From 754b03d8cb9d3eceede9f46741bec222d372082e Mon Sep 17 00:00:00 2001 From: Claire Date: Tue, 1 Oct 2024 14:52:13 +0200 Subject: [PATCH] Fix unneeded requests to blocked domains when receiving relayed signed activities from them (#31161) --- app/services/activitypub/process_collection_service.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/app/services/activitypub/process_collection_service.rb b/app/services/activitypub/process_collection_service.rb index 4f049a5ae..cadc7d2d1 100644 --- a/app/services/activitypub/process_collection_service.rb +++ b/app/services/activitypub/process_collection_service.rb @@ -2,6 +2,7 @@ class ActivityPub::ProcessCollectionService < BaseService include JsonLdHelper + include DomainControlHelper def call(body, actor, **options) @account = actor @@ -69,6 +70,9 @@ class ActivityPub::ProcessCollectionService < BaseService end def verify_account! + return unless @json['signature'].is_a?(Hash) + return if domain_not_allowed?(@json['signature']['creator']) + @options[:relayed_through_actor] = @account @account = ActivityPub::LinkedDataSignature.new(@json).verify_actor! @account = nil unless @account.is_a?(Account)