akkoma/lib/pleroma/object
Oneric c4cf4d7f0b Reject cross-domain redirects when fetching AP objects
Such redirects on AP queries seem most likely to be a spoofing attempt.
If the object is legit, the id should match the final domain anyway and
users can directly use the canonical URL.

The lack of such a check (and use of the initially queried domain’s
authority instead of the final domain) was enabling the current exploit
to even affect instances which already migrated away from a same-domain
upload/proxy setup in the past, but retained a redirect to not break old
attachments.

(In theory this redirect could, with some effort, have been limited to
 only old files, but common guides employed a catch-all redirect, which
 allows even future uploads to be reachable via an initial query to the
 main domain)

Same-domain redirects are valid and also used by ourselves,
e.g. for redirecting /notice/XXX to /objects/YYY.
2024-03-25 14:05:05 -01:00
..
containment.ex Document Pleroma.Object.Fetcher 2024-03-25 14:05:05 -01:00
fetcher.ex Reject cross-domain redirects when fetching AP objects 2024-03-25 14:05:05 -01:00
pruner.ex Fixing up deletes a bit (#327) 2022-12-01 15:00:53 +00:00
updater.ex Support elixir1.15 2023-08-03 17:44:09 +01:00