about summary refs log tree commit diff
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2018-12-26 19:15:53 +0100
committerGitHub <noreply@github.com>2018-12-26 19:15:53 +0100
commitaa9a20cde0fe3eb2a4af570cd4437c34a18ce0da (patch)
treec32052c0e588b7bf046e8e20309dcd2b7cefb96f
parent17cd91c7776281bee68d57d898d598d576c70a0e (diff)
Fix ThreadResolveWorker getting queued with invalid URLs (#9628)
-rw-r--r--app/lib/activitypub/activity/create.rb2
-rw-r--r--app/lib/ostatus/activity/creation.rb2
-rw-r--r--app/lib/request.rb12
3 files changed, 14 insertions, 2 deletions
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 9d2ddd3f6..2b238bc88 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -210,7 +210,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
   end
 
   def resolve_thread(status)
-    return unless status.reply? && status.thread.nil?
+    return unless status.reply? && status.thread.nil? && Request.valid_url?(in_reply_to_uri)
     ThreadResolveWorker.perform_async(status.id, in_reply_to_uri)
   end
 
diff --git a/app/lib/ostatus/activity/creation.rb b/app/lib/ostatus/activity/creation.rb
index 8f8c70052..3840c8fbf 100644
--- a/app/lib/ostatus/activity/creation.rb
+++ b/app/lib/ostatus/activity/creation.rb
@@ -57,7 +57,7 @@ class OStatus::Activity::Creation < OStatus::Activity::Base
       save_emojis(status)
     end
 
-    if thread? && status.thread.nil?
+    if thread? && status.thread.nil? && Request.valid_url?(thread.second)
       Rails.logger.debug "Trying to attach #{status.id} (#{id}) to #{thread.first}"
       ThreadResolveWorker.perform_async(status.id, thread.second)
     end
diff --git a/app/lib/request.rb b/app/lib/request.rb
index 4a81773e3..ef4aeaf29 100644
--- a/app/lib/request.rb
+++ b/app/lib/request.rb
@@ -66,6 +66,18 @@ class Request
     (@account ? @headers.merge('Signature' => signature) : @headers).without(REQUEST_TARGET)
   end
 
+  class << self
+    def valid_url?(url)
+      begin
+        parsed_url = Addressable::URI.parse(url)
+      rescue Addressable::URI::InvalidURIError
+        return false
+      end
+
+      %w(http https).include?(parsed_url.scheme) && parsed_url.host.present?
+    end
+  end
+
   private
 
   def set_common_headers!