core: add server.url check

3 years ago · 998248e212
parent e8d0881082
commit 998248e212
4 changed files with 11 additions and 12 deletions
--- a/packages/hydrooj/package.json
+++ b/packages/hydrooj/package.json
@ -1,6 +1,6 @@
 {
    "name": "hydrooj",
-    "version": "2.30.9",
+    "version": "2.30.10",
    "bin": "bin/hydrooj.js",
    "main": "src/loader",
    "module": "src/loader",
--- a/packages/hydrooj/src/check.ts
+++ b/packages/hydrooj/src/check.ts
@ -22,11 +22,7 @@ const checks: Dictionary<CheckItem> = {
            error(`Mongo Error: Database read-write failed.\n${e.message}`);
        }
    },
-    async checkPerm(ctx, log, warn) {
-        const { username } = os.userInfo();
-        if (username === 'root') warn('Hydro should not be run as root.');
-        // TODO check cwd read-write
-    },
+    // TODO check storage
    async checkSystem(ctx, log, warn) {
        const platform = os.platform();
        if (platform !== 'linux') {
@ -37,7 +33,9 @@ const checks: Dictionary<CheckItem> = {
        const from = system.get('smtp.from');
        if (!from) warn('SMTP account was not provided, email verification disabled.');
    },
-    async checkIpHeader(ctx, log, warn) {
+    async checkSetting(ctx, log, warn) {
+        const url = system.get('server.url');
+        if (url === '/') warn("server.url wasn't set.");
        const header = system.get('server.xff');
        if (header && !ctx.request.ip) warn('IP header seems incorrect.\nCheck dashboard>settings>server.');
    },
--- a/packages/hydrooj/src/service/server.ts
+++ b/packages/hydrooj/src/service/server.ts
@ -386,7 +386,7 @@ export class Handler extends HandlerCommon {
    args: any;
    ctx: Koa.Context;

-    request: {
+    declare request: {
        method: string,
        host: string,
        hostname: string,
@ -747,7 +747,7 @@ export function Route(name: string, path: string, RouteHandler: any, ...permPriv
 export class ConnectionHandler extends HandlerCommon {
    conn: sockjs.Connection;
    args: Record<string, any>;
-    request: {
+    declare request: {
        params: Record<string, any>;
        headers: Record<string, string>;
        ip: string;
--- a/packages/hydrooj/src/service/storage.ts
+++ b/packages/hydrooj/src/service/storage.ts
@ -193,13 +193,14 @@ class StorageService {
    async signDownloadLink(target: string, filename?: string, noExpire = false, useAlternativeEndpointFor?: 'user' | 'judge'): Promise<string> {
        if (target.includes('..') || target.includes('//')) throw new Error('Invalid path');
        try {
+            const headers = {};
+            if (filename) headers['response-content-disposition'] = `attachment; filename="${encodeRFC5987ValueChars(filename)}"`;
+            if (/\.(jpe?g|png|gif)$/i.test(target)) headers['cache-control'] = 'max-age=604800';
            const url = await this.client.presignedGetObject(
                this.opts.bucket,
                target,
                noExpire ? 24 * 60 * 60 * 7 : 30 * 60,
-                filename
-                    ? { 'response-content-disposition': `attachment; filename="${encodeRFC5987ValueChars(filename)}"` }
-                    : {},
+                headers,
            );
            if (useAlternativeEndpointFor) return this.replaceWithAlternativeUrlFor[useAlternativeEndpointFor](url);
            return url;