tarrien/Mastodon
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix handling of malformed ActivityPub payloads when URIs are nil (#7370)

Browse Source 
* Fix handling of malformed ActivityPub payloads when URIs are nil

* Gracefully handle JSON-LD canonicalization failures
This commit is contained in:
Eugen Rochko
2018-05-05 18:22:34 +02:00
committed by GitHub
parent 661f7e6d9d
commit c947e2e4c5
3 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
app/services/activitypub/fetch_remote_status_service.rb
View File

@@ -34,6 +34,7 @@ class ActivityPub::FetchRemoteStatusService < BaseService
end
def trustworthy_attribution?(uri, attributed_to)
return false if uri.nil? || attributed_to.nil?
Addressable::URI.parse(uri).normalized_host.casecmp(Addressable::URI.parse(attributed_to).normalized_host).zero?
end

3
app/services/activitypub/process_collection_service.rb
View File

@@ -45,5 +45,8 @@ class ActivityPub::ProcessCollectionService < BaseService
def verify_account!
@account = ActivityPub::LinkedDataSignature.new(@json).verify_account!
rescue JSON::LD::JsonLdError => e
Rails.logger.debug "Could not verify LD-Signature for #{value_or_id(@json['actor'])}: #{e.message}"
nil
end
end