# HG changeset patch # User JC Brand # Date 1624357536 -7200 # Node ID 09f0911c735d0950b9b8339eedbaa3ec88f1250c # Parent c858c76d08450bdb36ef45d603005a57f54d5a8b mod_ogp: Add the ability to block OGP fetching for certain domains diff -r c858c76d0845 -r 09f0911c735d mod_ogp/README.markdown --- a/mod_ogp/README.markdown Tue Jun 22 11:41:16 2021 +0200 +++ b/mod_ogp/README.markdown Tue Jun 22 12:25:36 2021 +0200 @@ -20,13 +20,13 @@ Configuration ------------- -You can present a whitelist of domains for which OGP metadata will be fetched -via the `ogp_domain_whitelist` setting. +You can present an allowlist or denylist of domains for which OGP metadata will be fetched +via the `ogp_domain_allowlist` and `ogp_domain_denylist` settings repectively. For example: ```lua Component "muc.example.org" "muc" modules_enabled = { "ogp" } - ogp_domain_whitelist = { "prosody.im" } + ogp_domain_allowlist = { "prosody.im" } ``` diff -r c858c76d0845 -r 09f0911c735d mod_ogp/mod_ogp.lua --- a/mod_ogp/mod_ogp.lua Tue Jun 22 11:41:16 2021 +0200 +++ b/mod_ogp/mod_ogp.lua Tue Jun 22 12:25:36 2021 +0200 @@ -5,23 +5,38 @@ local domain_pattern = '^%w+://([^/]+)' local xmlns_fasten = "urn:xmpp:fasten:0" local xmlns_xhtml = "http://www.w3.org/1999/xhtml" -local whitelist = module:get_option_set("ogp_domain_whitelist", {}) +local allowlist = module:get_option_set("ogp_domain_allowlist", module:get_option_set("ogp_domain_whitelist", {})) +local denylist = module:get_option_set("ogp_domain_denylist", {}) -local function is_whitelisted(url) - if whitelist:empty() then +local function is_allowed(domain) + if allowlist:empty() then + return true + end + if allowlist:contains(domain) then return true end - local domain = url:match(domain_pattern) - if whitelist:contains(domain) then - return true; + return false +end + +local function is_denied(domain) + if denylist:empty() then + return false + end + if denylist:contains(domain) then + return true end return false end local function fetch_ogp_data(room, url, origin_id) - if not url or not is_whitelisted(url) then + if not url then + return; + end + + local domain = url:match(domain_pattern); + if is_denied(domain) or not is_allowed(domain) then return; end