diff options
| author | Eugen Rochko <eugen@zeonfederated.com> | 2018-05-05 18:22:34 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-05-05 18:22:34 +0200 |
| commit | c947e2e4c57dd6d351fd740c0070fefdc1e1298c (patch) | |
| tree | daa83a5e0ed4db242ea4fd27061cf4844188c686 /app/services | |
| parent | 661f7e6d9d589315728f26e5cc5b345ee769f4b0 (diff) | |
Fix handling of malformed ActivityPub payloads when URIs are nil (#7370)
* Fix handling of malformed ActivityPub payloads when URIs are nil * Gracefully handle JSON-LD canonicalization failures
Diffstat (limited to 'app/services')
| -rw-r--r-- | app/services/activitypub/fetch_remote_status_service.rb | 1 | ||||
| -rw-r--r-- | app/services/activitypub/process_collection_service.rb | 3 |
2 files changed, 4 insertions, 0 deletions
diff --git a/app/services/activitypub/fetch_remote_status_service.rb b/app/services/activitypub/fetch_remote_status_service.rb index 930fbad1f..b6c00a9e7 100644 --- a/app/services/activitypub/fetch_remote_status_service.rb +++ b/app/services/activitypub/fetch_remote_status_service.rb @@ -34,6 +34,7 @@ class ActivityPub::FetchRemoteStatusService < BaseService end def trustworthy_attribution?(uri, attributed_to) + return false if uri.nil? || attributed_to.nil? Addressable::URI.parse(uri).normalized_host.casecmp(Addressable::URI.parse(attributed_to).normalized_host).zero? end diff --git a/app/services/activitypub/process_collection_service.rb b/app/services/activitypub/process_collection_service.rb index eb93329e9..79cdca297 100644 --- a/app/services/activitypub/process_collection_service.rb +++ b/app/services/activitypub/process_collection_service.rb @@ -45,5 +45,8 @@ class ActivityPub::ProcessCollectionService < BaseService def verify_account! @account = ActivityPub::LinkedDataSignature.new(@json).verify_account! + rescue JSON::LD::JsonLdError => e + Rails.logger.debug "Could not verify LD-Signature for #{value_or_id(@json['actor'])}: #{e.message}" + nil end end |