regex guard around opengraph routes

src/config.ts

@@ -250,6 +250,10 @@ class Conf {
   static get cronEnabled(): boolean {
     return optionalBooleanSchema.parse(Deno.env.get('CRON_ENABLED')) ?? true;
   }
+  static get opengraphRouteRegex(): string {
+    return Deno.env.get('OPENGRAPH_ROUTE_REGEX') ||
+      'googlebot|bingbot|yandex|baiduspider|twitterbot|facebookexternalhit|rogerbot|linkedinbot|embedly|quora link preview|showyoubot|outbrain|pinterestbot|slackbot|vkShare|W3C_Validator|whatsapp|mastodon|pleroma|Discordbot|AhrefsBot|SEMrushBot|MJ12bot|SeekportBot|Synapse|Matrix';
+  }
   /** Path to the custom policy module. Must be an absolute path, https:, npm:, or jsr: URI. */
   static get policy(): string {
     return Deno.env.get('DITTO_POLICY') || new URL('../data/policy.ts', import.meta.url).pathname;

src/controllers/frontend.ts

@@ -18,10 +18,6 @@ const console = new Stickynotes('ditto:frontend');
 /** Placeholder to find & replace with metadata. */
 const META_PLACEHOLDER = '<!--server-generated-meta-->' as const;
 
-/*
- * TODO: implement caching for posts (LRUCache)
- */
-
 async function buildTemplateOpts(params: PathParams, url: string): Promise<OpenGraphTemplateOpts> {
   const store = await Storages.db();
   const meta = await getInstanceMetadata(store);
@@ -70,6 +66,10 @@ async function buildTemplateOpts(params: PathParams, url: string): Promise<OpenG
 export const frontendController: AppMiddleware = async (c, next) => {
   try {
     const content = await Deno.readTextFile(new URL('../../public/index.html', import.meta.url));
+    const shouldInject = new RegExp(Conf.opengraphRouteRegex, 'i');
+    if (!shouldInject) {
+      return c.html(content);
+    }
     if (content.includes(META_PLACEHOLDER)) {
       const params = getPathParams(c.req.path);
       if (params) {