diff options
-rw-r--r-- | app/helpers/autoreject_helper.rb | 77 | ||||
-rw-r--r-- | app/lib/activitypub/activity/accept.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/add.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/announce.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/create.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/flag.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/follow.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/like.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/move.rb | 1 | ||||
-rw-r--r-- | app/lib/activitypub/activity/update.rb | 1 | ||||
-rw-r--r-- | app/services/activitypub/fetch_remote_account_service.rb | 2 | ||||
-rw-r--r-- | app/services/activitypub/fetch_remote_status_service.rb | 2 | ||||
-rw-r--r-- | app/services/activitypub/fetch_replies_service.rb | 2 | ||||
-rw-r--r-- | app/services/fetch_link_card_service.rb | 1 | ||||
-rw-r--r-- | app/services/fetch_oembed_service.rb | 1 |
15 files changed, 1 insertions, 93 deletions
diff --git a/app/helpers/autoreject_helper.rb b/app/helpers/autoreject_helper.rb deleted file mode 100644 index 2f869d405..000000000 --- a/app/helpers/autoreject_helper.rb +++ /dev/null @@ -1,77 +0,0 @@ -module AutorejectHelper - include ModerationHelper - - def should_reject?(uri = nil) - if uri.nil? - if @object - uri = object_uri.start_with?('http') ? object_uri : @object['url'] - elsif @json - uri = @json['id'] - end - end - - return if uri.nil? - return unless @json || @object - - domain = uri.scan(/[\w\-]+\.[\w\-]+(?:\.[\w\-]+)*/).first - blocks = DomainBlock.suspend - return [:domain, uri] if blocks.where(domain: domain).or(blocks.where('domain LIKE ?', "%.#{domain}")).exists? - - if @json - oid = @json['id'] - if oid - return [:id_starts_with, uri] if ENV.fetch('REJECT_IF_ID_STARTS_WITH', '').split.any? { |r| oid.start_with?(r) } - return [:id_contains, uri] if ENV.fetch('REJECT_IF_ID_CONTAINS', '').split.any? { |r| r.in?(oid) } - end - - username = @json['preferredUsername'] || @json['username'] - if username && username.is_a?(String) - username = (@json['actor'] && @json['actor'].is_a?(String)) ? @json['actor'] : '' - username = username.scan(/(?<=\/user\/|\/@|\/users\/)([^\s\/]+)/).first - end - - unless username.blank? - username.downcase! - return [:username, uri] if ENV.fetch('REJECT_IF_USERNAME_EQUALS', '').split.any? { |r| r == username } - return [:username_starts_with, uri] if ENV.fetch('REJECT_IF_USERNAME_STARTS_WITH', '').split.any? { |r| username.start_with?(r) } - return [:username_contains, uri] if ENV.fetch('REJECT_IF_USERNAME_CONTAINS', '').split.any? { |r| r.in?(username) } - end - end - - nil - end - - def reject_reason(reason) - case reason - when :domain - "the origin domain is blocked" - when :id_starts_with - "the object's URI starts with a blocked phrase" - when :id_contains - "the object's URI contains a blocked phrase" - when :username - "the author's username is blocked" - when :username_starts_with - "the author's username starts with a blocked phrase" - when :username_contains - "the author's username contains a blocked phrase" - else - "of an undefined reason" - end - end - - def autoreject?(uri = nil) - return false if @options && @options[:imported] - reason, uri = should_reject?(uri) - if reason - reason = reject_reason(reason) - if @json - Rails.logger.info("Rejected an incoming '#{@json['type']}#{@object && " #{@object['type']}".rstrip}' from #{@json['id']} because #{reason}.") - elsif uri - Rails.logger.info("Rejected an outgoing request to #{uri} because #{reason}.") - end - return true - end - false - end -end diff --git a/app/lib/activitypub/activity/accept.rb b/app/lib/activitypub/activity/accept.rb index 525d4ffd6..348ee0d1c 100644 --- a/app/lib/activitypub/activity/accept.rb +++ b/app/lib/activitypub/activity/accept.rb @@ -11,7 +11,6 @@ class ActivityPub::Activity::Accept < ActivityPub::Activity private def accept_follow - return if autoreject? return accept_follow_for_relay if relay_follow? target_account = account_from_uri(target_uri) diff --git a/app/lib/activitypub/activity/add.rb b/app/lib/activitypub/activity/add.rb index 1942448da..43c885c6f 100644 --- a/app/lib/activitypub/activity/add.rb +++ b/app/lib/activitypub/activity/add.rb @@ -2,7 +2,6 @@ class ActivityPub::Activity::Add < ActivityPub::Activity def perform - return if autoreject? return unless @json['target'].present? && value_or_id(@json['target']) == @account.featured_collection_url status = status_from_uri(object_uri) diff --git a/app/lib/activitypub/activity/announce.rb b/app/lib/activitypub/activity/announce.rb index 39b05f8f1..c9471f703 100644 --- a/app/lib/activitypub/activity/announce.rb +++ b/app/lib/activitypub/activity/announce.rb @@ -2,7 +2,6 @@ class ActivityPub::Activity::Announce < ActivityPub::Activity def perform - return if autoreject? return reject_payload! if !@options[:imported] && (delete_arrived_first?(@json['id']) || !related_to_local_activity?) original_status = status_from_object(announced_by: @account, local_only: !@account.known?) diff --git a/app/lib/activitypub/activity/create.rb b/app/lib/activitypub/activity/create.rb index 7b2d40ace..798250c9e 100644 --- a/app/lib/activitypub/activity/create.rb +++ b/app/lib/activitypub/activity/create.rb @@ -2,7 +2,6 @@ class ActivityPub::Activity::Create < ActivityPub::Activity def perform - return if autoreject? return reject_payload! if unsupported_object_type? || !@options[:imported] && (invalid_origin?(@object['id']) || Tombstone.exists?(uri: @object['id']) || !related_to_local_activity?) unless known? diff --git a/app/lib/activitypub/activity/flag.rb b/app/lib/activitypub/activity/flag.rb index 1423cedef..1659bc61f 100644 --- a/app/lib/activitypub/activity/flag.rb +++ b/app/lib/activitypub/activity/flag.rb @@ -2,7 +2,6 @@ class ActivityPub::Activity::Flag < ActivityPub::Activity def perform - return if autoreject? return if skip_reports? target_accounts = object_uris.map { |uri| account_from_uri(uri) }.compact.select(&:local?) diff --git a/app/lib/activitypub/activity/follow.rb b/app/lib/activitypub/activity/follow.rb index 8545ac096..94de89b86 100644 --- a/app/lib/activitypub/activity/follow.rb +++ b/app/lib/activitypub/activity/follow.rb @@ -4,7 +4,6 @@ class ActivityPub::Activity::Follow < ActivityPub::Activity include Payloadable def perform - return if autoreject? target_account = account_from_uri(object_uri) return if target_account.nil? || !target_account.local? || delete_arrived_first?(@json['id']) || @account.requested?(target_account) diff --git a/app/lib/activitypub/activity/like.rb b/app/lib/activitypub/activity/like.rb index 2c4a9d805..674d5fe47 100644 --- a/app/lib/activitypub/activity/like.rb +++ b/app/lib/activitypub/activity/like.rb @@ -2,7 +2,6 @@ class ActivityPub::Activity::Like < ActivityPub::Activity def perform - return if autoreject? original_status = status_from_uri(object_uri) return if original_status.nil? || !original_status.account.local? || delete_arrived_first?(@json['id']) || @account.favourited?(original_status) diff --git a/app/lib/activitypub/activity/move.rb b/app/lib/activitypub/activity/move.rb index b1c986551..d7a5f595c 100644 --- a/app/lib/activitypub/activity/move.rb +++ b/app/lib/activitypub/activity/move.rb @@ -4,7 +4,6 @@ class ActivityPub::Activity::Move < ActivityPub::Activity PROCESSING_COOLDOWN = 7.days.seconds def perform - return if autoreject? return if origin_account.uri != object_uri || processed? mark_as_processing! diff --git a/app/lib/activitypub/activity/update.rb b/app/lib/activitypub/activity/update.rb index 8fb48e073..70035325b 100644 --- a/app/lib/activitypub/activity/update.rb +++ b/app/lib/activitypub/activity/update.rb @@ -4,7 +4,6 @@ class ActivityPub::Activity::Update < ActivityPub::Activity SUPPORTED_TYPES = %w(Application Group Organization Person Service).freeze def perform - return if autoreject? if equals_or_includes_any?(@object['type'], SUPPORTED_TYPES) update_account elsif equals_or_includes_any?(@object['type'], %w(Question)) diff --git a/app/services/activitypub/fetch_remote_account_service.rb b/app/services/activitypub/fetch_remote_account_service.rb index 381726c35..36a327731 100644 --- a/app/services/activitypub/fetch_remote_account_service.rb +++ b/app/services/activitypub/fetch_remote_account_service.rb @@ -12,7 +12,6 @@ class ActivityPub::FetchRemoteAccountService < BaseService return if domain_not_allowed?(uri) return ActivityPub::TagManager.instance.uri_to_resource(uri, Account) if ActivityPub::TagManager.instance.local_uri?(uri) - return if autoreject?(uri) @json = begin if prefetched_body.nil? fetch_resource(uri, id) @@ -21,7 +20,6 @@ class ActivityPub::FetchRemoteAccountService < BaseService end end - return if autoreject? return if !supported_context? || !expected_type? || (break_on_redirect && @json['movedTo'].present?) @uri = @json['id'] diff --git a/app/services/activitypub/fetch_remote_status_service.rb b/app/services/activitypub/fetch_remote_status_service.rb index 9795cf651..0779f13cc 100644 --- a/app/services/activitypub/fetch_remote_status_service.rb +++ b/app/services/activitypub/fetch_remote_status_service.rb @@ -6,7 +6,6 @@ class ActivityPub::FetchRemoteStatusService < BaseService # Should be called when uri has already been checked for locality def call(uri, id: true, prefetched_body: nil, on_behalf_of: nil, announced_by: nil, requested: false) - return if autoreject?(uri) @json = begin if prefetched_body.nil? fetch_resource(uri, id, on_behalf_of) @@ -15,7 +14,6 @@ class ActivityPub::FetchRemoteStatusService < BaseService end end - return if autoreject? return if !(supported_context? && expected_type?) || actor_id.nil? || !trustworthy_attribution?(@json['id'], actor_id) actor = ActivityPub::TagManager.instance.uri_to_resource(actor_id, Account) diff --git a/app/services/activitypub/fetch_replies_service.rb b/app/services/activitypub/fetch_replies_service.rb index 3e9a2f02a..6aae16dc1 100644 --- a/app/services/activitypub/fetch_replies_service.rb +++ b/app/services/activitypub/fetch_replies_service.rb @@ -45,7 +45,7 @@ class ActivityPub::FetchRepliesService < BaseService # amplification attacks. # Also limit to 5 fetched replies to limit potential for DoS. - @items.map { |item| value_or_id(item) }.reject { |uri| autoreject?(uri) || invalid_origin?(uri) }.take(5) + @items.map { |item| value_or_id(item) }.reject { |uri| invalid_origin?(uri) }.take(5) end def object_uri diff --git a/app/services/fetch_link_card_service.rb b/app/services/fetch_link_card_service.rb index 0c401ea83..8587ef2a9 100644 --- a/app/services/fetch_link_card_service.rb +++ b/app/services/fetch_link_card_service.rb @@ -22,7 +22,6 @@ class FetchLinkCardService < BaseService @url = sanitize_query_string(@url.to_s) return if @url.nil? - return if autoreject?(@url) RedisLock.acquire(lock_options) do |lock| if lock.acquired? diff --git a/app/services/fetch_oembed_service.rb b/app/services/fetch_oembed_service.rb index 74e77df2e..1cb0e28a7 100644 --- a/app/services/fetch_oembed_service.rb +++ b/app/services/fetch_oembed_service.rb @@ -9,7 +9,6 @@ class FetchOEmbedService @url = url @options = options - return if autoreject?(@url) discover_endpoint! fetch! end |