IMproved handling of untrusted posts
This commit is contained in:
parent
5ab94ea921
commit
b546173747
|
@ -466,7 +466,7 @@ class Processor
|
||||||
*
|
*
|
||||||
* @return boolean
|
* @return boolean
|
||||||
*/
|
*/
|
||||||
private static function isActivityGone(string $url): bool
|
public static function isActivityGone(string $url): bool
|
||||||
{
|
{
|
||||||
$curlResult = HTTPSignature::fetchRaw($url, 0);
|
$curlResult = HTTPSignature::fetchRaw($url, 0);
|
||||||
|
|
||||||
|
@ -1346,6 +1346,7 @@ class Processor
|
||||||
{
|
{
|
||||||
$uid = User::getIdForURL($activity['object_id']);
|
$uid = User::getIdForURL($activity['object_id']);
|
||||||
if (empty($uid)) {
|
if (empty($uid)) {
|
||||||
|
Queue::remove($activity);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -274,7 +274,7 @@ class Receiver
|
||||||
{
|
{
|
||||||
$id = JsonLD::fetchElement($activity, '@id');
|
$id = JsonLD::fetchElement($activity, '@id');
|
||||||
$object_id = JsonLD::fetchElement($activity, 'as:object', '@id');
|
$object_id = JsonLD::fetchElement($activity, 'as:object', '@id');
|
||||||
|
|
||||||
if (!empty($id) && !$trust_source) {
|
if (!empty($id) && !$trust_source) {
|
||||||
$fetch_uid = $uid ?: self::getBestUserForActivity($activity);
|
$fetch_uid = $uid ?: self::getBestUserForActivity($activity);
|
||||||
|
|
||||||
|
@ -291,7 +291,7 @@ class Receiver
|
||||||
Logger::info('Fetched data is the object instead of the activity', ['id' => $id]);
|
Logger::info('Fetched data is the object instead of the activity', ['id' => $id]);
|
||||||
unset($object['@context']);
|
unset($object['@context']);
|
||||||
$activity['as:object'] = $object;
|
$activity['as:object'] = $object;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
Logger::info('Activity id is not equal', ['id' => $id, 'fetched' => $fetched_id]);
|
Logger::info('Activity id is not equal', ['id' => $id, 'fetched' => $fetched_id]);
|
||||||
}
|
}
|
||||||
|
@ -371,6 +371,10 @@ class Receiver
|
||||||
$object_data['object_object'] = JsonLD::fetchElement($activity['as:object'], 'as:object');
|
$object_data['object_object'] = JsonLD::fetchElement($activity['as:object'], 'as:object');
|
||||||
$object_data['object_type'] = JsonLD::fetchElement($activity['as:object'], '@type');
|
$object_data['object_type'] = JsonLD::fetchElement($activity['as:object'], '@type');
|
||||||
$object_data['push'] = $push;
|
$object_data['push'] = $push;
|
||||||
|
if ($type == 'as:Delete') {
|
||||||
|
$apcontact = APContact::getByURL($object_data['object_id'], true);
|
||||||
|
$trust_source = ($apcontact['type'] == 'Tombstone');
|
||||||
|
}
|
||||||
} elseif (in_array($type, ['as:Create', 'as:Update', 'as:Announce', 'as:Invite']) || strpos($type, '#emojiReaction')) {
|
} elseif (in_array($type, ['as:Create', 'as:Update', 'as:Announce', 'as:Invite']) || strpos($type, '#emojiReaction')) {
|
||||||
// Fetch the content only on activities where this matters
|
// Fetch the content only on activities where this matters
|
||||||
// We can receive "#emojiReaction" when fetching content from Hubzilla systems
|
// We can receive "#emojiReaction" when fetching content from Hubzilla systems
|
||||||
|
@ -425,6 +429,10 @@ class Receiver
|
||||||
if (($type == 'as:Undo') && !empty($object_data['object_object'])) {
|
if (($type == 'as:Undo') && !empty($object_data['object_object'])) {
|
||||||
$object_data['object_object_type'] = self::fetchObjectType([], $object_data['object_object'], $fetch_uid);
|
$object_data['object_object_type'] = self::fetchObjectType([], $object_data['object_object'], $fetch_uid);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (($type == 'as:Delete') && in_array($object_data['object_type'], array_merge(['as:Tombstone'], self::CONTENT_TYPES))) {
|
||||||
|
$trust_source = Processor::isActivityGone($object_data['object_id']);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$object_data = self::addActivityFields($object_data, $activity);
|
$object_data = self::addActivityFields($object_data, $activity);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user