From 450ad431801b5f2c716041920842a9851b9d133c Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 27 Jan 2017 16:55:06 +0100 Subject: [PATCH] Do not run FetchLinkCardService on local URLs, increase file size limit to 8MB, fix ProcessFeedService pushing status into distribution if called a second time while the first is still running (i.e. when a PuSH comes after a Salmon slap), fix not running escape on spoiler text before emojify --- .../components/components/status_content.jsx | 3 ++- app/lib/tag_manager.rb | 6 ++++++ app/models/media_attachment.rb | 2 +- app/services/fetch_link_card_service.rb | 4 ++-- app/services/process_feed_service.rb | 19 ++++++++++--------- 5 files changed, 21 insertions(+), 13 deletions(-) diff --git a/app/assets/javascripts/components/components/status_content.jsx b/app/assets/javascripts/components/components/status_content.jsx index d6d7a572127..44346fabc22 100644 --- a/app/assets/javascripts/components/components/status_content.jsx +++ b/app/assets/javascripts/components/components/status_content.jsx @@ -1,5 +1,6 @@ import ImmutablePropTypes from 'react-immutable-proptypes'; import PureRenderMixin from 'react-addons-pure-render-mixin'; +import escapeTextContentForBrowser from 'react/lib/escapeTextContentForBrowser'; import emojify from '../emoji'; import { FormattedMessage } from 'react-intl'; @@ -96,7 +97,7 @@ const StatusContent = React.createClass({ const { hidden } = this.state; const content = { __html: emojify(status.get('content')) }; - const spoilerContent = { __html: emojify(status.get('spoiler_text', '')) }; + const spoilerContent = { __html: emojify(escapeTextContentForBrowser(status.get('spoiler_text', ''))) }; if (status.get('spoiler_text').length > 0) { const toggleText = hidden ? : ; diff --git a/app/lib/tag_manager.rb b/app/lib/tag_manager.rb index 4af43320034..2508eea97d6 100644 --- a/app/lib/tag_manager.rb +++ b/app/lib/tag_manager.rb @@ -56,6 +56,12 @@ class TagManager domain.nil? || domain.gsub(/[\/]/, '').casecmp(Rails.configuration.x.local_domain).zero? end + def local_url?(url) + uri = Addressable::URI.parse(url) + domain = uri.host + (uri.port ? ":#{uri.port}" : '') + TagManager.instance.local_domain?(domain) + end + def uri_for(target) return target.uri if target.respond_to?(:local?) && !target.local? diff --git a/app/models/media_attachment.rb b/app/models/media_attachment.rb index ecbed03e334..6925f9b0d77 100644 --- a/app/models/media_attachment.rb +++ b/app/models/media_attachment.rb @@ -12,7 +12,7 @@ class MediaAttachment < ApplicationRecord processors: -> (f) { f.video? ? [:transcoder] : [:thumbnail] }, convert_options: { all: '-quality 90 -strip' } validates_attachment_content_type :file, content_type: IMAGE_MIME_TYPES + VIDEO_MIME_TYPES - validates_attachment_size :file, less_than: 4.megabytes + validates_attachment_size :file, less_than: 8.megabytes validates :account, presence: true diff --git a/app/services/fetch_link_card_service.rb b/app/services/fetch_link_card_service.rb index 005e5acea68..1b94dfe0cd4 100644 --- a/app/services/fetch_link_card_service.rb +++ b/app/services/fetch_link_card_service.rb @@ -2,8 +2,8 @@ class FetchLinkCardService < BaseService def call(status) - # Get first URL - url = URI.extract(status.text).reject { |uri| (uri =~ /\Ahttps?:\/\//).nil? }.first + # Get first http/https URL that isn't local + url = URI.extract(status.text).reject { |uri| (uri =~ /\Ahttps?:\/\//).nil? || TagManager.instance.local_url?(uri) }.first return if url.nil? diff --git a/app/services/process_feed_service.rb b/app/services/process_feed_service.rb index 6265341767a..46656de3de7 100644 --- a/app/services/process_feed_service.rb +++ b/app/services/process_feed_service.rb @@ -42,13 +42,14 @@ class ProcessFeedService < BaseService def create_status Rails.logger.debug "Creating remote status #{id}" - status = status_from_xml(@xml) + status, just_created = status_from_xml(@xml) return if status.nil? + return status unless just_created if verb == :share - original_status = status_from_xml(@xml.at_xpath('.//activity:object', activity: TagManager::AS_XMLNS)) - status.reblog = original_status + original_status, = status_from_xml(@xml.at_xpath('.//activity:object', activity: TagManager::AS_XMLNS)) + status.reblog = original_status if original_status.nil? status.destroy @@ -61,7 +62,6 @@ class ProcessFeedService < BaseService status.save! NotifyService.new.call(status.reblog.account, status) if status.reblog? && status.reblog.account.local? - # LinkCrawlWorker.perform_async(status.reblog? ? status.reblog_of_id : status.id) Rails.logger.debug "Queuing remote status #{status.id} (#{id}) for distribution" DistributionWorker.perform_async(status.id) status @@ -81,22 +81,23 @@ class ProcessFeedService < BaseService def status_from_xml(entry) # Return early if status already exists in db status = find_status(id(entry)) - return status unless status.nil? + + return [status, false] unless status.nil? # If status embeds an author, find that author # If that author cannot be found, don't record the status (do not misattribute) if account?(entry) begin account = find_or_resolve_account(acct(entry)) - return nil if account.nil? + return [nil, false] if account.nil? rescue Goldfinger::Error - return nil + return [nil, false] end else account = @account end - return if account.suspended? + return [nil, false] if account.suspended? status = Status.create!( uri: id(entry), @@ -116,7 +117,7 @@ class ProcessFeedService < BaseService hashtags_from_xml(status, entry) media_from_xml(status, entry) - status + [status, true] end def find_or_resolve_account(acct)