about summary refs log tree commit diff
path: root/app/controllers
diff options
context:
space:
mode:
authorEugen Rochko <eugen@zeonfederated.com>2019-07-09 03:27:35 +0200
committerGitHub <noreply@github.com>2019-07-09 03:27:35 +0200
commit4e921832272425352d28cad550bfc4dffd6d0e78 (patch)
treec315a0b9dda8b69b6512c79711e896a18756f701 /app/controllers
parent1e7187f2a8e0b9ffe4e7d6b06e9f70674c50471e (diff)
Refactor domain block checks (#11268)
Diffstat (limited to 'app/controllers')
-rw-r--r--app/controllers/concerns/signature_verification.rb4
1 files changed, 4 insertions, 0 deletions
diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb
index 90a57197c..0ccdf5ec9 100644
--- a/app/controllers/concerns/signature_verification.rb
+++ b/app/controllers/concerns/signature_verification.rb
@@ -5,6 +5,8 @@
 module SignatureVerification
   extend ActiveSupport::Concern
 
+  include DomainControlHelper
+
   def signed_request?
     request.headers['Signature'].present?
   end
@@ -126,6 +128,8 @@ module SignatureVerification
     if key_id.start_with?('acct:')
       stoplight_wrap_request { ResolveAccountService.new.call(key_id.gsub(/\Aacct:/, '')) }
     elsif !ActivityPub::TagManager.instance.local_uri?(key_id)
+      return if domain_not_allowed?(key_id)
+
       account   = ActivityPub::TagManager.instance.uri_to_resource(key_id, Account)
       account ||= stoplight_wrap_request { ActivityPub::FetchRemoteKeyService.new.call(key_id, id: false) }
       account