about summary refs log tree commit diff
path: root/app/lib
diff options
context:
space:
mode:
authorClaire <claire.github-309c@sitedethib.com>2021-08-09 23:25:49 +0200
committerClaire <claire.github-309c@sitedethib.com>2021-08-09 23:25:49 +0200
commit8ec4be4233d2bfd9142860b25df639fc23655f0f (patch)
treee0b7f33c4ae22827a7a56aa9cac5fabdd77ee57f /app/lib
parenta61645ed30b854a1b4935026801eb5b287954095 (diff)
parent4ac78e2a066508a54de82f1d910ef2fd36c3d106 (diff)
Merge branch 'main' into glitch-soc/merge-upstream
Conflicts:
- `Gemfile.lock`:
  Not a real conflict, upstream-updated dependency (redis) textually too
  close to glitch-soc-only dependecy.
  Updated redis gem like upstream did.
Diffstat (limited to 'app/lib')
-rw-r--r--app/lib/activitypub/activity/create.rb6
1 files changed, 5 insertions, 1 deletions
diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb
index 390414df2..bba009db3 100644
--- a/app/lib/activitypub/activity/create.rb
+++ b/app/lib/activitypub/activity/create.rb
@@ -452,10 +452,14 @@ class ActivityPub::Activity::Create < ActivityPub::Activity
   end
 
   def supported_blurhash?(blurhash)
-    components = blurhash.blank? ? nil : Blurhash.components(blurhash)
+    components = blurhash.blank? || !blurhash_valid_chars?(blurhash) ? nil : Blurhash.components(blurhash)
     components.present? && components.none? { |comp| comp > 5 }
   end
 
+  def blurhash_valid_chars?(blurhash)
+    /^[\w#$%*+-.:;=?@\[\]^{|}~]+$/.match?(blurhash)
+  end
+
   def skip_download?
     return @skip_download if defined?(@skip_download)