Mirror/SponsorBlockServer
1
0
Fork 0
mirror of https://github.com/ajayyy/SponsorBlockServer.git synced 2025-12-27 01:48:33 +03:00
Code Issues Packages Projects Releases Wiki Activity

create a request validator engine

Browse Source
This commit is contained in:
mini-bomba
2025-04-25 19:38:54 +02:00
parent 920d288f0b
commit f7e5394a18
7 changed files with 269 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/routes/postBranding.ts
View File

@@ -18,8 +18,9 @@ import { checkBanStatus } from "../utils/checkBan";
import axios from "axios";
import { getMaxResThumbnail } from "../utils/youtubeApi";
import { getVideoDetails } from "../utils/getVideoDetails";
import { canSubmitDeArrow, validSubmittedData } from "../utils/permissions";
import { canSubmitDeArrow } from "../utils/permissions";
import { parseUserAgent } from "../utils/userAgent";
import { isRequestInvalid } from "../utils/requestValidator";
enum BrandingType {
Title,
@@ -58,8 +59,19 @@ export async function postBranding(req: Request, res: Response) {
const hashedIP = await getHashCache(getIP(req) + config.globalSalt as IPAddress);
const isBanned = await checkBanStatus(hashedUserID, hashedIP);
if (!validSubmittedData(userAgent, req.headers["user-agent"])) {
Logger.warn(`Rejecting submission based on invalid data: ${hashedUserID} ${videoID} ${videoDuration} ${userAgent} ${req.headers["user-agent"]}`);
if (isRequestInvalid({
userAgent,
userAgentHeader: req.headers["user-agent"],
videoDuration,
userID,
service,
dearrow: {
title,
thumbnail,
downvote,
}
})) {
Logger.warn(`Rejecting submission based on invalid data: ${hashedUserID} ${videoID} ${videoDuration} ${userAgent} ${req.headers["user-agent"]} ${title.title} ${thumbnail.timestamp}`);
res.status(200).send("OK");
return;
}

12
src/routes/postSkipSegments.ts
View File

@@ -20,11 +20,12 @@ import { parseUserAgent } from "../utils/userAgent";
import { getService } from "../utils/getService";
import axios from "axios";
import { vote } from "./voteOnSponsorTime";
import { canSubmit, canSubmitGlobal, validSubmittedData } from "../utils/permissions";
import { canSubmit, canSubmitGlobal } from "../utils/permissions";
import { getVideoDetails, videoDetails } from "../utils/getVideoDetails";
import * as youtubeID from "../utils/youtubeID";
import { acquireLock } from "../utils/redisLock";
import { checkBanStatus } from "../utils/checkBan";
import { isRequestInvalid } from "../utils/requestValidator";
type CheckResult = {
pass: boolean,
@@ -509,7 +510,14 @@ export async function postSkipSegments(req: Request, res: Response): Promise<Res
}
const userID: HashedUserID = await getHashCache(paramUserID);
if (!validSubmittedData(userAgent, req.headers["user-agent"])) {
if (isRequestInvalid({
userAgent,
userAgentHeader: req.headers["user-agent"],
videoDuration,
userID: paramUserID,
service,
segments,
})) {
Logger.warn(`Rejecting submission based on invalid data: ${userID} ${videoID} ${videoDurationParam} ${userAgent} ${req.headers["user-agent"]}`);
return res.status(200).send("OK");
}