From 75fd42b070cbb08a635bfe42ce0448114be005ad Mon Sep 17 00:00:00 2001
From: Johann150 <johann.galle@protonmail.com>
Date: Sun, 16 Apr 2023 19:33:28 +0200
Subject: [PATCH] server: check for valid keyId URL before parse

---
 packages/backend/src/queue/processors/inbox.ts | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/packages/backend/src/queue/processors/inbox.ts b/packages/backend/src/queue/processors/inbox.ts
index db2d87dce..120ba6844 100644
--- a/packages/backend/src/queue/processors/inbox.ts
+++ b/packages/backend/src/queue/processors/inbox.ts
@@ -29,18 +29,18 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
 	logger.debug(JSON.stringify(info, null, 2));
 	//#endregion
 
-	const host = toPuny(new URL(signature.keyId).hostname);
+	const keyIdLower = signature.keyId.toLowerCase();
+	if (keyIdLower.startsWith('acct:')) {
+		return `Old keyId is no longer supported. ${keyIdLower}`;
+	}
+
+	const host = toPuny(new URL(keyIdLower).hostname);
 
 	// Stop if the host is blocked.
 	if (await shouldBlockInstance(host)) {
 		return `Blocked request: ${host}`;
 	}
 
-	const keyIdLower = signature.keyId.toLowerCase();
-	if (keyIdLower.startsWith('acct:')) {
-		return `Old keyId is no longer supported. ${keyIdLower}`;
-	}
-
 	const resolver = new Resolver();
 
 	let authUser;