From e98833748e80275a88560155a0b912667dd2d70b Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Wed, 9 Nov 2022 08:24:21 +0100
Subject: Fix being able to spoof link verification (#20217)

- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
---
 app/services/activitypub/process_account_service.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/services/activitypub')

diff --git a/app/services/activitypub/process_account_service.rb b/app/services/activitypub/process_account_service.rb
index 3834d79cc..99bcb3835 100644
--- a/app/services/activitypub/process_account_service.rb
+++ b/app/services/activitypub/process_account_service.rb
@@ -40,7 +40,7 @@ class ActivityPub::ProcessAccountService < BaseService
     unless @options[:only_key] || @account.suspended?
       check_featured_collection! if @account.featured_collection_url.present?
       check_featured_tags_collection! if @json['featuredTags'].present?
-      check_links! unless @account.fields.empty?
+      check_links! if @account.fields.any?(&:requires_verification?)
     end
 
     @account
-- 
cgit 


From a5394980f22e061ec7e4f6df3f3b571624f5ca7d Mon Sep 17 00:00:00 2001
From: Claire <claire.github-309c@sitedethib.com>
Date: Wed, 9 Nov 2022 20:10:38 +0100
Subject: Fix NameError in Webfinger redirect handling in
 ActivityPub::FetchRemoteActorService (#20260)

---
 app/services/activitypub/fetch_remote_actor_service.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app/services/activitypub')

diff --git a/app/services/activitypub/fetch_remote_actor_service.rb b/app/services/activitypub/fetch_remote_actor_service.rb
index 17bf2f287..db09c38d8 100644
--- a/app/services/activitypub/fetch_remote_actor_service.rb
+++ b/app/services/activitypub/fetch_remote_actor_service.rb
@@ -56,7 +56,7 @@ class ActivityPub::FetchRemoteActorService < BaseService
     @username, @domain                   = split_acct(webfinger.subject)
 
     unless confirmed_username.casecmp(@username).zero? && confirmed_domain.casecmp(@domain).zero?
-      raise Webfinger::RedirectError, "Too many webfinger redirects for URI #{uri} (stopped at #{@username}@#{@domain})"
+      raise Webfinger::RedirectError, "Too many webfinger redirects for URI #{@uri} (stopped at #{@username}@#{@domain})"
     end
 
     raise Error, "Webfinger response for #{@username}@#{@domain} does not loop back to #{@uri}" if webfinger.link('self', 'href') != @uri
-- 
cgit