diff options
author | ThibG <thib@sitedethib.com> | 2018-08-22 21:35:07 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-08-22 21:35:07 +0200 |
commit | 8aa58e34bb2b62192a997ac7ea8919b22fc45f80 (patch) | |
tree | abc0ea9862c55c2e114c855b20eb4a35f1141709 /app/lib/ostatus/activity | |
parent | 628fca50e20bcf41f206877083fc5ee8789c1088 (diff) | |
parent | e70fc059a9511d43b42c2502514f6220b416cdd5 (diff) |
Merge pull request #665 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'app/lib/ostatus/activity')
-rw-r--r-- | app/lib/ostatus/activity/creation.rb | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/app/lib/ostatus/activity/creation.rb b/app/lib/ostatus/activity/creation.rb index d3a303a0c..8f8c70052 100644 --- a/app/lib/ostatus/activity/creation.rb +++ b/app/lib/ostatus/activity/creation.rb @@ -7,7 +7,7 @@ class OStatus::Activity::Creation < OStatus::Activity::Base return [nil, false] end - return [nil, false] if @account.suspended? + return [nil, false] if @account.suspended? || invalid_origin? RedisLock.acquire(lock_options) do |lock| if lock.acquired? @@ -204,6 +204,15 @@ class OStatus::Activity::Creation < OStatus::Activity::Base end end + def invalid_origin? + return false unless id.start_with?('http') # Legacy IDs cannot be checked + + needle = Addressable::URI.parse(id).normalized_host + + !(needle.casecmp(@account.domain).zero? || + needle.casecmp(Addressable::URI.parse(@account.remote_url.presence || @account.uri).normalized_host).zero?) + end + def lock_options { redis: Redis.current, key: "create:#{id}" } end |