From 802cf6a4c53175c7da17ded39cf75679fa352385 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Wed, 22 Aug 2018 20:55:14 +0200
Subject: Improve federated ID validation (#8372)
* Fix URI not being sufficiently validated with prefetched JSON
* Add additional id validation to OStatus documents, when possible
---
app/helpers/jsonld_helper.rb | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
(limited to 'app/helpers')
diff --git a/app/helpers/jsonld_helper.rb b/app/helpers/jsonld_helper.rb
index 9d2b6cf00..532397272 100644
--- a/app/helpers/jsonld_helper.rb
+++ b/app/helpers/jsonld_helper.rb
@@ -73,8 +73,10 @@ module JsonLdHelper
end
end
- def body_to_json(body)
- body.is_a?(String) ? Oj.load(body, mode: :strict) : body
+ def body_to_json(body, compare_id: nil)
+ json = body.is_a?(String) ? Oj.load(body, mode: :strict) : body
+ return if compare_id.present? && json['id'] != compare_id
+ json
rescue Oj::ParseError
nil
end
--
cgit
From 56f882aed6fc81bbe4fb8821f11ba196795c99a8 Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Wed, 22 Aug 2018 20:55:50 +0200
Subject: Avoid deleted attributes when building a Status from action log
(fixes #8371) (#8373)
---
app/helpers/admin/action_logs_helper.rb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'app/helpers')
diff --git a/app/helpers/admin/action_logs_helper.rb b/app/helpers/admin/action_logs_helper.rb
index 85bd30304..c28f0be6b 100644
--- a/app/helpers/admin/action_logs_helper.rb
+++ b/app/helpers/admin/action_logs_helper.rb
@@ -33,7 +33,7 @@ module Admin::ActionLogsHelper
when 'DomainBlock', 'EmailDomainBlock'
link_to attributes['domain'], "https://#{attributes['domain']}"
when 'Status'
- tmp_status = Status.new(attributes)
+ tmp_status = Status.new(attributes.except('reblogs_count', 'favourites_count'))
if tmp_status.account
link_to tmp_status.account&.acct || "##{tmp_status.account_id}", admin_account_path(tmp_status.account_id)
else
--
cgit