From c64f2ae5a55bd27bf01b9759992c82c8c6785c5a Mon Sep 17 00:00:00 2001 From: Claire Date: Fri, 26 Jul 2024 15:41:34 +0200 Subject: [PATCH] Fix unneeded requests to blocked domains when receiving relayed signed activities from them --- app/services/activitypub/process_collection_service.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/services/activitypub/process_collection_service.rb b/app/services/activitypub/process_collection_service.rb index 4f049a5ae94..cadc7d2d10e 100644 --- a/app/services/activitypub/process_collection_service.rb +++ b/app/services/activitypub/process_collection_service.rb @@ -2,6 +2,7 @@ class ActivityPub::ProcessCollectionService < BaseService include JsonLdHelper + include DomainControlHelper def call(body, actor, **options) @account = actor @@ -69,6 +70,9 @@ class ActivityPub::ProcessCollectionService < BaseService end def verify_account! + return unless @json['signature'].is_a?(Hash) + return if domain_not_allowed?(@json['signature']['creator']) + @options[:relayed_through_actor] = @account @account = ActivityPub::LinkedDataSignature.new(@json).verify_actor! @account = nil unless @account.is_a?(Account)