blob: d049b52d16b8417e082f730c3841c5dc8b5bf04a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
# frozen_string_literal: true
class VerifyLinkService < BaseService
def call(field)
@link_back = ActivityPub::TagManager.instance.url_for(field.account)
@url = field.value_for_verification
perform_request!
return unless link_back_present?
field.mark_verified!
rescue OpenSSL::SSL::SSLError, HTTP::Error, Addressable::URI::InvalidURIError, Mastodon::HostValidationError, Mastodon::LengthValidationError => e
Rails.logger.debug "Error fetching link #{@url}: #{e}"
nil
end
private
def perform_request!
@body = Request.new(:get, @url).add_headers('Accept' => 'text/html').perform do |res|
res.code != 200 ? nil : res.body_with_limit
end
end
def link_back_present?
return false if @body.blank?
links = Nokogiri::HTML5(@body).xpath('//a[contains(concat(" ", normalize-space(@rel), " "), " me ")]|//link[contains(concat(" ", normalize-space(@rel), " "), " me ")]')
if links.any? { |link| link['href']&.downcase == @link_back.downcase }
true
elsif links.empty?
false
else
link_redirects_back?(links.first['href'])
end
end
def link_redirects_back?(test_url)
return false if test_url.blank?
redirect_to_url = Request.new(:head, test_url, follow: false).perform do |res|
res.headers['Location']
end
redirect_to_url == @link_back
end
end
|