diff options
Diffstat (limited to 'app/controllers')
-rw-r--r-- | app/controllers/authorize_follow_controller.rb | 19 |
1 files changed, 18 insertions, 1 deletions
diff --git a/app/controllers/authorize_follow_controller.rb b/app/controllers/authorize_follow_controller.rb index a276250a4..ca72c9691 100644 --- a/app/controllers/authorize_follow_controller.rb +++ b/app/controllers/authorize_follow_controller.rb @@ -6,7 +6,14 @@ class AuthorizeFollowController < ApplicationController before_action :authenticate_user! def new - @account = FollowRemoteAccountService.new.call(params[:acct]) + uri = Addressable::URI.parse(params[:acct]) + + if uri.path && %w(http https).include?(uri.scheme) + set_account_from_url + else + set_account_from_acct + end + render :error if @account.nil? end @@ -21,4 +28,14 @@ class AuthorizeFollowController < ApplicationController rescue ActiveRecord::RecordNotFound, Mastodon::NotPermitted render :error end + + private + + def set_account_from_url + @account = FetchRemoteAccountService.new.call(params[:acct]) + end + + def set_account_from_acct + @account = FollowRemoteAccountService.new.call(params[:acct]) + end end |