chinwag/chinwagsocial
chinwag/chinwagsocial
2
0
Fork 0
Code Issues Pull requests Releases 14 Wiki Activity

Merge pull request from GHSA-3fjr-858r-92rw

Browse source 
* Fix insufficient origin validation

* Bump version to v4.1.13
This commit is contained in:
Claire 2024-02-01 15:56:46 +01:00 committed by GitHub
commit 5799bc4af7
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
20 changed files with 48 additions and 47 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/lib/activitypub/linked_data_signature.rb
View file

@ -19,7 +19,7 @@ class ActivityPub::LinkedDataSignature
return unless type == 'RsaSignature2017'
creator = ActivityPub::TagManager.instance.uri_to_actor(creator_uri)
creator = ActivityPub::FetchRemoteKeyService.new.call(creator_uri, id: false) if creator&.public_key.blank?
creator = ActivityPub::FetchRemoteKeyService.new.call(creator_uri) if creator&.public_key.blank?
return if creator.nil?