diff options
| author | Starfall <root@starfall.blue> | 2020-02-13 17:55:53 -0600 |
|---|---|---|
| committer | Starfall <root@starfall.blue> | 2020-02-13 17:55:53 -0600 |
| commit | 5902299384d15249fe4b84b8761d4a49f3c7f6fd (patch) | |
| tree | 66f1db08a2f6f9ae2254ba7a81b71835039d671e /app/controllers | |
| parent | 6d24d3bcb84abd04f31da95f97f6d60ef0afdc00 (diff) | |
| parent | 0cbd6d696b8937066cde297ad2eae4b558353b7c (diff) | |
Merge branch 'glitch'
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/api/web/embeds_controller.rb | 16 | ||||
| -rw-r--r-- | app/controllers/concerns/signature_verification.rb | 2 | ||||
| -rw-r--r-- | app/controllers/tags_controller.rb | 10 |
3 files changed, 20 insertions, 8 deletions
diff --git a/app/controllers/api/web/embeds_controller.rb b/app/controllers/api/web/embeds_controller.rb index 6231733b7..4aa31695c 100644 --- a/app/controllers/api/web/embeds_controller.rb +++ b/app/controllers/api/web/embeds_controller.rb @@ -7,15 +7,21 @@ class Api::Web::EmbedsController < Api::Web::BaseController def create status = StatusFinder.new(params[:url]).status + + return not_found if status.hidden? + render json: status, serializer: OEmbedSerializer, width: 400 rescue ActiveRecord::RecordNotFound oembed = FetchOEmbedService.new.call(params[:url]) - oembed[:html] = Formatter.instance.sanitize(oembed[:html], Sanitize::Config::MASTODON_OEMBED) if oembed[:html].present? - if oembed - render json: oembed - else - render json: {}, status: :not_found + return not_found if oembed.nil? + + begin + oembed[:html] = Formatter.instance.sanitize(oembed[:html], Sanitize::Config::MASTODON_OEMBED) + rescue ArgumentError + return not_found end + + render json: oembed end end diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb index ce353f1de..10efbf2e0 100644 --- a/app/controllers/concerns/signature_verification.rb +++ b/app/controllers/concerns/signature_verification.rb @@ -160,6 +160,8 @@ module SignatureVerification account ||= stoplight_wrap_request { ActivityPub::FetchRemoteKeyService.new.call(key_id, id: false) } account end + rescue Mastodon::HostValidationError + nil end def stoplight_wrap_request(&block) diff --git a/app/controllers/tags_controller.rb b/app/controllers/tags_controller.rb index ef61c980f..c59446efc 100644 --- a/app/controllers/tags_controller.rb +++ b/app/controllers/tags_controller.rb @@ -25,7 +25,7 @@ class TagsController < ApplicationController format.rss do expires_in 0, public: true - @statuses = HashtagQueryService.new.call(@tag, params.slice(:any, :all, :none)).limit(PAGE_SIZE) + @statuses = HashtagQueryService.new.call(@tag, filter_params).limit(PAGE_SIZE) @statuses = cache_collection(@statuses, Status) render xml: RSS::TagSerializer.render(@tag, @statuses) @@ -34,7 +34,7 @@ class TagsController < ApplicationController format.json do expires_in 3.minutes, public: public_fetch_mode? - @statuses = HashtagQueryService.new.call(@tag, params.slice(:any, :all, :none), current_account, params[:local]).paginate_by_max_id(PAGE_SIZE, params[:max_id]) + @statuses = HashtagQueryService.new.call(@tag, filter_params, current_account, params[:local]).paginate_by_max_id(PAGE_SIZE, params[:max_id]) @statuses = cache_collection(@statuses, Status) render json: collection_presenter, serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, content_type: 'application/activity+json' @@ -58,10 +58,14 @@ class TagsController < ApplicationController def collection_presenter ActivityPub::CollectionPresenter.new( - id: tag_url(@tag, params.slice(:any, :all, :none)), + id: tag_url(@tag, filter_params), type: :ordered, size: @tag.statuses.count, items: @statuses.map { |s| ActivityPub::TagManager.instance.uri_for(s) } ) end + + def filter_params + params.slice(:any, :all, :none).permit(:any, :all, :none) + end end |