|
|
|
@ -112,48 +112,49 @@ async function onMessage(socket, payload) {
|
|
|
|
|
return winston.warn('[socket.io] Empty payload');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const eventName = payload.data[0];
|
|
|
|
|
let eventName = payload.data[0];
|
|
|
|
|
const params = typeof payload.data[1] === 'function' ? {} : payload.data[1];
|
|
|
|
|
const callback = typeof payload.data[payload.data.length - 1] === 'function' ? payload.data[payload.data.length - 1] : function () {};
|
|
|
|
|
|
|
|
|
|
if (!eventName) {
|
|
|
|
|
return winston.warn('[socket.io] Empty method name');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (typeof eventName !== 'string') {
|
|
|
|
|
const escapedName = validator.escape(String(eventName));
|
|
|
|
|
return callback({ message: `[[error:invalid-event, ${escapedName}]]` });
|
|
|
|
|
}
|
|
|
|
|
try {
|
|
|
|
|
if (!eventName) {
|
|
|
|
|
return winston.warn('[socket.io] Empty method name');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const parts = eventName.split('.');
|
|
|
|
|
const namespace = parts[0];
|
|
|
|
|
const methodToCall = parts.reduce((prev, cur) => {
|
|
|
|
|
if (prev !== null && prev[cur] && (!prev.hasOwnProperty || prev.hasOwnProperty(cur))) {
|
|
|
|
|
return prev[cur];
|
|
|
|
|
if (typeof eventName !== 'string') {
|
|
|
|
|
eventName = typeof eventName;
|
|
|
|
|
const escapedName = validator.escape(eventName);
|
|
|
|
|
return callback({ message: `[[error:invalid-event, ${escapedName}]]` });
|
|
|
|
|
}
|
|
|
|
|
return null;
|
|
|
|
|
}, Namespaces);
|
|
|
|
|
|
|
|
|
|
if (!methodToCall || typeof methodToCall !== 'function') {
|
|
|
|
|
if (process.env.NODE_ENV === 'development') {
|
|
|
|
|
winston.warn(`[socket.io] Unrecognized message: ${eventName}`);
|
|
|
|
|
const parts = eventName.split('.');
|
|
|
|
|
const namespace = parts[0];
|
|
|
|
|
const methodToCall = parts.reduce((prev, cur) => {
|
|
|
|
|
if (prev !== null && prev[cur] && (!prev.hasOwnProperty || prev.hasOwnProperty(cur))) {
|
|
|
|
|
return prev[cur];
|
|
|
|
|
}
|
|
|
|
|
return null;
|
|
|
|
|
}, Namespaces);
|
|
|
|
|
|
|
|
|
|
if (!methodToCall || typeof methodToCall !== 'function') {
|
|
|
|
|
if (process.env.NODE_ENV === 'development') {
|
|
|
|
|
winston.warn(`[socket.io] Unrecognized message: ${eventName}`);
|
|
|
|
|
}
|
|
|
|
|
const escapedName = validator.escape(String(eventName));
|
|
|
|
|
return callback({ message: `[[error:invalid-event, ${escapedName}]]` });
|
|
|
|
|
}
|
|
|
|
|
const escapedName = validator.escape(String(eventName));
|
|
|
|
|
return callback({ message: `[[error:invalid-event, ${escapedName}]]` });
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
socket.previousEvents = socket.previousEvents || [];
|
|
|
|
|
socket.previousEvents.push(eventName);
|
|
|
|
|
if (socket.previousEvents.length > 20) {
|
|
|
|
|
socket.previousEvents.shift();
|
|
|
|
|
}
|
|
|
|
|
socket.previousEvents = socket.previousEvents || [];
|
|
|
|
|
socket.previousEvents.push(eventName);
|
|
|
|
|
if (socket.previousEvents.length > 20) {
|
|
|
|
|
socket.previousEvents.shift();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!eventName.startsWith('admin.') && ratelimit.isFlooding(socket)) {
|
|
|
|
|
winston.warn(`[socket.io] Too many emits! Disconnecting uid : ${socket.uid}. Events : ${socket.previousEvents}`);
|
|
|
|
|
return socket.disconnect();
|
|
|
|
|
}
|
|
|
|
|
if (!eventName.startsWith('admin.') && ratelimit.isFlooding(socket)) {
|
|
|
|
|
winston.warn(`[socket.io] Too many emits! Disconnecting uid : ${socket.uid}. Events : ${socket.previousEvents}`);
|
|
|
|
|
return socket.disconnect();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try {
|
|
|
|
|
await checkMaintenance(socket);
|
|
|
|
|
await validateSession(socket, '[[error:revalidate-failure]]');
|
|
|
|
|
|
|
|
|
|