ekzyis/stacker.news
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

better dupe protection with GET param whitelist

Browse Source
This commit is contained in:
keyan 2021-12-20 16:26:22 -06:00
parent fcb7d847e4
commit 05301d822f
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
api/resolvers/item.js
View File

@ -194,12 +194,23 @@ export default {
}, },
dupes: async (parent, { url }, { models }) => { dupes: async (parent, { url }, { models }) => {
const urlObj = new URL(ensureProtocol(url)) const urlObj = new URL(ensureProtocol(url))
let uri = urlObj.hostname + urlObj.pathname
uri = uri.endsWith('/') ? uri.slice(0, -1) : uri
let similar = `(http(s)?://)?${uri}/?`
const whitelist = ['news.ycombinator.com/item', 'bitcointalk.org/index.php', 'www.youtube.com/watch']
if (whitelist.includes(uri)) {
similar += `\\${urlObj.search}`
} else {
similar += '(\\?%)?'
}
return await models.$queryRaw(` return await models.$queryRaw(`
${SELECT} ${SELECT}
FROM "Item" FROM "Item"
WHERE url LIKE ($1 || '?%') OR url = $1 WHERE url SIMILAR TO $1
ORDER BY created_at DESC ORDER BY created_at DESC
LIMIT 3`, urlObj.origin + urlObj.pathname) LIMIT 3`, similar)
} }
}, },