about summary refs log tree commit diff
path: root/app
diff options
context:
space:
mode:
authorunarist <m.unarist@gmail.com>2017-09-01 00:18:49 +0900
committerEugen Rochko <eugen@zeonfederated.com>2017-08-31 17:18:49 +0200
commitf7937d903c681769801e4f3edcdac7e3c71ad9cf (patch)
treead55827a7ba24821810a19a54fe18431cb9e8be3 /app
parent6b2be5dbfb73e2daf78cf050e5f24c2a8b31ece5 (diff)
Don't process ActivityPub payload if signature is invalid (#4752)
* Don't process ActivityPub payload if signature is invalid

* Fix style issue
Diffstat (limited to 'app')
-rw-r--r--app/services/activitypub/process_collection_service.rb5
1 files changed, 2 insertions, 3 deletions
diff --git a/app/services/activitypub/process_collection_service.rb b/app/services/activitypub/process_collection_service.rb
index 2cf15553d..bc04c50ba 100644
--- a/app/services/activitypub/process_collection_service.rb
+++ b/app/services/activitypub/process_collection_service.rb
@@ -9,7 +9,7 @@ class ActivityPub::ProcessCollectionService < BaseService
 
     return if @account.suspended? || !supported_context?
 
-    verify_account! if different_actor?
+    return if different_actor? && verify_account!.nil?
 
     case @json['type']
     when 'Collection', 'CollectionPage'
@@ -43,7 +43,6 @@ class ActivityPub::ProcessCollectionService < BaseService
   end
 
   def verify_account!
-    account  = ActivityPub::LinkedDataSignature.new(@json).verify_account!
-    @account = account unless account.nil?
+    @account = ActivityPub::LinkedDataSignature.new(@json).verify_account!
   end
 end