2023-11-22 17:11:05 -03:00
|
|
|
package policies
|
2023-08-10 14:32:11 -03:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
2024-03-29 18:24:44 -03:00
|
|
|
"fmt"
|
2024-02-08 16:35:35 -03:00
|
|
|
"slices"
|
2024-04-19 15:33:15 -03:00
|
|
|
"strings"
|
2024-08-20 10:40:28 -03:00
|
|
|
"time"
|
2024-02-08 16:35:35 -03:00
|
|
|
|
2023-08-10 14:32:11 -03:00
|
|
|
"github.com/nbd-wtf/go-nostr"
|
2025-03-11 17:42:27 -03:00
|
|
|
"github.com/nbd-wtf/go-nostr/nip70"
|
2023-08-10 14:32:11 -03:00
|
|
|
)
|
|
|
|
|
|
2023-11-02 20:31:32 -03:00
|
|
|
// PreventTooManyIndexableTags returns a function that can be used as a RejectFilter that will reject
|
|
|
|
|
// events with more indexable (single-character) tags than the specified number.
|
2023-11-18 12:54:59 -03:00
|
|
|
//
|
|
|
|
|
// If ignoreKinds is given this restriction will not apply to these kinds (useful for allowing a bigger).
|
|
|
|
|
// If onlyKinds is given then all other kinds will be ignored.
|
|
|
|
|
func PreventTooManyIndexableTags(max int, ignoreKinds []int, onlyKinds []int) func(context.Context, *nostr.Event) (bool, string) {
|
2024-03-30 14:23:13 -03:00
|
|
|
slices.Sort(ignoreKinds)
|
|
|
|
|
slices.Sort(onlyKinds)
|
|
|
|
|
|
2023-11-18 12:54:59 -03:00
|
|
|
ignore := func(kind int) bool { return false }
|
|
|
|
|
if len(ignoreKinds) > 0 {
|
|
|
|
|
ignore = func(kind int) bool {
|
|
|
|
|
_, isIgnored := slices.BinarySearch(ignoreKinds, kind)
|
|
|
|
|
return isIgnored
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if len(onlyKinds) > 0 {
|
|
|
|
|
ignore = func(kind int) bool {
|
|
|
|
|
_, isApplicable := slices.BinarySearch(onlyKinds, kind)
|
|
|
|
|
return !isApplicable
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-10 14:32:11 -03:00
|
|
|
return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
2023-11-18 12:54:59 -03:00
|
|
|
if ignore(event.Kind) {
|
|
|
|
|
return false, ""
|
|
|
|
|
}
|
|
|
|
|
|
2023-08-10 14:32:11 -03:00
|
|
|
ntags := 0
|
|
|
|
|
for _, tag := range event.Tags {
|
|
|
|
|
if len(tag) > 0 && len(tag[0]) == 1 {
|
|
|
|
|
ntags++
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
if ntags > max {
|
|
|
|
|
return true, "too many indexable tags"
|
|
|
|
|
}
|
|
|
|
|
return false, ""
|
|
|
|
|
}
|
|
|
|
|
}
|
2023-11-02 20:31:32 -03:00
|
|
|
|
2023-11-13 16:26:27 -03:00
|
|
|
// PreventLargeTags rejects events that have indexable tag values greater than maxTagValueLen.
|
|
|
|
|
func PreventLargeTags(maxTagValueLen int) func(context.Context, *nostr.Event) (bool, string) {
|
|
|
|
|
return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
|
|
|
|
for _, tag := range event.Tags {
|
|
|
|
|
if len(tag) > 1 && len(tag[0]) == 1 {
|
|
|
|
|
if len(tag[1]) > maxTagValueLen {
|
|
|
|
|
return true, "event contains too large tags"
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false, ""
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-02 20:31:32 -03:00
|
|
|
// RestrictToSpecifiedKinds returns a function that can be used as a RejectFilter that will reject
|
|
|
|
|
// any events with kinds different than the specified ones.
|
2024-10-22 13:32:24 -03:00
|
|
|
func RestrictToSpecifiedKinds(allowEphemeral bool, kinds ...uint16) func(context.Context, *nostr.Event) (bool, string) {
|
2024-03-30 14:23:13 -03:00
|
|
|
// sort the kinds in increasing order
|
|
|
|
|
slices.Sort(kinds)
|
|
|
|
|
|
2023-11-02 20:31:32 -03:00
|
|
|
return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
2024-11-05 17:32:56 +00:00
|
|
|
if allowEphemeral && nostr.IsEphemeralKind(event.Kind) {
|
2024-10-22 13:32:24 -03:00
|
|
|
return false, ""
|
|
|
|
|
}
|
|
|
|
|
|
2023-11-18 23:23:01 -03:00
|
|
|
if _, allowed := slices.BinarySearch(kinds, uint16(event.Kind)); allowed {
|
2023-11-02 20:31:32 -03:00
|
|
|
return false, ""
|
|
|
|
|
}
|
2024-03-29 16:15:02 +01:00
|
|
|
|
2024-03-29 18:25:47 -03:00
|
|
|
return true, fmt.Sprintf("received event kind %d not allowed", event.Kind)
|
2023-11-02 20:31:32 -03:00
|
|
|
}
|
|
|
|
|
}
|
2023-11-04 18:21:26 -03:00
|
|
|
|
2024-08-20 10:40:28 -03:00
|
|
|
func PreventTimestampsInThePast(threshold time.Duration) func(context.Context, *nostr.Event) (bool, string) {
|
|
|
|
|
thresholdSeconds := nostr.Timestamp(threshold.Seconds())
|
2023-11-04 18:21:26 -03:00
|
|
|
return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
|
|
|
|
if nostr.Now()-event.CreatedAt > thresholdSeconds {
|
|
|
|
|
return true, "event too old"
|
|
|
|
|
}
|
|
|
|
|
return false, ""
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2024-08-20 10:40:28 -03:00
|
|
|
func PreventTimestampsInTheFuture(threshold time.Duration) func(context.Context, *nostr.Event) (bool, string) {
|
|
|
|
|
thresholdSeconds := nostr.Timestamp(threshold.Seconds())
|
2023-11-04 18:21:26 -03:00
|
|
|
return func(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
|
|
|
|
if event.CreatedAt-nostr.Now() > thresholdSeconds {
|
|
|
|
|
return true, "event too much in the future"
|
|
|
|
|
}
|
|
|
|
|
return false, ""
|
|
|
|
|
}
|
|
|
|
|
}
|
2024-04-19 15:33:15 -03:00
|
|
|
|
|
|
|
|
func RejectEventsWithBase64Media(ctx context.Context, evt *nostr.Event) (bool, string) {
|
|
|
|
|
return strings.Contains(evt.Content, "data:image/") || strings.Contains(evt.Content, "data:video/"), "event with base64 media"
|
|
|
|
|
}
|
2025-03-11 17:42:27 -03:00
|
|
|
|
|
|
|
|
func OnlyAllowNIP70ProtectedEvents(ctx context.Context, event *nostr.Event) (reject bool, msg string) {
|
|
|
|
|
if nip70.IsProtected(event) {
|
|
|
|
|
return false, ""
|
|
|
|
|
}
|
|
|
|
|
return true, "blocked: we only accept events protected with the nip70 \"-\" tag"
|
|
|
|
|
}
|
