From 94d1af2c4ce80febbf82cb5c0b10bde0fc276b54 Mon Sep 17 00:00:00 2001
From: FloatingGhost <hannah@coffee-and-dreams.uk>
Date: Tue, 15 Aug 2023 23:12:04 +0100
Subject: [PATCH] Disallow nil hosts in should_federate

---
 CHANGELOG.md                                     | 5 +++++
 lib/pleroma/web/activity_pub/publisher.ex        | 6 +++++-
 test/pleroma/web/activity_pub/publisher_test.exs | 7 +++++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d846fec3e..92b3d1a71 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
+## Unreleased
+
+## Fixed
+- Issue where a bad inbox URL could break federation
+
 ## 2023.08
 
 ## Added
diff --git a/lib/pleroma/web/activity_pub/publisher.ex b/lib/pleroma/web/activity_pub/publisher.ex
index 3071c1b77..20004c4fa 100644
--- a/lib/pleroma/web/activity_pub/publisher.ex
+++ b/lib/pleroma/web/activity_pub/publisher.ex
@@ -115,13 +115,17 @@ defmodule Pleroma.Web.ActivityPub.Publisher do
   def should_federate?(url) do
     %{host: host} = URI.parse(url)
 
-    with allowed <- allowed_instances(),
+    with {:nil, false} <- {:nil, is_nil(host)},
+         allowed <- allowed_instances(),
          false <- Enum.empty?(allowed) do
       allowed
       |> Pleroma.Web.ActivityPub.MRF.instance_list_from_tuples()
       |> Pleroma.Web.ActivityPub.MRF.subdomains_regex()
       |> Pleroma.Web.ActivityPub.MRF.subdomain_match?(host)
     else
+      # oi!
+      {:nil, true} ->
+        false
       _ ->
         quarantined_instances =
           blocked_instances()
diff --git a/test/pleroma/web/activity_pub/publisher_test.exs b/test/pleroma/web/activity_pub/publisher_test.exs
index d993ab1d4..87930b7b1 100644
--- a/test/pleroma/web/activity_pub/publisher_test.exs
+++ b/test/pleroma/web/activity_pub/publisher_test.exs
@@ -487,4 +487,11 @@ defmodule Pleroma.Web.ActivityPub.PublisherTest do
              )
     end
   end
+
+  describe "should_federate/1" do
+    test "should not obliterate itself if the inbox URL is bad" do
+      url = "/inbox"
+      refute Pleroma.Web.ActivityPub.Publisher.should_federate?(url)
+    end
+  end
 end