Expose configurable redirect limits

Add public maxRedirection options to the vocab-runtime document loader
factory and to DoubleKnockOptions so callers can override the default
redirect cap when resolving remote documents or performing signed fetches.

Wire the option through getAuthenticatedDocumentLoader(), document the
new API in CHANGES.md, and add regression tests covering custom redirect
limits in the document loader, doubleKnock(), and authenticated
loader paths.

Author: dahlia

CHANGES.md

@@ -8,6 +8,18 @@ Version 2.2.0
 
 To be released.
 
+### @fedify/fedify
+
+ -  Added `DoubleKnockOptions.maxRedirection` to configure the maximum number
+    of redirects followed by `doubleKnock()`.
+    `getAuthenticatedDocumentLoader()` now also respects
+    `GetAuthenticatedDocumentLoaderOptions.maxRedirection`.
+
+### @fedify/vocab-runtime
+
+ -  Added `DocumentLoaderFactoryOptions.maxRedirection` to configure the
+    maximum number of redirects followed by `getDocumentLoader()`.
+
 
 Version 2.1.1
 -------------

packages/fedify/src/sig/http.test.ts

@@ -1813,6 +1813,51 @@ test("doubleKnock() throws on too many redirects", async () => {
   fetchMock.hardReset();
 });
 
+test("doubleKnock() respects maxRedirection option", async () => {
+  fetchMock.spyGlobal();
+
+  let requestCount = 0;
+  fetchMock.post(
+    "begin:https://example.com/custom-too-many-redirects/",
+    (cl) => {
+      requestCount++;
+      const index = Number(cl.url.split("/").at(-1));
+      return Response.redirect(
+        `https://example.com/custom-too-many-redirects/${index + 1}`,
+        302,
+      );
+    },
+  );
+
+  const request = new Request(
+    "https://example.com/custom-too-many-redirects/0",
+    {
+      method: "POST",
+      body: "Redirect loop",
+      headers: {
+        "Content-Type": "text/plain",
+      },
+    },
+  );
+
+  await assertRejects(
+    () =>
+      doubleKnock(
+        request,
+        {
+          keyId: rsaPublicKey2.id!,
+          privateKey: rsaPrivateKey2,
+        },
+        { maxRedirection: 1 },
+      ),
+    Error,
+    "Too many redirections",
+  );
+  assertEquals(requestCount, 2);
+
+  fetchMock.hardReset();
+});
+
 test("doubleKnock() detects redirect loops", async () => {
   fetchMock.spyGlobal();
 

packages/fedify/src/sig/http.ts

@@ -1562,6 +1562,13 @@ export interface DoubleKnockOptions {
    * @since 1.8.0
    */
   signal?: AbortSignal;
+
+  /**
+   * The maximum number of redirections to follow.
+   * @default `20`
+   * @since 2.2.0
+   */
+  maxRedirection?: number;
 }
 
 /**
@@ -1619,6 +1626,7 @@ async function doubleKnockInternal(
   visited = new Set<string>(),
 ): Promise<Response> {
   const { specDeterminer, log, tracerProvider, signal } = options;
+  const maximumRedirection = options.maxRedirection ?? DEFAULT_MAX_REDIRECTION;
   visited.add(request.url);
   const origin = new URL(request.url).origin;
   const firstTrySpec: HttpMessageSignaturesSpec = specDeterminer == null
@@ -1651,7 +1659,7 @@ async function doubleKnockInternal(
     response.status >= 300 && response.status < 400 &&
     response.headers.has("Location")
   ) {
-    if (redirected >= DEFAULT_MAX_REDIRECTION) {
+    if (redirected >= maximumRedirection) {
       throw new FetchError(
         request.url,
         `Too many redirections (${redirected + 1})`,
@@ -1792,7 +1800,7 @@ async function doubleKnockInternal(
       response.status >= 300 && response.status < 400 &&
       response.headers.has("Location")
     ) {
-      if (redirected >= DEFAULT_MAX_REDIRECTION) {
+      if (redirected >= maximumRedirection) {
         throw new FetchError(
           request.url,
           `Too many redirections (${redirected + 1})`,

packages/fedify/src/utils/docloader.test.ts

@@ -55,6 +55,38 @@ test("getAuthenticatedDocumentLoader()", async (t) => {
     });
     assertRejects(() => loader("http://localhost"), UrlError);
   });
+
+  await t.step("custom max redirection", async () => {
+    fetchMock.spyGlobal();
+    let requestCount = 0;
+    fetchMock.get(
+      "begin:https://example.com/custom-too-many-redirects/",
+      (cl) => {
+        requestCount++;
+        const index = Number(cl.url.split("/").at(-1));
+        return Response.redirect(
+          `https://example.com/custom-too-many-redirects/${index + 1}`,
+          302,
+        );
+      },
+    );
+
+    const loader = getAuthenticatedDocumentLoader(
+      {
+        keyId: new URL("https://example.com/key2"),
+        privateKey: rsaPrivateKey2,
+      },
+      { maxRedirection: 1 },
+    );
+    await assertRejects(
+      () => loader("https://example.com/custom-too-many-redirects/0"),
+      Error,
+      "Too many redirections",
+    );
+    assertEquals(requestCount, 2);
+
+    fetchMock.hardReset();
+  });
 });
 
 test("getAuthenticatedDocumentLoader() cancellation", {

packages/fedify/src/utils/docloader.ts

@@ -57,8 +57,13 @@ export interface GetAuthenticatedDocumentLoaderOptions
  */
 export function getAuthenticatedDocumentLoader(
   identity: { keyId: URL; privateKey: CryptoKey },
-  { allowPrivateAddress, userAgent, specDeterminer, tracerProvider }:
-    GetAuthenticatedDocumentLoaderOptions = {},
+  {
+    allowPrivateAddress,
+    maxRedirection,
+    userAgent,
+    specDeterminer,
+    tracerProvider,
+  }: GetAuthenticatedDocumentLoaderOptions = {},
 ): DocumentLoader {
   validateCryptoKey(identity.privateKey);
   async function load(
@@ -80,6 +85,7 @@ export function getAuthenticatedDocumentLoader(
       originalRequest,
       identity,
       {
+        maxRedirection,
         specDeterminer,
         log: curry(logRequest)(logger),
         tracerProvider,

packages/vocab-runtime/src/docloader.test.ts

@@ -391,6 +391,17 @@ test("getDocumentLoader()", async (t) => {
     deepStrictEqual(redirectAttempts, 21);
   });
 
+  await t.test("custom max redirection", async () => {
+    redirectAttempts = 0;
+    const loader = getDocumentLoader({ maxRedirection: 1 });
+    await rejects(
+      () => loader("https://example.com/too-many-redirects/0"),
+      FetchError,
+      "Too many redirections",
+    );
+    deepStrictEqual(redirectAttempts, 2);
+  });
+
   let loopAttempts = 0;
   fetchMock.get("https://example.com/redirect-loop-a", () => {
     loopAttempts++;

packages/vocab-runtime/src/docloader.ts

@@ -88,6 +88,13 @@ export interface DocumentLoaderFactoryOptions {
    * If an object is given, it is passed to {@link getUserAgent} function.
    */
   userAgent?: GetUserAgentOptions | string;
+
+  /**
+   * The maximum number of redirections to follow.
+   * @default `20`
+   * @since 2.2.0
+   */
+  maxRedirection?: number;
 }
 
 /**
@@ -285,11 +292,12 @@ export interface GetDocumentLoaderOptions extends DocumentLoaderFactoryOptions {
  * @since 1.3.0
  */
 export function getDocumentLoader(
-  { allowPrivateAddress, skipPreloadedContexts, userAgent }:
+  { allowPrivateAddress, maxRedirection, skipPreloadedContexts, userAgent }:
     GetDocumentLoaderOptions = {},
 ): DocumentLoader {
   const tracerProvider = trace.getTracerProvider();
   const tracer = tracerProvider.getTracer(metadata.name, metadata.version);
+  const maximumRedirection = maxRedirection ?? DEFAULT_MAX_REDIRECTION;
 
   async function load(
     url: string,
@@ -348,7 +356,7 @@ export function getDocumentLoader(
             response.status >= 300 && response.status < 400 &&
             response.headers.has("Location")
           ) {
-            if (redirected >= DEFAULT_MAX_REDIRECTION) {
+            if (redirected >= maximumRedirection) {
               logger.error(
                 "Too many redirections ({redirections}) while fetching document.",
                 { redirections: redirected + 1, url: currentUrl },