
||||
|
||||
window.addEventListener('message', (event: MessageEvent<unknown>) => {
|
||||
// Check message origin
|
||||
if (
|
||||
!window.origin ||
|
||||
window.parent !== event.source ||
|
||||
event.origin !== window.origin
|
||||
) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (
|
||||
event.data &&
|
||||
typeof event.data === 'object' &&
|
||||
'type' in event.data &&
|
||||
event.data.type === 'fetchInteractionURL' &&
|
||||
'uri_or_domain' in event.data &&
|
||||
typeof event.data.uri_or_domain === 'string'
|
||||
) {
|
||||
fetchInteractionURL(event.data.uri_or_domain);
|
||||
}
|
||||
});
|
||||
Loading…
Add table
Add a link
Reference in a new issue