Fix handling of malformed ActivityPub payloads when URIs are nil (#7370)
* Fix handling of malformed ActivityPub payloads when URIs are nil * Gracefully handle JSON-LD canonicalization failurespull/7373/head
parent
661f7e6d9d
commit
c947e2e4c5
|
@ -86,6 +86,8 @@ class ActivityPub::TagManager
|
||||||
end
|
end
|
||||||
|
|
||||||
def local_uri?(uri)
|
def local_uri?(uri)
|
||||||
|
return false if uri.nil?
|
||||||
|
|
||||||
uri = Addressable::URI.parse(uri)
|
uri = Addressable::URI.parse(uri)
|
||||||
host = uri.normalized_host
|
host = uri.normalized_host
|
||||||
host = "#{host}:#{uri.port}" if uri.port
|
host = "#{host}:#{uri.port}" if uri.port
|
||||||
|
@ -99,6 +101,8 @@ class ActivityPub::TagManager
|
||||||
end
|
end
|
||||||
|
|
||||||
def uri_to_resource(uri, klass)
|
def uri_to_resource(uri, klass)
|
||||||
|
return if uri.nil?
|
||||||
|
|
||||||
if local_uri?(uri)
|
if local_uri?(uri)
|
||||||
case klass.name
|
case klass.name
|
||||||
when 'Account'
|
when 'Account'
|
||||||
|
|
|
@ -34,6 +34,7 @@ class ActivityPub::FetchRemoteStatusService < BaseService
|
||||||
end
|
end
|
||||||
|
|
||||||
def trustworthy_attribution?(uri, attributed_to)
|
def trustworthy_attribution?(uri, attributed_to)
|
||||||
|
return false if uri.nil? || attributed_to.nil?
|
||||||
Addressable::URI.parse(uri).normalized_host.casecmp(Addressable::URI.parse(attributed_to).normalized_host).zero?
|
Addressable::URI.parse(uri).normalized_host.casecmp(Addressable::URI.parse(attributed_to).normalized_host).zero?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -45,5 +45,8 @@ class ActivityPub::ProcessCollectionService < BaseService
|
||||||
|
|
||||||
def verify_account!
|
def verify_account!
|
||||||
@account = ActivityPub::LinkedDataSignature.new(@json).verify_account!
|
@account = ActivityPub::LinkedDataSignature.new(@json).verify_account!
|
||||||
|
rescue JSON::LD::JsonLdError => e
|
||||||
|
Rails.logger.debug "Could not verify LD-Signature for #{value_or_id(@json['actor'])}: #{e.message}"
|
||||||
|
nil
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue