diff mod_ogp/mod_ogp.lua @ 4598:09f0911c735d

mod_ogp: Add the ability to block OGP fetching for certain domains
author JC Brand <jc@opkode.com>
date Tue, 22 Jun 2021 12:25:36 +0200
parents 0136c98f574c
children
line wrap: on
line diff
--- a/mod_ogp/mod_ogp.lua	Tue Jun 22 11:41:16 2021 +0200
+++ b/mod_ogp/mod_ogp.lua	Tue Jun 22 12:25:36 2021 +0200
@@ -5,23 +5,38 @@
 local domain_pattern = '^%w+://([^/]+)'
 local xmlns_fasten = "urn:xmpp:fasten:0"
 local xmlns_xhtml = "http://www.w3.org/1999/xhtml"
-local whitelist = module:get_option_set("ogp_domain_whitelist", {})
+local allowlist = module:get_option_set("ogp_domain_allowlist", module:get_option_set("ogp_domain_whitelist", {}))
+local denylist = module:get_option_set("ogp_domain_denylist", {})
 
 
-local function is_whitelisted(url)
-	if whitelist:empty() then
+local function is_allowed(domain)
+	if allowlist:empty() then
+		return true
+	end
+	if allowlist:contains(domain) then
 		return true
 	end
-	local domain = url:match(domain_pattern)
-	if whitelist:contains(domain) then
-		return true;
+	return false
+end
+
+local function is_denied(domain)
+	if denylist:empty() then
+		return false
+	end
+	if denylist:contains(domain) then
+		return true
 	end
 	return false
 end
 
 
 local function fetch_ogp_data(room, url, origin_id)
-	if not url or not is_whitelisted(url) then
+	if not url then
+		return;
+	end
+
+	local domain = url:match(domain_pattern);
+	if is_denied(domain) or not is_allowed(domain) then
 		return;
 	end