erik/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-08-20 21:08:15 -07:00
Code Issues Projects Releases Wiki Activity

Fix unneeded requests to blocked domains when receiving relayed signed activities from them

Browse source
This commit is contained in:
Claire 2024-07-26 15:41:34 +02:00
parent 693d9b03ed
commit c64f2ae5a5
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/services/activitypub/process_collection_service.rb
View file

@ -2,6 +2,7 @@
class ActivityPub::ProcessCollectionService < BaseService class ActivityPub::ProcessCollectionService < BaseService
include JsonLdHelper include JsonLdHelper
include DomainControlHelper
def call(body, actor, **options) def call(body, actor, **options)
@account = actor @account = actor
@ -69,6 +70,9 @@ class ActivityPub::ProcessCollectionService < BaseService
end end
def verify_account! def verify_account!
return unless @json['signature'].is_a?(Hash)
return if domain_not_allowed?(@json['signature']['creator'])
@options[:relayed_through_actor] = @account @options[:relayed_through_actor] = @account
@account = ActivityPub::LinkedDataSignature.new(@json).verify_actor! @account = ActivityPub::LinkedDataSignature.new(@json).verify_actor!
@account = nil unless @account.is_a?(Account) @account = nil unless @account.is_a?(Account)