mirror of
https://github.com/paricafe/misskey.git
synced 2025-01-22 06:18:41 -06:00
ApPersonServiceとApNoteServiceのuri <-> url比較を緩和 (#15233)
* wip * https://github.com/misskey-dev/misskey/issues/15039#issuecomment-2576411861 の反映 Co-authored-by: Kagami Sascha Rosylight <saschanaz@outlook.com> * fix CHANGELOG.md * remove inspection --------- Co-authored-by: Kagami Sascha Rosylight <saschanaz@outlook.com>
This commit is contained in:
parent
dd6743dda4
commit
7fbfc2e046
4 changed files with 16 additions and 21 deletions
|
@ -36,6 +36,7 @@
|
|||
(Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/737)
|
||||
- Fix: ロックダウンされた期間指定のノートがStreaming経由でLTLに出現するのを修正 ( #15200 )
|
||||
- Fix: disableClustering設定時の初期化ロジックを調整( #15223 )
|
||||
- Fix: URLとURIが異なるエンティティの照会に失敗する問題を修正( #15039 )
|
||||
- Fix: ActivityPubリクエストかどうかの判定が正しくない問題を修正
|
||||
(Cherry-picked from https://github.com/MisskeyIO/misskey/pull/869)
|
||||
- Fix: AIセンシティブ判定が arm64 環境で動作しない問題を修正
|
||||
|
|
|
@ -5,13 +5,15 @@
|
|||
import type { IObject } from '../type.js';
|
||||
|
||||
export function assertActivityMatchesUrls(activity: IObject, urls: string[]) {
|
||||
const idOk = activity.id !== undefined && urls.includes(activity.id);
|
||||
const hosts = urls.map(it => new URL(it).host);
|
||||
|
||||
const idOk = activity.id !== undefined && hosts.includes(new URL(activity.id).host);
|
||||
|
||||
// technically `activity.url` could be an `ApObject = IObject |
|
||||
// string | (IObject | string)[]`, but if it's a complicated thing
|
||||
// and the `activity.id` doesn't match, I think we're fine
|
||||
// rejecting the activity
|
||||
const urlOk = typeof(activity.url) === 'string' && urls.includes(activity.url);
|
||||
const urlOk = typeof(activity.url) === 'string' && hosts.includes(new URL(activity.url).host);
|
||||
|
||||
if (!idOk && !urlOk) {
|
||||
throw new Error(`bad Activity: neither id(${activity?.id}) nor url(${activity?.url}) match location(${urls})`);
|
||||
|
|
|
@ -154,16 +154,10 @@ export class ApNoteService {
|
|||
|
||||
const url = getOneApHrefNullable(note.url);
|
||||
|
||||
if (url != null) {
|
||||
if (!checkHttps(url)) {
|
||||
if (url && !checkHttps(url)) {
|
||||
throw new Error('unexpected schema of note url: ' + url);
|
||||
}
|
||||
|
||||
if (this.utilityService.punyHost(url) !== this.utilityService.punyHost(note.id)) {
|
||||
throw new Error(`note url & uri host mismatch: note url: ${url}, note uri: ${note.id}`);
|
||||
}
|
||||
}
|
||||
|
||||
this.logger.info(`Creating the Note: ${note.id}`);
|
||||
|
||||
// 投稿者をフェッチ
|
||||
|
|
|
@ -157,8 +157,12 @@ export class ApPersonService implements OnModuleInit {
|
|||
const sharedInboxObject = x.sharedInbox ?? (x.endpoints ? x.endpoints.sharedInbox : undefined);
|
||||
if (sharedInboxObject != null) {
|
||||
const sharedInbox = getApId(sharedInboxObject);
|
||||
if (!(typeof sharedInbox === 'string' && sharedInbox.length > 0 && this.utilityService.punyHost(sharedInbox) === expectHost)) {
|
||||
throw new Error('invalid Actor: wrong shared inbox');
|
||||
if (!(typeof sharedInbox === 'string' && sharedInbox.length > 0 && new URL(sharedInbox).host === expectHost)) {
|
||||
this.logger.warn(`invalid Actor: skipping wrong shared inbox, expected host: ${expectHost}, actual URL: ${sharedInbox}`);
|
||||
x.sharedInbox = undefined;
|
||||
if (x.endpoints?.sharedInbox) {
|
||||
x.endpoints.sharedInbox = undefined;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -344,16 +348,10 @@ export class ApPersonService implements OnModuleInit {
|
|||
throw new Error('Refusing to create person without id');
|
||||
}
|
||||
|
||||
if (url != null) {
|
||||
if (!checkHttps(url)) {
|
||||
if (url && !checkHttps(url)) {
|
||||
throw new Error('unexpected schema of person url: ' + url);
|
||||
}
|
||||
|
||||
if (this.utilityService.punyHost(url) !== this.utilityService.punyHost(person.id)) {
|
||||
throw new Error(`person url <> uri host mismatch: ${url} <> ${person.id}`);
|
||||
}
|
||||
}
|
||||
|
||||
// Create user
|
||||
let user: MiRemoteUser | null = null;
|
||||
|
||||
|
|
Loading…
Reference in a new issue