From a8f82050c85dac01614940d710c7762371272ead Mon Sep 17 00:00:00 2001
From: Francis Dinh <normandy@biribiri.dev>
Date: Sat, 24 Dec 2022 11:58:49 -0500
Subject: [PATCH 1/3] activitypub: perform resolver block check on objects as
 well

---
 packages/backend/src/remote/activitypub/resolver.ts | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/packages/backend/src/remote/activitypub/resolver.ts b/packages/backend/src/remote/activitypub/resolver.ts
index 94b8a6503..178ea12ea 100644
--- a/packages/backend/src/remote/activitypub/resolver.ts
+++ b/packages/backend/src/remote/activitypub/resolver.ts
@@ -45,12 +45,18 @@ export class Resolver {
 		}
 	}
 
-	public async resolve(value: string | IObject, allowRedirect = false): Promise<IObject> {
+	public async resolve(value?: string | IObject | null, allowRedirect = false): Promise<IObject> {
 		if (value == null) {
 			throw new Error('resolvee is null (or undefined)');
 		}
 
 		if (typeof value !== 'string') {
+			if (typeof value.id !== 'undefined') {
+				const host = extractDbHost(getApId(value));
+				if (await shouldBlockInstance(host)) {
+					throw new Error('instance is blocked');
+				}
+			}
 			return value;
 		}
 
@@ -75,7 +81,7 @@ export class Resolver {
 		}
 
 		if (await shouldBlockInstance(host)) {
-			throw new Error('Instance is blocked');
+			throw new Error('instance is blocked');
 		}
 
 		if (!this.user) {

From a732cdc1ad994d7f901c4787a6f45805ac57a28e Mon Sep 17 00:00:00 2001
From: Francis Dinh <normandy@biribiri.dev>
Date: Sat, 24 Dec 2022 11:59:20 -0500
Subject: [PATCH 2/3] activitypub: perform block check in performOneActivity

---
 .../backend/src/remote/activitypub/kernel/index.ts  | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/packages/backend/src/remote/activitypub/kernel/index.ts b/packages/backend/src/remote/activitypub/kernel/index.ts
index 4a5951824..79e2dce75 100644
--- a/packages/backend/src/remote/activitypub/kernel/index.ts
+++ b/packages/backend/src/remote/activitypub/kernel/index.ts
@@ -1,8 +1,10 @@
 import { CacheableRemoteUser } from '@/models/entities/user.js';
 import { toArray } from '@/prelude/array.js';
 import { Resolver } from '@/remote/activitypub/resolver.js';
+import { extractDbHost } from '@/misc/convert-host.js';
+import { shouldBlockInstance } from '@/misc/should-block-instance.js';
 import { apLogger } from '../logger.js';
-import { IObject, isCreate, isDelete, isUpdate, isRead, isFollow, isAccept, isReject, isAdd, isRemove, isAnnounce, isLike, isUndo, isBlock, isCollectionOrOrderedCollection, isCollection, isFlag } from '../type.js';
+import { IObject, isCreate, isDelete, isUpdate, isRead, isFollow, isAccept, isReject, isAdd, isRemove, isAnnounce, isLike, isUndo, isBlock, isCollectionOrOrderedCollection, isCollection, isFlag, getApId } from '../type.js';
 import create from './create/index.js';
 import performDeleteActivity from './delete/index.js';
 import performUpdateActivity from './update/index.js';
@@ -18,7 +20,7 @@ import remove from './remove/index.js';
 import block from './block/index.js';
 import flag from './flag/index.js';
 
-export async function performActivity(actor: CacheableRemoteUser, activity: IObject, resolver: Resolver) {
+export async function performActivity(actor: CacheableRemoteUser, activity: IObject, resolver: Resolver): Promise<void> {
 	if (isCollectionOrOrderedCollection(activity)) {
 		for (const item of toArray(isCollection(activity) ? activity.items : activity.orderedItems)) {
 			const act = await resolver.resolve(item);
@@ -38,6 +40,11 @@ export async function performActivity(actor: CacheableRemoteUser, activity: IObj
 async function performOneActivity(actor: CacheableRemoteUser, activity: IObject, resolver: Resolver): Promise<void> {
 	if (actor.isSuspended) return;
 
+	if (typeof activity.id !== 'undefined') {
+		const host = extractDbHost(getApId(activity));
+		if (await shouldBlockInstance(host)) return;
+	}
+
 	if (isCreate(activity)) {
 		await create(actor, activity, resolver);
 	} else if (isDelete(activity)) {
@@ -55,7 +62,7 @@ async function performOneActivity(actor: CacheableRemoteUser, activity: IObject,
 	} else if (isAdd(activity)) {
 		await add(actor, activity, resolver).catch(err => apLogger.error(err));
 	} else if (isRemove(activity)) {
-		await remove(actor, activity).catch(err => apLogger.error(err));
+		await remove(actor, activity, resolver).catch(err => apLogger.error(err));
 	} else if (isAnnounce(activity)) {
 		await announce(actor, activity, resolver);
 	} else if (isLike(activity)) {

From de3cdb5833a04b274d2117cf1d48801533b4bae1 Mon Sep 17 00:00:00 2001
From: Johann150 <johann.galle@protonmail.com>
Date: Sun, 25 Dec 2022 00:01:58 +0100
Subject: [PATCH 3/3] activitypub: block check for resolving collections

---
 packages/backend/src/remote/activitypub/resolver.ts | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/packages/backend/src/remote/activitypub/resolver.ts b/packages/backend/src/remote/activitypub/resolver.ts
index 178ea12ea..44e05b9e3 100644
--- a/packages/backend/src/remote/activitypub/resolver.ts
+++ b/packages/backend/src/remote/activitypub/resolver.ts
@@ -34,9 +34,7 @@ export class Resolver {
 	}
 
 	public async resolveCollection(value: string | IObject): Promise<ICollection | IOrderedCollection> {
-		const collection = typeof value === 'string'
-			? await this.resolve(value)
-			: value;
+		const collection = await this.resolve(value);
 
 		if (isCollectionOrOrderedCollection(collection)) {
 			return collection;