diff options
Diffstat (limited to 'server/lib/activitypub/actor.ts')
-rw-r--r-- | server/lib/activitypub/actor.ts | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/server/lib/activitypub/actor.ts b/server/lib/activitypub/actor.ts index 45dd4443d..b16a00669 100644 --- a/server/lib/activitypub/actor.ts +++ b/server/lib/activitypub/actor.ts | |||
@@ -5,7 +5,7 @@ import * as url from 'url' | |||
5 | import * as uuidv4 from 'uuid/v4' | 5 | import * as uuidv4 from 'uuid/v4' |
6 | import { ActivityPubActor, ActivityPubActorType } from '../../../shared/models/activitypub' | 6 | import { ActivityPubActor, ActivityPubActorType } from '../../../shared/models/activitypub' |
7 | import { ActivityPubAttributedTo } from '../../../shared/models/activitypub/objects' | 7 | import { ActivityPubAttributedTo } from '../../../shared/models/activitypub/objects' |
8 | import { getActorUrl } from '../../helpers/activitypub' | 8 | import { checkUrlsSameHost, getActorUrl } from '../../helpers/activitypub' |
9 | import { isActorObjectValid, normalizeActor } from '../../helpers/custom-validators/activitypub/actor' | 9 | import { isActorObjectValid, normalizeActor } from '../../helpers/custom-validators/activitypub/actor' |
10 | import { isActivityPubUrlValid } from '../../helpers/custom-validators/activitypub/misc' | 10 | import { isActivityPubUrlValid } from '../../helpers/custom-validators/activitypub/misc' |
11 | import { retryTransactionWrapper, updateInstanceWithAnother } from '../../helpers/database-utils' | 11 | import { retryTransactionWrapper, updateInstanceWithAnother } from '../../helpers/database-utils' |
@@ -65,8 +65,12 @@ async function getOrCreateActorAndServerAndModel ( | |||
65 | const accountAttributedTo = result.attributedTo.find(a => a.type === 'Person') | 65 | const accountAttributedTo = result.attributedTo.find(a => a.type === 'Person') |
66 | if (!accountAttributedTo) throw new Error('Cannot find account attributed to video channel ' + actor.url) | 66 | if (!accountAttributedTo) throw new Error('Cannot find account attributed to video channel ' + actor.url) |
67 | 67 | ||
68 | if (checkUrlsSameHost(accountAttributedTo.id, actorUrl) !== true) { | ||
69 | throw new Error(`Account attributed to ${accountAttributedTo.id} does not have the same host than actor url ${actorUrl}`) | ||
70 | } | ||
71 | |||
68 | try { | 72 | try { |
69 | // Assert we don't recurse another time | 73 | // Don't recurse another time |
70 | ownerActor = await getOrCreateActorAndServerAndModel(accountAttributedTo.id, 'all', false) | 74 | ownerActor = await getOrCreateActorAndServerAndModel(accountAttributedTo.id, 'all', false) |
71 | } catch (err) { | 75 | } catch (err) { |
72 | logger.error('Cannot get or create account attributed to video channel ' + actor.url) | 76 | logger.error('Cannot get or create account attributed to video channel ' + actor.url) |
@@ -297,12 +301,15 @@ async function fetchRemoteActor (actorUrl: string): Promise<{ statusCode?: numbe | |||
297 | normalizeActor(requestResult.body) | 301 | normalizeActor(requestResult.body) |
298 | 302 | ||
299 | const actorJSON: ActivityPubActor = requestResult.body | 303 | const actorJSON: ActivityPubActor = requestResult.body |
300 | |||
301 | if (isActorObjectValid(actorJSON) === false) { | 304 | if (isActorObjectValid(actorJSON) === false) { |
302 | logger.debug('Remote actor JSON is not valid.', { actorJSON: actorJSON }) | 305 | logger.debug('Remote actor JSON is not valid.', { actorJSON: actorJSON }) |
303 | return { result: undefined, statusCode: requestResult.response.statusCode } | 306 | return { result: undefined, statusCode: requestResult.response.statusCode } |
304 | } | 307 | } |
305 | 308 | ||
309 | if (checkUrlsSameHost(actorJSON.id, actorUrl) !== true) { | ||
310 | throw new Error('Actor url ' + actorUrl + ' has not the same host than its AP id ' + actorJSON.id) | ||
311 | } | ||
312 | |||
306 | const followersCount = await fetchActorTotalItems(actorJSON.followers) | 313 | const followersCount = await fetchActorTotalItems(actorJSON.followers) |
307 | const followingCount = await fetchActorTotalItems(actorJSON.following) | 314 | const followingCount = await fetchActorTotalItems(actorJSON.following) |
308 | 315 | ||