about summary refs log blame commit diff
path: root/app/services/fetch_link_card_service.rb
blob: 0c401ea83c401b12e215803234c94a283b60adab (plain) (tree)
1
2
3
4
5
6
7
8
9

                                        
                   
                          
 
                                                                                                                
                                                                                                                                




                                                                                                                                   
 
                  
                        
 
                                                     
 
                                           
                               
 

                                              
                                                                    
                                          
         
 
                                    
                                                                                                                                                    
                                                          
       


         
                 
                                        
 
                                                      
                                                                                             
       
 
                    
 
                                                        
                                   




                                   
 
                        
 



                                       
                               


                     
                                                                                                      
        
                                          







                                                                                                        
                                                                                                       
     
                      
                                      
                                                                            

       
                                                          
                                                                                  
     
                    

                                                          
 
                              
 

                                                     
                                                                                            
                                                     
                                                                                                
                           
 
                   
               
                                                                                                   
                
                                        
 
                                                       
                                                           
                

                                                                                                           
                                                                                                   



                                                              
                                   
     
                       

                                                   
                                                      
                                                                                            
                                                      
 
                                                                  

                                                                      
                                                               




                                                                         
                        
       
                                                                                                                       
                                                                                                                                     
 
                                                     
 
                                   
     
                                   
                                                                                                                                                                                                                
     


                                                  


                
   
# frozen_string_literal: true

class FetchLinkCardService < BaseService
  include UrlHelper
  include AutorejectHelper

  URL_PATTERN = %r{
    (                                                                                                 #   $1 URL
      (https?:\/\/)                                                                                   #   $2 Protocol (required)
      (#{Twitter::Regex[:valid_domain]})                                                              #   $3 Domain(s)
      (?::(#{Twitter::Regex[:valid_port_number]}))?                                                   #   $4 Port number (optional)
      (/#{Twitter::Regex[:valid_url_path]}*)?                                                         #   $5 URL Path and anchor
      (\?#{Twitter::Regex[:valid_url_query_chars]}*#{Twitter::Regex[:valid_url_query_ending_chars]})? #   $6 Query String
    )
  }iox

  def call(status)
    @status = status
    @url    = parse_urls

    return if @url.nil? || @status.preview_cards.any?

    @url = sanitize_query_string(@url.to_s)
    return if @url.nil?
    return if autoreject?(@url)

    RedisLock.acquire(lock_options) do |lock|
      if lock.acquired?
        @card = PreviewCard.find_by(url: @url)
        process_url if @card.nil? || @card.updated_at <= 2.weeks.ago
      else
        raise Mastodon::RaceConditionError
      end
    end

    attach_card if @card&.persisted?
  rescue HTTP::Error, OpenSSL::SSL::SSLError, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError => e
    Rails.logger.debug "Error fetching link #{@url}: #{e}"
    nil
  end

  private

  def process_url
    @card ||= PreviewCard.new(url: @url)

    failed = Request.new(:head, @url).perform do |res|
      res.code != 405 && res.code != 501 && (res.code != 200 || res.mime_type != 'text/html')
    end

    return if failed

    Request.new(:get, @url).perform do |res|
      if res.code == 200 && res.mime_type == 'text/html'
        @html = res.body_with_limit
        @html_charset = res.charset
      else
        @html = nil
        @html_charset = nil
      end
    end

    return if @html.nil?

    attempt_oembed || attempt_opengraph
  end

  def attach_card
    @status.preview_cards << @card
    Rails.cache.delete(@status)
  end

  def parse_urls
    if @status.local?
      urls = @status.text.scan(URL_PATTERN).map { |array| Addressable::URI.parse(array[0]).normalize }
    else
      html  = Nokogiri::HTML(@status.text)
      links = html.css('a')
      urls  = links.map { |a| Addressable::URI.parse(a['href']).normalize unless skip_link?(a) }.compact
    end

    urls.reject { |uri| bad_url?(uri) }.first
  end

  def bad_url?(uri)
    # Avoid local instance URLs and invalid URLs
    uri.host.blank? || TagManager.instance.local_url?(uri.to_s) || !%w(http https).include?(uri.scheme)
  end

  def mention_link?(a)
    @status.mentions.any? do |mention|
      a['href'] == ActivityPub::TagManager.instance.url_for(mention.account)
    end
  end

  def skip_link?(a)
    # Avoid links for hashtags and mentions (microformats)
    a['rel']&.include?('tag') || a['class']&.include?('u-url') || mention_link?(a)
  end

  def attempt_oembed
    service = FetchOEmbedService.new
    embed   = service.call(@url, html: @html)
    url     = Addressable::URI.parse(service.endpoint_url)

    return false if embed.nil?

    @card.type          = embed[:type]
    @card.title         = embed[:title]         || ''
    @card.author_name   = embed[:author_name]   || ''
    @card.author_url    = embed[:author_url].present? ? (url + embed[:author_url]).to_s : ''
    @card.provider_name = embed[:provider_name] || ''
    @card.provider_url  = embed[:provider_url].present? ? (url + embed[:provider_url]).to_s : ''
    @card.width         = 0
    @card.height        = 0

    case @card.type
    when 'link'
      @card.image_remote_url = (url + embed[:thumbnail_url]).to_s if embed[:thumbnail_url].present?
    when 'photo'
      return false if embed[:url].blank?

      @card.embed_url        = (url + embed[:url]).to_s
      @card.image_remote_url = (url + embed[:url]).to_s
      @card.width            = embed[:width].presence  || 0
      @card.height           = embed[:height].presence || 0
    when 'video'
      @card.width            = embed[:width].presence  || 0
      @card.height           = embed[:height].presence || 0
      @card.html             = Formatter.instance.sanitize(embed[:html], Sanitize::Config::MASTODON_OEMBED)
      @card.image_remote_url = (url + embed[:thumbnail_url]).to_s if embed[:thumbnail_url].present?
    when 'rich'
      # Most providers rely on <script> tags, which is a no-no
      return false
    end

    @card.save_with_optional_image!
  end

  def attempt_opengraph
    detector = CharlockHolmes::EncodingDetector.new
    detector.strip_tags = true

    guess      = detector.detect(@html, @html_charset)
    encoding   = guess&.fetch(:confidence, 0).to_i > 60 ? guess&.fetch(:encoding, nil) : nil
    page       = Nokogiri::HTML(@html, nil, encoding)
    player_url = meta_property(page, 'twitter:player')

    if player_url && !bad_url?(Addressable::URI.parse(player_url))
      @card.type   = :video
      @card.width  = meta_property(page, 'twitter:player:width') || 0
      @card.height = meta_property(page, 'twitter:player:height') || 0
      @card.html   = content_tag(:iframe, nil, src: player_url,
                                               width: @card.width,
                                               height: @card.height,
                                               allowtransparency: 'true',
                                               scrolling: 'no',
                                               frameborder: '0')
    else
      @card.type = :link
    end

    @card.title            = meta_property(page, 'og:title').presence || page.at_xpath('//title')&.content || ''
    @card.description      = meta_property(page, 'og:description').presence || meta_property(page, 'description') || ''
    @card.image_remote_url = (Addressable::URI.parse(@url) + meta_property(page, 'og:image')).to_s if meta_property(page, 'og:image')

    return if @card.title.blank? && @card.html.blank?

    @card.save_with_optional_image!
  end

  def meta_property(page, property)
    page.at_xpath("//meta[contains(concat(' ', normalize-space(@property), ' '), ' #{property} ')]")&.attribute('content')&.value || page.at_xpath("//meta[@name=\"#{property}\"]")&.attribute('content')&.value
  end

  def lock_options
    { redis: Redis.current, key: "fetch:#{@url}" }
  end

  def object_uri
    nil
  end
end