mirror of
https://github.com/pixelfed/pixelfed.git
synced 2024-12-24 16:53:17 +00:00
Update FederationController, return 404 for invalid webfinger addresses. Fixes #2647
This commit is contained in:
parent
723eb00039
commit
deb6f1153f
1 changed files with 2 additions and 2 deletions
|
@ -53,8 +53,8 @@ class FederationController extends Controller
|
||||||
|
|
||||||
$resource = $request->input('resource');
|
$resource = $request->input('resource');
|
||||||
$parsed = Nickname::normalizeProfileUrl($resource);
|
$parsed = Nickname::normalizeProfileUrl($resource);
|
||||||
if($parsed['domain'] !== config('pixelfed.domain.app')) {
|
if(empty($parsed) || $parsed['domain'] !== config('pixelfed.domain.app')) {
|
||||||
abort(400);
|
abort(404);
|
||||||
}
|
}
|
||||||
$username = $parsed['username'];
|
$username = $parsed['username'];
|
||||||
$profile = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
|
$profile = Profile::whereNull('domain')->whereUsername($username)->firstOrFail();
|
||||||
|
|
Loading…
Reference in a new issue