Merge pull request #2155 from pixelfed/staging

AP bugfixes
This commit is contained in:
daniel 2020-04-29 15:48:09 -06:00 committed by GitHub
commit cf7507ab84
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 10 deletions

View File

@ -7,6 +7,7 @@ use Illuminate\Database\Eloquent\Model;
class Activity extends Model
{
protected $dates = ['processed_at'];
protected $fillable = ['data', 'to_id', 'from_id', 'object_type'];
public function toProfile()
{

View File

@ -181,9 +181,11 @@ class Helpers {
public static function zttpUserAgent()
{
$version = config('pixelfed.version');
$url = config('app.url');
return [
'Accept' => 'application/activity+json',
'User-Agent' => 'PixelfedBot - https://pixelfed.org',
'User-Agent' => "(Pixelfed/{$version}; +{$url})",
];
}
@ -236,10 +238,6 @@ class Helpers {
$activity = ['object' => $res];
}
if(isset($activity['object']['content']) == false) {
abort(400, 'Invalid object');
}
$scope = 'private';
$cw = isset($res['sensitive']) ? (bool) $res['sensitive'] : false;
@ -287,10 +285,10 @@ class Helpers {
}
}
if(!self::validateUrl($res['id']) ||
if(!self::validateUrl($activity['object']['id']) ||
!self::validateUrl($activity['object']['attributedTo'])
) {
abort(400, 'Invalid object url');
return;
}
$idDomain = parse_url($res['id'], PHP_URL_HOST);
@ -302,7 +300,7 @@ class Helpers {
$actorDomain !== $urlDomain ||
$idDomain !== $actorDomain
) {
abort(400, 'Invalid object');
return;
}
$profile = self::profileFirstOrNew($activity['object']['attributedTo']);

View File

@ -40,6 +40,10 @@ class Inbox
public function handle()
{
$this->handleVerb();
(new Activity())->create([
'data' => json_encode($this->payload)
]);
}
public function handleVerb()
@ -307,6 +311,8 @@ class Inbox
$id = $this->payload['object']['id'];
switch ($type) {
case 'Person':
// todo: fix race condition
return;
$profile = Helpers::profileFetch($actor);
if(!$profile || $profile->private_key != null) {
return;
@ -323,8 +329,6 @@ class Inbox
break;
case 'Tombstone':
// todo: fix race condition
return;
$profile = Helpers::profileFetch($actor);
$status = Status::whereProfileId($profile->id)
->whereUri($id)