From 62a60cb282cec58cdbc0b5bded99d0a5a76ceb22 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Mon, 3 Feb 2020 17:48:23 +0100
Subject: Change signature verification to ignore signatures with invalid host
 (#13033)

Instead of returning a signature verification error, pretend there
was no signature (i.e., this does not allow access to resources that
need a valid signature), so public resources can still be fetched

Fix #13011
---
 app/controllers/concerns/signature_verification.rb | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'app/controllers')

diff --git a/app/controllers/concerns/signature_verification.rb b/app/controllers/concerns/signature_verification.rb
index e58f684e7..3c4903904 100644
--- a/app/controllers/concerns/signature_verification.rb
+++ b/app/controllers/concerns/signature_verification.rb
@@ -159,6 +159,8 @@ module SignatureVerification
       account ||= stoplight_wrap_request { ActivityPub::FetchRemoteKeyService.new.call(key_id, id: false) }
       account
     end
+  rescue Mastodon::HostValidationError
+    nil
   end
 
   def stoplight_wrap_request(&block)
-- 
cgit