AkkomaGang/akkoma
AkkomaGang
/
akkoma
12
63
Fork 83
Code Issues 167 Pull Requests 15 Packages Projects 2 Releases 13 Wiki Activity

AP fetches are initiated with non-compliant Accept header #730

New Issue
Closed
opened 2024-04-01 23:13:59 +00:00 by Oneric · 0 comments
Oneric commented 2024-04-01 23:13:59 +00:00
Member
Copy Link

Your setup

From source

Extra details

Alpine 3.19

Version

2d439034ca

PostgreSQL version

16

What’s wrong?

Section 3.2 of the ActivityPub spec reads

The client MUST specify an Accept header with the application/ld+json; profile="https://www.w3.org/ns/activitystreams" media type in order to retrieve the activity.

But currently, we perform fetches with application/activity+json instead
2d439034ca/lib/pleroma/object/fetcher.ex (L327)

The same section also tells us

Servers MAY use HTTP content negotiation as defined in [RFC7231] to select the type of data to return in response to a request, but MUST present the ActivityStreams object representation in response to application/ld+json; profile="https://www.w3.org/ns/activitystreams", and SHOULD also present the ActivityStreams representation in response to application/activity+json as well.

The SHOULD part is why we have (currently) little trouble with this in practice, but still we shouldn’t break spec here for no reason.

Just changing the one linked line is likely enough for the server, but some tests only mock HTTP responses for application/activity+json requests and will need updating too

I guess, ideally we also update the returned Content-Type header when serving an AP object (though afaict there isn’t any spec requirement about this, albeit ActivityStream spec seems to actually prefer application/activity+json)

Severity

I can manage

Have you searched for this issue?

  • I have double-checked and have not found this issue mentioned anywhere.
### Your setup From source ### Extra details Alpine 3.19 ### Version 2d439034ca ### PostgreSQL version 16 ### What’s wrong? [Section 3.2 of the ActivityPub spec](https://www.w3.org/TR/activitypub/#retrieving-objects) reads > The client *MUST* specify an `Accept` header with the `application/ld+json; profile="https://www.w3.org/ns/activitystreams"` media type in order to retrieve the activity. But currently, we perform fetches with `application/activity+json` instead https://akkoma.dev/AkkomaGang/akkoma/src/commit/2d439034ca801b704536cb05483e012d62c2d52e/lib/pleroma/object/fetcher.ex#L327 The same section also tells us > Servers *MAY* use HTTP content negotiation as defined in [RFC7231] to select the type of data to return in response to a request, but *MUST* present the ActivityStreams object representation in response to `application/ld+json; profile="https://www.w3.org/ns/activitystreams"`, and *SHOULD* also present the ActivityStreams representation in response to `application/activity+json` as well. The *SHOULD* part is why we have (currently) little trouble with this in practice, but still we shouldn’t break spec here for no reason. Just changing the one linked line is likely enough for the server, but some tests only mock HTTP responses for `application/activity+json` requests and will need updating too I guess, ideally we also update the returned `Content-Type` header when *serving* an AP object *(though afaict there isn’t any spec requirement about this, albeit ActivityStream spec seems to actually prefer `application/activity+json`)* ### Severity I can manage ### Have you searched for this issue? - [x] I have double-checked and have not found this issue mentioned anywhere.
Oneric added the
bug
 label 2024-04-01 23:13:59 +00:00
Oneric changed title from AP fetches are initiaed with noncompliant Accept header to AP fetches are initiaed with non-compliant Accept header 2024-04-01 23:15:03 +00:00
Oneric changed title from AP fetches are initiaed with non-compliant Accept header to AP fetches are initiated with non-compliant Accept header 2024-04-11 21:00:56 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
develop
stable
translations
backoff-http
bad-uploader-config-warning
docker
user-expiry-backfill
config-db-keys
ensure-scrubbers-loaded
otp26
code-shaking-does-not-go-brr
elixir1.15
circleci
backup-fixes
mod-task
policy
mrf-coolness
frontend-switcher-9000
contentMap
language-on-posts
rabbit
credo-on-pr
unify-http
normalise-markup-by-default
buildx
v3.13.1
v3.13.0
snac-3.12.1.2
v3.12.2
snac-3.12.1.1
v3.12.1
v3.12.0
v3.11.0
v2.6.2
v2.6.1
v2.6.0
v2.5.5
v3.10.4
v3.10.3
v3.10.2
v3.10.1
v3.10.0
v2.5.4
v2.5.3
v3.9.3
v3.9.2
v3.9.1
V3.9.0
2023.05
v3.8.0
v3.7.1
v3.7.0
v3.6.0
v3.5.0
v2.4.5
v3.4.0
v3.3.1
v2.4.4
v3.3.0
v3.2.3
v3.2.2
v3.2.1
stable-202209
v3.2.0
v3.1.0
stable-2022.07
v3.0.0
v0.0.1
v2.5.2-6
v2.5.2-5
v2.5.2-4
v2.5.2-3
v2.5.2-2
v2.5.2-1
v2.5.2
v2.5.1
v2.5.0-8
v2.5.0-7
v2.5.0-6
v2.5.0-5
v2.5.0-4
v2.5.0-3
v2.5.0-2
v2.5.0-1
v2.5.0
v2.4.3
pre-rebase
v2.4.2
v2.4.1
v2.4.0
soapbox-v1.1.1
soapbox-v1.1.0
soapbox-v1.0.0
v2.3.0
v2.2.2
v2.2.1
v2.2.0
v2.1.2
v2.1.1
v2.1.0
v2.0.7
v2.0.6
v2.0.5
v2.0.4
v2.0.3
v2.0.2
v2.0.1
v2.0.0
v1.1.9
v1.1.8
v1.1.7
v1.1.6
v1.1.5
v1.1.4
v1.1.3
v1.1.2
v1.1.1
v1.1.0
v1.0.91
v1.0.90
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
v0.9.0
Labels
Clear labels   
approved, awaiting change

   
bug

Something is not working

  
configuration

This requires config changes

  
documentation

This is about human-readable docs

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
extremely low priority

   
feature request

Something new?

  
Fix it yourself

Support has been attempted

  
help wanted

Need some help

  
invalid

Something is wrong

  
mastodon_api

   
needs docs

   
needs tests

   
not a bug

   
planned

   
pleroma_api

   
privacy

   
question

More information is needed

  
static_fe

   
triage

   
wontfix

This won't be fixed

No Label
approved, awaiting change
bug
configuration
documentation
duplicate
enhancement
extremely low priority
feature request
Fix it yourself
help wanted
invalid
mastodon_api
needs docs
needs tests
not a bug
planned
pleroma_api
privacy
question
static_fe
triage
wontfix
Milestone
Clear milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: AkkomaGang/akkoma#730
No description provided.
Delete Branch "%!s(<nil>)"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?