add: url schema check on server side, misc: cargo update

This commit is contained in:
minoplhy 2024-11-01 00:27:37 +07:00
parent abb48c68c5
commit 33d59ed633
Signed by: minoplhy
GPG Key ID: 41D406044E2434BF
3 changed files with 117 additions and 87 deletions

148
actix/Cargo.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -37,3 +37,4 @@ env_logger = "0.11.1"
nanoid = "0.4.0" nanoid = "0.4.0"
serde_json = "1.0.115" serde_json = "1.0.115"
serde = { version = "1.0.197", features = [ "derive" ] } serde = { version = "1.0.197", features = [ "derive" ] }
once_cell = "1.20.2"

View File

@ -7,6 +7,7 @@ use regex::Regex;
use rusqlite::Connection; use rusqlite::Connection;
use serde::Deserialize; use serde::Deserialize;
use std::env; use std::env;
use once_cell::sync::Lazy;
use crate::database; use crate::database;
@ -17,11 +18,20 @@ struct URLPair {
longlink: String, longlink: String,
} }
// Struct for readling user edit API call
#[derive(Deserialize)] #[derive(Deserialize)]
struct EditLinkJson { struct EditLinkJson {
longlink: String, longlink: String,
} }
// Regex for URL
const URL_REGEX: &str = r"http[s]?:\/\/(?:[a-zA-Z]|[0-9]|[$-_@.&+]|[!*\(\),]|(?:%[0-9a-fA-F][0-9a-fA-F]))+";
// Lazy Statics for URL Regex
static LAZY_REGEX: Lazy<Regex>= Lazy::new(|| {
Regex::new(URL_REGEX).unwrap()
});
// Request the DB for searching an URL // Request the DB for searching an URL
pub fn get_longurl(shortlink: String, db: &Connection) -> Option<String> { pub fn get_longurl(shortlink: String, db: &Connection) -> Option<String> {
if validate_link(&shortlink) { if validate_link(&shortlink) {
@ -53,6 +63,14 @@ pub fn add_link(req: String, db: &Connection) -> (bool, String) {
return (false, String::from("Invalid request!")); return (false, String::from("Invalid request!"));
} }
// Check if longlink is actually URL
if !url_scheme_check(chunks.longlink.clone()) {
return (
false,
String::from("URL scheme check failed!"),
)
}
let style = env::var("slug_style").unwrap_or(String::from("Pair")); let style = env::var("slug_style").unwrap_or(String::from("Pair"));
let mut len = env::var("slug_length") let mut len = env::var("slug_length")
.ok() .ok()
@ -95,6 +113,14 @@ pub fn edit_link(req: String, shortlink: String, db: &Connection) -> (bool, Stri
(false, String::from("Invaild edit parameter received.")); (false, String::from("Invaild edit parameter received."));
} }
// Check if longlink is actually URL
if !url_scheme_check(chunks.longlink.clone()) {
return (
false,
String::from("URL scheme check failed!"),
)
}
if longurl_compares(shortlink.clone(), chunks.longlink.clone(), db) if longurl_compares(shortlink.clone(), chunks.longlink.clone(), db)
{ {
( (
@ -109,18 +135,6 @@ pub fn edit_link(req: String, shortlink: String, db: &Connection) -> (bool, Stri
} }
} }
// Doing Longurl check(Type None or existed?)
pub fn longurl_compares(shorturl: String, longurl:String, db: &Connection) -> bool {
if get_longurl(shorturl.clone(), db).is_none() {
return false;
}
if get_longurl(shorturl.clone(), db).unwrap() == longurl {
return false;
}
return true;
}
// Check if link, and request DB to delete it if exists // Check if link, and request DB to delete it if exists
pub fn delete_link(shortlink: String, db: &Connection) -> bool { pub fn delete_link(shortlink: String, db: &Connection) -> bool {
if validate_link(shortlink.as_str()) { if validate_link(shortlink.as_str()) {
@ -181,3 +195,20 @@ fn gen_link(style: String, len: usize) -> String {
) )
} }
} }
// Doing Longurl check(Type None or existed?)
fn longurl_compares(shorturl: String, longurl:String, db: &Connection) -> bool {
if get_longurl(shorturl.clone(), db).is_none() {
return false;
}
if get_longurl(shorturl.clone(), db).unwrap() == longurl {
return false;
}
return true;
}
// Check if input is URL or not.
fn url_scheme_check(url: String) -> bool {
return LAZY_REGEX.is_match(&url)
}