A SpotifyId is expected to be a 128 bits integer and can be parsed from a
base 62 or 16 string. However the parsing functions only checked the validity of
the characters of the string, but not its length. This could result in integer
overflows or the parsing of incorrect strings as Spotify ids.
This commit add some checks to the length of the input string passed to the
parse functions, and also checks for integer overflows in case of base62
encoded strings.
The CDN URLs list now includes spotifycdn.com which has a different
format. It was being erroneously interpreted using the scdn.co format
and trying to parse non-digit characters as a timestamp.
Also ignore expiry timestamps we can't parse for future new URLs.
- Use variables directly in format strings.
As reported by clippy, variables can be used directly in the
`format!` string.
- Use rewind() instead of seeking to 0.
- Remove superfluous & and ref.
Signed-off-by: Petr Tesarik <petr@tesarici.cz>
rsa::padding::PaddingScheme is !Send, making it impossible to call
Session::connect() with an executor requiring Send futures, such as
Rocket.
Fix#1065
Not there yet, as Apollo stations always return autoplay
recommendations even if you set autoplay to false. Along the way
as an effort to bring the protocol up to spec:
- And support for and use different Apollo station scopes depending
on whether we are using autoplay or not. For autoplay, get a
"stations" scope and follow the "tracks" pages from there. Otherwise
use "tracks" immediately for the active scope (playlist, album).
- For the above point we only need the fields from `PageContext`
so use that instead of a `StationContext`.
- Add some documentation from API reverse engineering: things seen
in the wild, some of them to do, others documented for posterity's
sake.
- Update the Spirc device state based on what the latest desktop
client puts out. Unfortunately none of it seems to change the
behavior necessary to support external episodes, shows, but
at least we're doing the right thing.
- Add a salt to HTTPS queries to defeat any caching.
- Add country metrics to HTTPS queries.
- Fix `get_radio_for_track` to use the right Spotify ID format.
- Fix a bug from the previous commit, where the playback position
might not advance when hitting next and the autoplay context
is loaded initially.
