diff options
author | Eugen Rochko <eugen@zeonfederated.com> | 2017-05-03 17:02:18 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-05-03 17:02:18 +0200 |
commit | bafd22ecf487774c252a271d668716b0e1c84c6c (patch) | |
tree | bda1f7d712b3d0094595b56261a36b38034d345b /app/services/fetch_remote_status_service.rb | |
parent | dd9d57300ba3b6df91ef6398d8c369437cc2a9c7 (diff) |
Fix #2706 - Always respond with 200 to PuSH payloads (#2733)
Fix #2196 - Respond with 201 when Salmon accepted, 400 when unverified Fix #2629 - Correctly handle confirm_domain? for local accounts Unify rules for extracting author acct from XML, prefer <email>, fall back to <name> + <uri> (see also #2017, #2172)
Diffstat (limited to 'app/services/fetch_remote_status_service.rb')
-rw-r--r-- | app/services/fetch_remote_status_service.rb | 28 |
1 files changed, 6 insertions, 22 deletions
diff --git a/app/services/fetch_remote_status_service.rb b/app/services/fetch_remote_status_service.rb index 5a454808e..f414813ad 100644 --- a/app/services/fetch_remote_status_service.rb +++ b/app/services/fetch_remote_status_service.rb @@ -1,6 +1,8 @@ # frozen_string_literal: true class FetchRemoteStatusService < BaseService + include AuthorExtractor + def call(url, prefetched_body = nil) if prefetched_body.nil? atom_url, body = FetchAtomService.new.call(url) @@ -21,37 +23,19 @@ class FetchRemoteStatusService < BaseService xml = Nokogiri::XML(body) xml.encoding = 'utf-8' - account = extract_author(url, xml) + account = author_from_xml(xml.at_xpath('/xmlns:entry', xmlns: TagManager::XMLNS)) + domain = Addressable::URI.parse(url).normalize.host - return nil if account.nil? + return nil unless !account.nil? && confirmed_domain?(domain, account) statuses = ProcessFeedService.new.call(body, account) - statuses.first - end - - def extract_author(url, xml) - url_parts = Addressable::URI.parse(url).normalize - username = xml.at_xpath('//xmlns:author/xmlns:name').try(:content) - domain = url_parts.host - - return nil if username.nil? - - Rails.logger.debug "Going to webfinger #{username}@#{domain}" - - account = FollowRemoteAccountService.new.call("#{username}@#{domain}") - - # If the author's confirmed URLs do not match the domain of the URL - # we are reading this from, abort - return nil unless confirmed_domain?(domain, account) - - account rescue Nokogiri::XML::XPath::SyntaxError Rails.logger.debug 'Invalid XML or missing namespace' nil end def confirmed_domain?(domain, account) - domain.casecmp(account.domain).zero? || domain.casecmp(Addressable::URI.parse(account.remote_url).normalize.host).zero? + account.domain.nil? || domain.casecmp(account.domain).zero? || domain.casecmp(Addressable::URI.parse(account.remote_url).normalize.host).zero? end end |