Skip to content

Commit

Permalink
Add validation of image
Browse files Browse the repository at this point in the history
  • Loading branch information
HeesungB committed Feb 22, 2024
1 parent 10e9449 commit a5872e4
Show file tree
Hide file tree
Showing 4 changed files with 65 additions and 2 deletions.
2 changes: 2 additions & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
"lint-test": "eslint \"src/**/*\" && prettier --check \"src/**/*\"",
"lint-fix": "eslint --fix \"src/**/*\" && prettier --write \"src/**/*\"",
"validate:token": "ts-node src/scripts/validate-token.ts",
"validate:image": "ts-node src/scripts/validate-image.ts",
"pre-commit": "lint-staged"
},
"pre-commit": [
Expand Down Expand Up @@ -52,6 +53,7 @@
"@keplr-wallet/cosmos": "^0.12.12",
"axios": "^1.4.0",
"curve25519-js": "^0.0.4",
"image-size": "^1.1.1",
"joi": "^17.9.2",
"koa": "^2.14.2",
"koa-router": "^12.0.0",
Expand Down
28 changes: 26 additions & 2 deletions src/scripts/validate-token.ts
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
import FS from "fs";
import sizeOf from "image-size";
import { CW20TokenScheme } from "../scheme";
import { getChainBaseMap } from "../utils";
import { getChainBaseMap, validateImageUrl } from "../utils";
import Path from "path";
import { Bech32Address } from "@keplr-wallet/cosmos";
import { Bech32Address, ChainIdHelper } from "@keplr-wallet/cosmos";
import { fetchTokenMetadata } from "../query";
import { sortedJsonByKeyStringify } from "@keplr-wallet/common";

Expand Down Expand Up @@ -67,6 +68,29 @@ import { sortedJsonByKeyStringify } from "@keplr-wallet/common";
)}), contract: ${validated.value.contractAddress}, chain: ${chain})`
);
}

if (validated.value.imageUrl) {
const chainIdentifier = ChainIdHelper.parse(base.chainId).identifier;
const tokenImageUrl = validateImageUrl(
chainIdentifier,
validated.value.imageUrl
);

const dimensions = sizeOf(
`images/${chainIdentifier}/${tokenImageUrl}`
);

if (dimensions.type === "png") {
const width = dimensions.width ?? 0;
const height = dimensions.height ?? 0;

if (width > 512 || height > 512) {
throw new Error(
`Reduce image size to 512x512 or smaller (expected: 512x512, actual: ${width}x${height})`
);
}
}
}
} else {
throw new Error(`Invalid path: ${path}`);
}
Expand Down
16 changes: 16 additions & 0 deletions src/utils.ts
Original file line number Diff line number Diff line change
Expand Up @@ -49,3 +49,19 @@ export const getChainBaseMap = (

return map;
};

export const validateImageUrl = (
chainIdentifier: string,
url: string
): string => {
const baseURL = `https://raw.githubusercontent.com/chainapsis/keplr-contract-registry/main/images/${chainIdentifier}/`;

if (!url.startsWith(baseURL)) {
throw new Error(`Invalid image url: ${url}`);
}
if (!(url.endsWith(".png") || url.endsWith(".svg"))) {
throw new Error(`Image formats can only be PNG and SVG.`);
}

return url.replace(baseURL, "");
};
21 changes: 21 additions & 0 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -3316,6 +3316,17 @@ __metadata:
languageName: node
linkType: hard

"image-size@npm:^1.1.1":
version: 1.1.1
resolution: "image-size@npm:1.1.1"
dependencies:
queue: 6.0.2
bin:
image-size: bin/image-size.js
checksum: 23b3a515dded89e7f967d52b885b430d6a5a903da954fce703130bfb6069d738d80e6588efd29acfaf5b6933424a56535aa7bf06867e4ebd0250c2ee51f19a4a
languageName: node
linkType: hard

"import-fresh@npm:^3.0.0, import-fresh@npm:^3.2.1":
version: 3.3.0
resolution: "import-fresh@npm:3.3.0"
Expand Down Expand Up @@ -3750,6 +3761,7 @@ __metadata:
eslint: ^8.34.0
eslint-config-prettier: ^8.6.0
eslint-plugin-prettier: ^4.2.1
image-size: ^1.1.1
joi: ^17.9.2
koa: ^2.14.2
koa-router: ^12.0.0
Expand Down Expand Up @@ -4802,6 +4814,15 @@ __metadata:
languageName: node
linkType: hard

"queue@npm:6.0.2":
version: 6.0.2
resolution: "queue@npm:6.0.2"
dependencies:
inherits: ~2.0.3
checksum: ebc23639248e4fe40a789f713c20548e513e053b3dc4924b6cb0ad741e3f264dcff948225c8737834dd4f9ec286dbc06a1a7c13858ea382d9379f4303bcc0916
languageName: node
linkType: hard

"read-package-json@npm:^2.0.0":
version: 2.1.2
resolution: "read-package-json@npm:2.1.2"
Expand Down

0 comments on commit a5872e4

Please sign in to comment.