Austin/BililiveRecorder
1
0
Fork 0
mirror of https://github.com/BililiveRecorder/BililiveRecorder.git synced 2024-11-15 19:22:19 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(core): filter webhook urls

Browse Source
This commit is contained in:
genteure 2023-11-05 20:54:52 +08:00
parent b85988861e
commit 8c9c947d0f
2 changed files with 52 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
BililiveRecorder.Core/SimpleWebhook/BasicWebhookV1.cs
View File

@ -47,6 +47,12 @@ namespace BililiveRecorder.Core.SimpleWebhook
private async Task SendImplAsync(string url, byte[] data) private async Task SendImplAsync(string url, byte[] data)
{ {
if (!BasicWebhookV2.IsUrlAllowed(url))
{
logger.Warning("不支持向 {Url} 发送 Webhook已跳过", url);
return;
}
for (var i = 0; i < 3; i++) for (var i = 0; i < 3; i++)
try try
{ {

46
BililiveRecorder.Core/SimpleWebhook/BasicWebhookV2.cs
View File

@ -1,4 +1,5 @@
using System; using System;
using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Net.Http; using System.Net.Http;
using System.Text; using System.Text;
@ -67,6 +68,12 @@ namespace BililiveRecorder.Core.SimpleWebhook
private async Task SendImplAsync(string url, byte[] data) private async Task SendImplAsync(string url, byte[] data)
{ {
if (!IsUrlAllowed(url))
{
logger.Warning("不支持向 {Url} 发送 Webhook已跳过", url);
return;
}
for (var i = 0; i < 3; i++) for (var i = 0; i < 3; i++)
try try
{ {
@ -85,5 +92,44 @@ namespace BililiveRecorder.Core.SimpleWebhook
logger.Warning(ex, "发送 WebhookV2 到 {Url} 失败", url); logger.Warning(ex, "发送 WebhookV2 到 {Url} 失败", url);
} }
} }
private static readonly IReadOnlyList<string> DisallowedDomains = new[]
{
"test.example.com",
"baidu" + ".com",
"qq" + ".com",
"google" + ".com",
"b23" + ".tv",
"bilibili" + ".com",
"bilibili" + ".cn",
"bilibili" + ".tv",
"bilicomic" + ".com",
"bilicomics" + ".com",
"bilivideo" + ".com",
"bilivideo" + ".cn",
"biligame" + ".com",
"biligame" + ".net",
"biliapi" + ".com",
"biliapi" + ".net",
"hdslb" + ".com",
};
internal static bool IsUrlAllowed(string url)
{
if (string.IsNullOrWhiteSpace(url))
return false;
if (!Uri.TryCreate(url, UriKind.Absolute, out var uri))
return false;
if (uri.Scheme != Uri.UriSchemeHttp && uri.Scheme != Uri.UriSchemeHttps)
return false;
foreach (var domain in DisallowedDomains)
if (uri.Host.EndsWith(domain, StringComparison.OrdinalIgnoreCase))
return false;
return true;
}
} }
} }