commit e2ea36c80bb110a2f2e52d4753bd137eeb446ac8 · stream.place/streamplace

stream.place / streamplace

Live video on the AT Protocol

fork atom

multistreaming: bit of validation

Eli Mallon 4 months ago e2ea36c8 a630cc31

+20 -14

1 changed file

expand all

unified split

pkg

spxrpc

place_stream_multistream.go

+20 -14

pkg/spxrpc/place_stream_multistream.go

··· 16 16 17 17 var allowedSchemes = []string{"rtmp", "rtmps"} 18 18 19 + func validateMultistreamTargetURL(urlStr string) error { 20 + u, err := url.Parse(urlStr) 21 + if err != nil { 22 + return fmt.Errorf("invalid multistream target URL: %w", err) 23 + } 24 + if !slices.Contains(allowedSchemes, u.Scheme) { 25 + return fmt.Errorf("invalid multistream target scheme (must be rtmp or rtmps)") 26 + } 27 + if u.Scheme == "rtmps" && u.Port() == "" { 28 + return fmt.Errorf("rtmps URLs must include a port") 29 + } 30 + return nil 31 + } 32 + 19 33 func (s *Server) handlePlaceStreamMultistreamCreateTarget(ctx context.Context, body *placestreamtypes.MultistreamCreateTarget_Input) (*placestreamtypes.MultistreamDefs_TargetView, error) { 20 34 ctx, span := otel.Tracer("server").Start(ctx, "handleComAtprotoRepoUploadBlob") 21 35 defer span.End() ··· 25 39 return nil, echo.NewHTTPError(http.StatusUnauthorized, "oauth session not found") 26 40 } 27 41 28 - u, err := url.Parse(body.MultistreamTarget.Url) 42 + err := validateMultistreamTargetURL(body.MultistreamTarget.Url) 29 43 if err != nil { 30 - return nil, echo.NewHTTPError(http.StatusBadRequest, "invalid multistream target URL") 31 - } 32 - if !slices.Contains(allowedSchemes, u.Scheme) { 33 - return nil, echo.NewHTTPError(http.StatusBadRequest, "invalid multistream target scheme (must be rtmp or rtmps)") 44 + return nil, echo.NewHTTPError(http.StatusBadRequest, err.Error()) 34 45 } 46 + 35 47 return s.statefulDB.CreateMultistreamTarget(body, session.DID) 36 48 } 37 49 ··· 86 98 return nil, echo.NewHTTPError(http.StatusUnauthorized, "oauth session not found") 87 99 } 88 100 89 - // Validate the URL if provided 90 - if body.MultistreamTarget != nil { 91 - u, err := url.Parse(body.MultistreamTarget.Url) 92 - if err != nil { 93 - return nil, echo.NewHTTPError(http.StatusBadRequest, "invalid multistream target URL") 94 - } 95 - if !slices.Contains(allowedSchemes, u.Scheme) { 96 - return nil, echo.NewHTTPError(http.StatusBadRequest, "invalid multistream target scheme (must be rtmp or rtmps)") 97 - } 101 + err := validateMultistreamTargetURL(body.MultistreamTarget.Url) 102 + if err != nil { 103 + return nil, echo.NewHTTPError(http.StatusBadRequest, err.Error()) 98 104 } 99 105 100 106 // Build URI from rkey