AkkomaGang/akkoma
AkkomaGang
/
akkoma
12
63
Fork 83
Code Issues 167 Pull Requests 16 Packages Projects 2 Releases 13 Wiki Activity

Don't list old accounts as aliases in WebFinger
ci/woodpecker/pr/lint Pipeline was successful Details
ci/woodpecker/pr/test Pipeline failed Details
ci/woodpecker/pr/build-arm64 unknown status Details
ci/woodpecker/pr/build-amd64 unknown status Details
ci/woodpecker/pr/docs unknown status Details 

Per the XRD specification:

> 2.4. Element <Alias>
>
> The <Alias> element contains a URI value that is an additional
> identifier for the resource described by the XRD. This value
> MUST be an absolute URI. The <Alias> element does not identify
> additional resources the XRD is describing, **but rather provides
> additional identifiers for the same resource.**

(http://docs.oasis-open.org/xri/xrd/v1.0/os/xrd-1.0-os.html#element.alias, emphasis mine)

In other words, the alias list is expected to link to things which are
not just semantically the same, but exactly the same. Old user accounts
don't do that

This change should not pose a compatibility issue: Mastodon does not
list old accounts here (See e1fcb02867/app/serializers/webfinger_serializer.rb (L12))

The use of as:alsoKnownAs is also not quite semantically right here
(see https://www.w3.org/TR/did-core/#dfn-alsoknownas, which defines
it to be used to refer to identifiers which are interchangable) but
that's what DID get for reusing a property definition that Mastodon
already squatted long before they got to it
This commit is contained in:
Erin Shepherd 2024-02-29 20:56:32 +01:00
parent 2d439034ca
commit 464db9ea0b
2 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/pleroma/web/web_finger.ex
View File

@ -65,7 +65,7 @@ defmodule Pleroma.Web.WebFinger do
end
defp gather_aliases(%User{} = user) do
[user.ap_id | user.also_known_as]
[user.ap_id]
end
def represent_user(user, "JSON") do

4
test/pleroma/web/web_finger/web_finger_controller_test.exs
View File

@ -46,8 +46,7 @@ defmodule Pleroma.Web.WebFinger.WebFingerControllerTest do
assert response["subject"] == "acct:#{user.nickname}@localhost"
assert response["aliases"] == [
"https://hyrule.world/users/zelda",
"https://mushroom.kingdom/users/toad"
"https://hyrule.world/users/zelda"
]
end
@ -104,7 +103,6 @@ defmodule Pleroma.Web.WebFinger.WebFingerControllerTest do
|> response(200)
assert response =~ "<Alias>https://hyrule.world/users/zelda</Alias>"
assert response =~ "<Alias>https://mushroom.kingdom/users/toad</Alias>"
end
test "it returns 404 when user isn't found (XML)" do