diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2019-07-09 03:27:35 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-07-09 03:27:35 +0200 |
commit | 4e921832272425352d28cad550bfc4dffd6d0e78 (patch) | |
tree | c315a0b9dda8b69b6512c79711e896a18756f701 /app/controllers/concerns | |
parent | 1e7187f2a8e0b9ffe4e7d6b06e9f70674c50471e (diff) |
Refactor domain block checks (#11268)
Diffstat (limited to 'app/controllers/concerns')
-rw-r--r-- | app/controllers/concerns/signature_verification.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb index 90a57197c..0ccdf5ec9 100644 --- a/app/controllers/concerns/signature_verification.rb +++ b/app/controllers/concerns/signature_verification.rb @@ -5,6 +5,8 @@ module SignatureVerification extend ActiveSupport::Concern + include DomainControlHelper + def signed_request? request.headers['Signature'].present? end @@ -126,6 +128,8 @@ module SignatureVerification if key_id.start_with?('acct:') stoplight_wrap_request { ResolveAccountService.new.call(key_id.gsub(/\Aacct:/, '')) } elsif !ActivityPub::TagManager.instance.local_uri?(key_id) + return if domain_not_allowed?(key_id) + account = ActivityPub::TagManager.instance.uri_to_resource(key_id, Account) account ||= stoplight_wrap_request { ActivityPub::FetchRemoteKeyService.new.call(key_id, id: false) } account |