Dekescordes/spacebar
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/spacebarchat/server into update_webhooks

Browse Source
This commit is contained in:
root 2025-03-23 16:33:24 -07:00
commit b03888fd62
5 changed files with 71631 additions and 12616 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84201
assets/openapi.json
View File

File diff suppressed because it is too large Load Diff

7
src/api/Server.ts
View File

@ -1,17 +1,17 @@
/* /*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend. Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors Copyright (C) 2023 Spacebar and Spacebar Contributors
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details. GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>. along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
@ -98,6 +98,7 @@ export class SpacebarServer extends Server {
} }
this.app.set("json replacer", JSONReplacer); this.app.set("json replacer", JSONReplacer);
this.app.disable("x-powered-by");
const trustedProxies = Config.get().security.trustedProxies; const trustedProxies = Config.get().security.trustedProxies;
if (trustedProxies) this.app.set("trust proxy", trustedProxies); if (trustedProxies) this.app.set("trust proxy", trustedProxies);

5
src/api/routes/users/@me/index.ts
View File

@ -152,7 +152,10 @@ router.patch(
} }
const { maxUsername } = Config.get().limits.user; const { maxUsername } = Config.get().limits.user;
if (check_username.length > maxUsername) { if (
check_username.length > maxUsername ||
check_username.length < 2
) {
throw FieldErrors({ throw FieldErrors({
username: { username: {
code: "BASE_TYPE_BAD_LENGTH", code: "BASE_TYPE_BAD_LENGTH",

31
src/cdn/Server.ts
View File

@ -1,17 +1,17 @@
/* /*
Spacebar: A FOSS re-implementation and extension of the Discord.com backend. Spacebar: A FOSS re-implementation and extension of the Discord.com backend.
Copyright (C) 2023 Spacebar and Spacebar Contributors Copyright (C) 2023 Spacebar and Spacebar Contributors
This program is free software: you can redistribute it and/or modify This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published it under the terms of the GNU Affero General Public License as published
by the Free Software Foundation, either version 3 of the License, or by the Free Software Foundation, either version 3 of the License, or
(at your option) any later version. (at your option) any later version.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details. GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>. along with this program. If not, see <https://www.gnu.org/licenses/>.
*/ */
@ -22,7 +22,8 @@ import path from "path";
import avatarsRoute from "./routes/avatars"; import avatarsRoute from "./routes/avatars";
import guildProfilesRoute from "./routes/guild-profiles"; import guildProfilesRoute from "./routes/guild-profiles";
import iconsRoute from "./routes/role-icons"; import iconsRoute from "./routes/role-icons";
import bodyParser from "body-parser"; import { CORS } from "../api/middlewares/CORS";
import { BodyParser } from "../api/middlewares/BodyParser";
export type CDNServerOptions = ServerOptions; export type CDNServerOptions = ServerOptions;
@ -38,24 +39,10 @@ export class CDNServer extends Server {
await Config.init(); await Config.init();
await Sentry.init(this.app); await Sentry.init(this.app);
this.app.use((req, res, next) => { this.app.disable("x-powered-by");
res.set("Access-Control-Allow-Origin", "*");
// TODO: use better CSP policy this.app.use(CORS);
res.set( this.app.use(BodyParser({ inflate: true, limit: "10mb" }));
"Content-security-policy",
"default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';",
);
res.set(
"Access-Control-Allow-Headers",
req.header("Access-Control-Request-Headers") || "*",
);
res.set(
"Access-Control-Allow-Methods",
req.header("Access-Control-Request-Methods") || "*",
);
next();
});
this.app.use(bodyParser.json({ inflate: true, limit: "10mb" }));
await registerRoutes(this, path.join(__dirname, "routes/")); await registerRoutes(this, path.join(__dirname, "routes/"));

3
src/util/schemas/MessageAcknowledgeSchema.ts
View File

@ -19,4 +19,7 @@
export interface MessageAcknowledgeSchema { export interface MessageAcknowledgeSchema {
manual?: boolean; manual?: boolean;
mention_count?: number; mention_count?: number;
flags?: number;
last_viewed?: number;
token?: string;
} }