diff options
| author | ThibG <thib@sitedethib.com> | 2018-08-22 21:35:07 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-08-22 21:35:07 +0200 |
| commit | 8aa58e34bb2b62192a997ac7ea8919b22fc45f80 (patch) | |
| tree | abc0ea9862c55c2e114c855b20eb4a35f1141709 /app/services/fetch_remote_account_service.rb | |
| parent | 628fca50e20bcf41f206877083fc5ee8789c1088 (diff) | |
| parent | e70fc059a9511d43b42c2502514f6220b416cdd5 (diff) | |
Merge pull request #665 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
Diffstat (limited to 'app/services/fetch_remote_account_service.rb')
| -rw-r--r-- | app/services/fetch_remote_account_service.rb | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/app/services/fetch_remote_account_service.rb b/app/services/fetch_remote_account_service.rb index a0f031a44..cfc560022 100644 --- a/app/services/fetch_remote_account_service.rb +++ b/app/services/fetch_remote_account_service.rb @@ -27,7 +27,7 @@ class FetchRemoteAccountService < BaseService account = author_from_xml(xml.at_xpath('/xmlns:feed', xmlns: OStatus::TagManager::XMLNS), false) - UpdateRemoteProfileService.new.call(xml, account) unless account.nil? + UpdateRemoteProfileService.new.call(xml, account) if account.present? && trusted_domain?(url, account) account rescue TypeError @@ -37,4 +37,9 @@ class FetchRemoteAccountService < BaseService Rails.logger.debug 'Invalid XML or missing namespace' nil end + + def trusted_domain?(url, account) + domain = Addressable::URI.parse(url).normalized_host + domain.casecmp(account.domain).zero? || domain.casecmp(Addressable::URI.parse(account.remote_url.presence || account.uri).normalized_host).zero? + end end |