mirror
/
mobilizon
mirror of https://framagit.org/framasoft/mobilizon.git
1
0
Fork 0
Code Issues Releases Wiki Activity

fix(activitypub): reject unsigned or badly signed activity with correct http error code 

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel 2023-12-04 08:27:57 +01:00
parent 3a2c6afc0d
commit 3d3c01b276
No known key found for this signature in database
GPG Key ID: A061B9DDE0CA0773
1 changed files with 8 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
lib/web/controllers/activity_pub_controller.ex
View File

@ -161,9 +161,15 @@ defmodule Mobilizon.Web.ActivityPubController do
)
Logger.debug(inspect(conn.req_headers))
end
json(conn, "error")
conn
|> put_status(:forbidden)
|> json("ActivityPub signature could not be checked")
else
conn
|> put_status(:unauthorized)
|> json("ActivityPub signature could not be found")
end
end
def relay(conn, _params) do