From 66ee325f573feeb61bc6c945151bf64dec6b9698 Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Fri, 26 Jan 2018 11:20:46 +0100 Subject: Only accept public comments --- server/helpers/custom-validators/activitypub/video-comments.ts | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'server') diff --git a/server/helpers/custom-validators/activitypub/video-comments.ts b/server/helpers/custom-validators/activitypub/video-comments.ts index cbd4dac5c..079fee434 100644 --- a/server/helpers/custom-validators/activitypub/video-comments.ts +++ b/server/helpers/custom-validators/activitypub/video-comments.ts @@ -1,5 +1,6 @@ import * as validator from 'validator' -import { exists, isDateValid } from '../misc' +import { ACTIVITY_PUB } from '../../../initializers' +import { exists, isArray, isDateValid } from '../misc' import { isActivityPubUrlValid, isBaseActivityValid } from './misc' function isVideoCommentCreateActivityValid (activity: any) { @@ -13,7 +14,9 @@ function isVideoCommentObjectValid (comment: any) { isCommentContentValid(comment.content) && isActivityPubUrlValid(comment.inReplyTo) && isDateValid(comment.published) && - isActivityPubUrlValid(comment.url) + isActivityPubUrlValid(comment.url) && + isArray(comment.to) && + comment.to.indexOf(ACTIVITY_PUB.PUBLIC) !== -1 // Only accept public comments } function isVideoCommentDeleteActivityValid (activity: any) { -- cgit v1.2.3