FoundKeyGang/FoundKey
FoundKeyGang/FoundKey
7
19
Fork 22
Code Issues 37 Pull requests 4 Releases Activity

server: block Create activites from blocked hosts #298

Closed
norm wants to merge 1 commit from block-creates into main
pull from: block-creates
merge into: FoundKeyGang:main
Conversation 1 Commits 1 Files changed 2 +11 -2
norm commented 2022-12-23 23:35:14 +00:00
Owner
Copy link

This should prevent notes from blocked instances from slipping through.

Changelog: Fixed

This should prevent notes from blocked instances from slipping through. Changelog: Fixed
norm added 1 commit 2022-12-23 23:35:15 +00:00
server: block Create activites from blocked hosts
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/push/lint-client Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/push/lint-backend Pipeline was successful
Details
ci/woodpecker/push/lint-sw Pipeline was successful
Details
ci/woodpecker/push/test Pipeline was successful
Details
ci/woodpecker/pr/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/pr/lint-client Pipeline failed
Details
ci/woodpecker/pr/lint-backend Pipeline failed
Details
ci/woodpecker/pr/build Pipeline was successful
Details
ci/woodpecker/pr/lint-sw Pipeline failed
Details
ci/woodpecker/pr/test Pipeline failed
Details
e772bf098a 
This should prevent notes from blocked instances from slipping through.

Changelog: Fixed
Johann150 reviewed 2022-12-24 09:59:48 +00:00
packages/backend/src/remote/activitypub/kernel/create/index.ts
@ -7,3 +9,4 @@
export default async (actor: CacheableRemoteUser, activity: ICreate, resolver: Resolver): Promise<void> => {
const uri = getApId(activity);
if (await shouldBlockInstance(extractDbHost(uri))) return;
Johann150 commented 2022-12-24 09:59:48 +00:00
Owner
Copy link

Shouldn't this already be covered by resolving the activity object further down? The object being created must be from the same host, otherwise it would have been caught by this check

Lines 21 to 23 in 8541932
if (extractDbHost(actor.uri) !== extractDbHost(note.id)) {
return 'skip: host in actor.uri !== note.id';
}

. I guess it was already embedded as an object so the usual checks aren't performed due to this short circuit

Lines 53 to 55 in 8541932
if (typeof value !== 'string') {
return value;
}

. Maybe a better idea to add the matching id/url and instance blocks in that case too.

Maybe also check this at a higher level, i.e. in performOneActivity.

Shouldn't this already be covered by resolving the activity object further down? The object being created must be from the same host, otherwise it would have been caught by this check https://akkoma.dev/FoundKeyGang/FoundKey/src/commit/85419326f868291036681cc9ddfbbc545d37f77d/packages/backend/src/remote/activitypub/kernel/create/note.ts#L21-L23. I guess it was already embedded as an object so the usual checks aren't performed due to this short circuit https://akkoma.dev/FoundKeyGang/FoundKey/src/commit/85419326f868291036681cc9ddfbbc545d37f77d/packages/backend/src/remote/activitypub/resolver.ts#L53-L55. Maybe a better idea to add the matching id/url and instance blocks in that case too. Maybe also check this at a higher level, i.e. in `performOneActivity`.
norm commented 2022-12-24 17:03:42 +00:00
Author
Owner
Copy link

Superseded by #299.

Superseded by #299.
norm closed this pull request 2022-12-24 17:03:42 +00:00
norm deleted branch block-creates 2022-12-24 17:03:52 +00:00
Some checks failed
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/push/lint-client Pipeline was successful
Details
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/push/lint-backend Pipeline was successful
Details
ci/woodpecker/push/lint-sw Pipeline was successful
Details
ci/woodpecker/push/test Pipeline was successful
Details
ci/woodpecker/pr/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/pr/lint-client Pipeline failed
Details
ci/woodpecker/pr/lint-backend Pipeline failed
Details
ci/woodpecker/pr/build Pipeline was successful
Details
ci/woodpecker/pr/lint-sw Pipeline failed
Details
ci/woodpecker/pr/test Pipeline failed
Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
feature

task that proposes new feature(s)

  
fix

task to fix behavioral problems in the FoundKey codebase

  
upkeep

task that should make FoundKey smaller and more maintainable

No labels
feature
fix
upkeep
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: FoundKeyGang/FoundKey#298
No description provided.
Delete branch "block-creates"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?