Validity check

2025-12-10 13:37:01 +03:00 · 2025-04-21 19:26:42 -04:00
parent 039fb3ac7a
commit cfd61dc8dd
5 changed files with 27 additions and 2 deletions
--- a/src/config.ts
+++ b/src/config.ts
@@ -69,6 +69,9 @@ addDefaults(config, {
            message: "OK",
        }
    },
    validityCheck: {
        userAgent: null,
    },
    userCounterURL: null,
    userCounterRatio: 10,
    newLeafURLs: null,
--- a/src/routes/postBranding.ts
+++ b/src/routes/postBranding.ts
@@ -18,7 +18,7 @@ import { checkBanStatus } from "../utils/checkBan";
 import axios from "axios";
 import { getMaxResThumbnail } from "../utils/youtubeApi";
 import { getVideoDetails } from "../utils/getVideoDetails";
-import { canSubmitDeArrow } from "../utils/permissions";
+import { canSubmitDeArrow, validSubmittedData } from "../utils/permissions";
 import { parseUserAgent } from "../utils/userAgent";
 enum BrandingType {
@@ -58,6 +58,12 @@ export async function postBranding(req: Request, res: Response) {
        const hashedIP = await getHashCache(getIP(req) + config.globalSalt as IPAddress);
        const isBanned = await checkBanStatus(hashedUserID, hashedIP);
        if (!validSubmittedData(userAgent)) {
            Logger.warn(`Rejecting submission based on invalid data: ${hashedUserID} ${videoID} ${videoDuration} ${userAgent} ${req.headers["user-agent"]}`);
            res.status(200).send("OK");
            return;
        }
        const permission = await canSubmitDeArrow(hashedUserID);
        if (!permission.canSubmit) {
            Logger.warn(`New user trying to submit dearrow: ${hashedUserID} ${videoID} ${videoDuration} ${title} ${req.headers["user-agent"]}`);
--- a/src/routes/postSkipSegments.ts
+++ b/src/routes/postSkipSegments.ts
@@ -20,7 +20,7 @@ import { parseUserAgent } from "../utils/userAgent";
 import { getService } from "../utils/getService";
 import axios from "axios";
 import { vote } from "./voteOnSponsorTime";
-import { canSubmit, canSubmitGlobal } from "../utils/permissions";
+import { canSubmit, canSubmitGlobal, validSubmittedData } from "../utils/permissions";
 import { getVideoDetails, videoDetails } from "../utils/getVideoDetails";
 import * as youtubeID from "../utils/youtubeID";
 import { acquireLock } from "../utils/redisLock";
@@ -509,6 +509,11 @@ export async function postSkipSegments(req: Request, res: Response): Promise<Res
    }
    const userID: HashedUserID = await getHashCache(paramUserID);
    if (!validSubmittedData(userAgent)) {
        Logger.warn(`Rejecting submission based on invalid data: ${userID} ${videoID} ${videoDurationParam} ${userAgent} ${req.headers["user-agent"]}`);
        return res.status(200).send("OK");
    }
    const permission = await canSubmitGlobal(userID);
    if (!permission.canSubmit) {
        Logger.warn(`New user trying to submit: ${userID} ${videoID} ${videoDurationParam} ${userAgent} ${req.headers["user-agent"]}`);
--- a/src/types/config.model.ts
+++ b/src/types/config.model.ts
@@ -85,6 +85,9 @@ export interface SBSConfig {
        vote: RateLimitConfig;
        view: RateLimitConfig;
    };
    validityCheck: {
        userAgent: string | null;
    }
    minimumPrefix?: string;
    maximumPrefix?: string;
    redis?: RedisConfig;
--- a/src/utils/permissions.ts
+++ b/src/utils/permissions.ts
@@ -108,6 +108,14 @@ export async function canSubmit(userID: HashedUserID, category: Category): Promi
    }
 }
 export function validSubmittedData(userAgent: string): boolean {
    if (!config.validityCheck.userAgent) {
        return true;
    }
    return new RegExp(config.validityCheck.userAgent).test(userAgent);
 }
 export async function canSubmitGlobal(userID: HashedUserID): Promise<CanSubmitGlobalResult> {
    const oldSubmitterOrAllowedPromise = oldSubmitterOrAllowed(userID);