diff options
| author | Claire <claire.github-309c@sitedethib.com> | 2022-12-04 21:23:19 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-12-04 21:23:19 +0100 |
| commit | fe523a304520a09f6371f45bd63b9e8988776c03 (patch) | |
| tree | 3e8d595b1cfe797db6d5f8c36425f52b82d5798a /app/lib/activitypub | |
| parent | f4879c4481ff4fd487bc1bfb1a48aa252960b2a3 (diff) | |
Fix unbounded recursion in account discovery (#1994)
* Fix trying to fetch posts from other users when fetching featured posts * Rate-limit discovery of new subdomains * Put a limit on recursively discovering new accounts
Diffstat (limited to 'app/lib/activitypub')
| -rw-r--r-- | app/lib/activitypub/activity/create.rb | 2 | ||||
| -rw-r--r-- | app/lib/activitypub/activity/update.rb | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb index ebae12973..4dfbfc665 100644 --- a/app/lib/activitypub/activity/create.rb +++ b/app/lib/activitypub/activity/create.rb @@ -222,7 +222,7 @@ class ActivityPub::Activity::Create < ActivityPub::Activity return if tag['href'].blank? account = account_from_uri(tag['href']) - account = ActivityPub::FetchRemoteAccountService.new.call(tag['href']) if account.nil? + account = ActivityPub::FetchRemoteAccountService.new.call(tag['href'], request_id: @options[:request_id]) if account.nil? return if account.nil? diff --git a/app/lib/activitypub/activity/update.rb b/app/lib/activitypub/activity/update.rb index 5b3238ece..e7c3bc9bf 100644 --- a/app/lib/activitypub/activity/update.rb +++ b/app/lib/activitypub/activity/update.rb @@ -18,7 +18,7 @@ class ActivityPub::Activity::Update < ActivityPub::Activity def update_account return reject_payload! if @account.uri != object_uri - ActivityPub::ProcessAccountService.new.call(@account.username, @account.domain, @object, signed_with_known_key: true) + ActivityPub::ProcessAccountService.new.call(@account.username, @account.domain, @object, signed_with_known_key: true, request_id: @options[:request_id]) end def update_status @@ -28,6 +28,6 @@ class ActivityPub::Activity::Update < ActivityPub::Activity return if @status.nil? - ActivityPub::ProcessStatusUpdateService.new.call(@status, @object) + ActivityPub::ProcessStatusUpdateService.new.call(@status, @object, request_id: @options[:request_id]) end end |