about summary refs log tree commit diff
path: root/app/services
diff options
context:
space:
mode:
authormultiple creatures <dev@multiple-creature.party>2019-07-22 21:12:54 -0500
committermultiple creatures <dev@multiple-creature.party>2019-07-22 21:12:54 -0500
commit2822fbc443addf08651961543e1a63abdd409d87 (patch)
treeab981650f9cd87a3fb919e0ddadb40051a3a3800 /app/services
parent86f29a68fbf5344291b21253f597a914cec18f02 (diff)
move autoreject check to own module & check for reject before pulling resources
Diffstat (limited to 'app/services')
-rw-r--r--app/services/activitypub/fetch_remote_account_service.rb7


-rw-r--r--app/services/activitypub/fetch_remote_status_service.rb8


-rw-r--r--app/services/activitypub/fetch_replies_service.rb7


3 files changed, 21 insertions, 1 deletions
diff --git a/app/services/activitypub/fetch_remote_account_service.rb b/app/services/activitypub/fetch_remote_account_service.rb
index 3c2044941..df1e79d7d 100644
--- a/app/services/activitypub/fetch_remote_account_service.rb
+++ b/app/services/activitypub/fetch_remote_account_service.rb
@@ -2,6 +2,7 @@
 
 class ActivityPub::FetchRemoteAccountService < BaseService
   include JsonLdHelper
+  include AutorejectHelper
 
   SUPPORTED_TYPES = %w(Application Group Organization Person Service).freeze
 
@@ -9,12 +10,14 @@ class ActivityPub::FetchRemoteAccountService < BaseService
   def call(uri, id: true, prefetched_body: nil, break_on_redirect: false, only_key: false)
     return ActivityPub::TagManager.instance.uri_to_resource(uri, Account) if ActivityPub::TagManager.instance.local_uri?(uri)
 
+    return if autoreject?(uri)
     @json = if prefetched_body.nil?
               fetch_resource(uri, id)
             else
               body_to_json(prefetched_body, compare_id: id ? uri : nil)
             end
 
+    return if autoreject?
     return if !supported_context? || !expected_type? || (break_on_redirect && @json['movedTo'].present?)
 
     @uri      = @json['id']
@@ -59,4 +62,8 @@ class ActivityPub::FetchRemoteAccountService < BaseService
   def expected_type?
     equals_or_includes_any?(@json['type'], SUPPORTED_TYPES)
   end
+
+  def object_uri
+    nil
+  end
 end
diff --git a/app/services/activitypub/fetch_remote_status_service.rb b/app/services/activitypub/fetch_remote_status_service.rb
index 469821032..42280ad74 100644
--- a/app/services/activitypub/fetch_remote_status_service.rb
+++ b/app/services/activitypub/fetch_remote_status_service.rb
@@ -2,15 +2,19 @@
 
 class ActivityPub::FetchRemoteStatusService < BaseService
   include JsonLdHelper
+  include AutorejectHelper
 
   # Should be called when uri has already been checked for locality
   def call(uri, id: true, prefetched_body: nil, on_behalf_of: nil)
+    return if autoreject?(uri)
+
     @json = if prefetched_body.nil?
               fetch_resource(uri, id, on_behalf_of)
             else
               body_to_json(prefetched_body, compare_id: id ? uri : nil)
             end
 
+    return if autoreject?
     return unless supported_context? && expected_type?
 
     return if actor_id.nil? || !trustworthy_attribution?(@json['id'], actor_id)
@@ -49,4 +53,8 @@ class ActivityPub::FetchRemoteStatusService < BaseService
   def needs_update(actor)
     actor.possibly_stale?
   end
+
+  def object_uri
+    nil
+  end
 end
diff --git a/app/services/activitypub/fetch_replies_service.rb b/app/services/activitypub/fetch_replies_service.rb
index 8cb309e52..3e9a2f02a 100644
--- a/app/services/activitypub/fetch_replies_service.rb
+++ b/app/services/activitypub/fetch_replies_service.rb
@@ -2,6 +2,7 @@
 
 class ActivityPub::FetchRepliesService < BaseService
   include JsonLdHelper
+  include AutorejectHelper
 
   def call(parent_status, collection_or_uri, allow_synchronous_requests = true)
     @account = parent_status.account
@@ -44,6 +45,10 @@ class ActivityPub::FetchRepliesService < BaseService
     # amplification attacks.
 
     # Also limit to 5 fetched replies to limit potential for DoS.
-    @items.map { |item| value_or_id(item) }.reject { |uri| invalid_origin?(uri) }.take(5)
+    @items.map { |item| value_or_id(item) }.reject { |uri| autoreject?(uri) || invalid_origin?(uri) }.take(5)
+  end
+
+  def object_uri
+    nil
   end
 end

 

generated by cgit-pink  (git 2.37.1) at 2024-07-01 17:37:04 +0000