diff options
author | Takeshi Umeda <noel.yoshiba@gmail.com> | 2021-08-09 20:33:19 +0900 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-08-09 13:33:19 +0200 |
commit | 709876bd6c157cd62a1470aad3823f0cd18ca814 (patch) | |
tree | 5ebba40a106e44f36e665832b6afdbf326290506 | |
parent | 590e1578bf67fc4defa326b01590f5b817b8818e (diff) |
Fix invalid blurhash handling in Create activity (#16583)
-rw-r--r-- | app/lib/activitypub/activity/create.rb | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb index 504f10a67..4c13a80a6 100644 --- a/app/lib/activitypub/activity/create.rb +++ b/app/lib/activitypub/activity/create.rb @@ -446,10 +446,14 @@ class ActivityPub::Activity::Create < ActivityPub::Activity end def supported_blurhash?(blurhash) - components = blurhash.blank? ? nil : Blurhash.components(blurhash) + components = blurhash.blank? || !blurhash_valid_chars?(blurhash) ? nil : Blurhash.components(blurhash) components.present? && components.none? { |comp| comp > 5 } end + def blurhash_valid_chars?(blurhash) + /^[\w#$%*+-.:;=?@\[\]^{|}~]+$/.match?(blurhash) + end + def skip_download? return @skip_download if defined?(@skip_download) |