fix: without protection?

2025-11-13 00:03:33 +10:00 · 2024-03-14 10:02:09 +00:00
parent 4926b6de50
commit f5967e28c3
2 changed files with 1 additions and 84 deletions
--- a/apps/marketing/src/app/(marketing)/blog/[post]/opengraph-image.tsx
+++ b/apps/marketing/src/app/(marketing)/blog/[post]/opengraph-image.tsx
@ -1,76 +0,0 @@
-import { ImageResponse } from 'next/og';
-
-import { allBlogPosts } from 'contentlayer/generated';
-
-export const runtime = 'edge';
-
-export const contentType = 'image/png';
-
-export const IMAGE_SIZE = {
-  width: 1200,
-  height: 630,
-};
-
-type BlogPostOpenGraphImageProps = {
-  params: { post: string };
-};
-
-export default async function BlogPostOpenGraphImage({ params }: BlogPostOpenGraphImageProps) {
-  const blogPost = allBlogPosts.find((post) => post._raw.flattenedPath === `blog/${params.post}`);
-
-  if (!blogPost) {
-    return null;
-  }
-
-  // The long urls are needed for a compiler optimisation on the Next.js side, lifting this up
-  // to a constant will break og image generation.
-  const [interBold, interRegular, backgroundImage, logoImage] = await Promise.all([
-    fetch(new URL('@documenso/assets/fonts/inter-bold.ttf', import.meta.url)).then(async (res) =>
-      res.arrayBuffer(),
-    ),
-    fetch(new URL('@documenso/assets/fonts/inter-regular.ttf', import.meta.url)).then(async (res) =>
-      res.arrayBuffer(),
-    ),
-    fetch(new URL('@documenso/assets/images/background-blog-og.png', import.meta.url)).then(
-      async (res) => res.arrayBuffer(),
-    ),
-    fetch(new URL('@documenso/assets/logo.png', import.meta.url)).then(async (res) =>
-      res.arrayBuffer(),
-    ),
-  ]);
-
-  return new ImageResponse(
-    (
-      <div tw="relative h-full w-full flex flex-col items-center justify-center text-center bg-white">
-        {/* @ts-expect-error Lack of typing from ImageResponse */}
-        <img src={backgroundImage} alt="og-background" tw="absolute inset-0 w-full h-full" />
-
-        {/* @ts-expect-error Lack of typing from ImageResponse */}
-        <img src={logoImage} alt="logo" tw="h-8" />
-
-        <h1 tw="mt-8 text-6xl text-center flex items-center justify-center w-full max-w-[800px] font-bold text-center mx-auto">
-          {blogPost.title}
-        </h1>
-
-        <p tw="font-normal">Written by {blogPost.authorName}</p>
-      </div>
-    ),
-    {
-      ...IMAGE_SIZE,
-      fonts: [
-        {
-          name: 'Inter',
-          data: interRegular,
-          style: 'normal',
-          weight: 400,
-        },
-        {
-          name: 'Inter',
-          data: interBold,
-          style: 'normal',
-          weight: 700,
-        },
-      ],
-    },
-  );
-}
--- a/apps/marketing/src/app/(marketing)/blog/[post]/opengraph/route.tsx
+++ b/apps/marketing/src/app/(marketing)/blog/[post]/opengraph/route.tsx
@ -1,8 +1,6 @@
 import { ImageResponse } from 'next/og';
 import { NextResponse } from 'next/server';

-import { verify } from '@documenso/lib/server-only/crypto/verify';
-
 export const runtime = 'edge';

 const IMAGE_SIZE = {
@ -13,15 +11,10 @@ const IMAGE_SIZE = {
 export async function GET(_request: Request) {
  const url = new URL(_request.url);

-  const signature = url.searchParams.get('sig');
  const title = url.searchParams.get('title');
  const author = url.searchParams.get('author');

-  if (!title || !author || !signature) {
-    return NextResponse.json({ error: 'Not found' }, { status: 404 });
-  }
-
-  if (!verify({ title, author }, signature)) {
+  if (!title || !author) {
    return NextResponse.json({ error: 'Not found' }, { status: 404 });
  }