From c85892d6cda6210236f7d0ca55890b02ee889ece Mon Sep 17 00:00:00 2001 From: codytseng Date: Mon, 19 May 2025 22:35:53 +0800 Subject: [PATCH] feat: ignore untrusted relay list and onion relays --- src/lib/event.ts | 36 +++++++++++++---------- src/lib/utils.ts | 6 ++++ src/pages/secondary/ProfilePage/index.tsx | 1 - 3 files changed, 27 insertions(+), 16 deletions(-) diff --git a/src/lib/event.ts b/src/lib/event.ts index 1249a3f0..7d9f8aa6 100644 --- a/src/lib/event.ts +++ b/src/lib/event.ts @@ -13,6 +13,7 @@ import { tagNameEquals } from './tag' import { isWebsocketUrl, normalizeHttpUrl, normalizeUrl } from './url' +import { isTorBrowser } from './utils' const EVENT_EMBEDDED_EVENT_IDS_CACHE = new LRUCache({ max: 10000 }) const EVENT_IS_REPLY_NOTE_CACHE = new LRUCache({ max: 10000 }) @@ -137,30 +138,35 @@ export function getRelayListFromRelayListEvent(event?: Event) { return { write: BIG_RELAY_URLS, read: BIG_RELAY_URLS, originalRelays: [] } } + const torBrowserDetected = isTorBrowser() const relayList = { write: [], read: [], originalRelays: [] } as TRelayList event.tags.filter(tagNameEquals('r')).forEach(([, url, type]) => { if (!url || !isWebsocketUrl(url)) return const normalizedUrl = normalizeUrl(url) if (!normalizedUrl) return - switch (type) { - case 'write': - relayList.write.push(normalizedUrl) - relayList.originalRelays.push({ url: normalizedUrl, scope: 'write' }) - break - case 'read': - relayList.read.push(normalizedUrl) - relayList.originalRelays.push({ url: normalizedUrl, scope: 'read' }) - break - default: - relayList.write.push(normalizedUrl) - relayList.read.push(normalizedUrl) - relayList.originalRelays.push({ url: normalizedUrl, scope: 'both' }) + + const scope = type === 'read' ? 'read' : type === 'write' ? 'write' : 'both' + relayList.originalRelays.push({ url: normalizedUrl, scope }) + + // Filter out .onion URLs if not using Tor browser + if (normalizedUrl.endsWith('.onion/') && !torBrowserDetected) return + + if (type === 'write') { + relayList.write.push(normalizedUrl) + } else if (type === 'read') { + relayList.read.push(normalizedUrl) + } else { + relayList.write.push(normalizedUrl) + relayList.read.push(normalizedUrl) } }) + + // If there are too many relays, use the default BIG_RELAY_URLS + // Because they don't know anything about relays, their settings cannot be trusted return { - write: relayList.write.length ? relayList.write : BIG_RELAY_URLS, - read: relayList.read.length ? relayList.read : BIG_RELAY_URLS, + write: relayList.write.length && relayList.write.length <= 8 ? relayList.write : BIG_RELAY_URLS, + read: relayList.read.length && relayList.write.length <= 8 ? relayList.read : BIG_RELAY_URLS, originalRelays: relayList.originalRelays } } diff --git a/src/lib/utils.ts b/src/lib/utils.ts index 0c574d31..f759d07c 100644 --- a/src/lib/utils.ts +++ b/src/lib/utils.ts @@ -18,6 +18,12 @@ export function isAndroid() { return /android/i.test(ua) } +export function isTorBrowser() { + if (typeof window === 'undefined' || !window.navigator) return false + const ua = window.navigator.userAgent + return /torbrowser/i.test(ua) +} + export function isInViewport(el: HTMLElement) { const rect = el.getBoundingClientRect() return ( diff --git a/src/pages/secondary/ProfilePage/index.tsx b/src/pages/secondary/ProfilePage/index.tsx index 903b7dce..43014268 100644 --- a/src/pages/secondary/ProfilePage/index.tsx +++ b/src/pages/secondary/ProfilePage/index.tsx @@ -54,7 +54,6 @@ const ProfilePage = forwardRef(({ id, index }: { id?: string; index?: number }, if (!topContainer) return const checkHeight = () => { - console.log('checkHeight', topContainer.scrollHeight) setTopContainerHeight(topContainer.scrollHeight) }