Do not fetch anything from blocked instances

This commit is contained in:
FloatingGhost 2022-12-10 00:09:45 +00:00
parent a1515f9a60
commit 68894089e8
4 changed files with 33 additions and 3 deletions

View file

@ -23,6 +23,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Follow/Block/Mute imports now spin off into *n* tasks to avoid the oban timeout - Follow/Block/Mute imports now spin off into *n* tasks to avoid the oban timeout
- Transient activities recieved from remote servers are no longer persisted in the database - Transient activities recieved from remote servers are no longer persisted in the database
- Overhauled static-fe view for logged-out users - Overhauled static-fe view for logged-out users
- Blocked instances will now not be sent _any_ requests, even fetch ones that would get rejected by MRF anyhow
## Removed ## Removed
- FollowBotPolicy - FollowBotPolicy

View file

@ -116,7 +116,11 @@ def refetch_object(%Object{data: %{"id" => id}} = object) do
# Note: will create a Create activity, which we need internally at the moment. # Note: will create a Create activity, which we need internally at the moment.
def fetch_object_from_id(id, options \\ []) do def fetch_object_from_id(id, options \\ []) do
with {_, nil} <- {:fetch_object, Object.get_cached_by_ap_id(id)}, with %URI{} = uri <- URI.parse(id),
# If we have instance restrictions, apply them here to prevent fetching from unwanted instances
{:ok, nil} <- Pleroma.Web.ActivityPub.MRF.SimplePolicy.check_reject(uri),
{:ok, _} <- Pleroma.Web.ActivityPub.MRF.SimplePolicy.check_accept(uri),
{_, nil} <- {:fetch_object, Object.get_cached_by_ap_id(id)},
{_, true} <- {:allowed_depth, Federator.allowed_thread_distance?(options[:depth])}, {_, true} <- {:allowed_depth, Federator.allowed_thread_distance?(options[:depth])},
{_, {:ok, data}} <- {:fetch, fetch_and_contain_remote_object_from_id(id)}, {_, {:ok, data}} <- {:fetch, fetch_and_contain_remote_object_from_id(id)},
{_, nil} <- {:normalize, Object.normalize(data, fetch: false)}, {_, nil} <- {:normalize, Object.normalize(data, fetch: false)},
@ -155,6 +159,9 @@ def fetch_object_from_id(id, options \\ []) do
{:fetch, {:error, error}} -> {:fetch, {:error, error}} ->
{:error, error} {:error, error}
{:reject, reason} ->
{:reject, reason}
e -> e ->
e e
end end

View file

@ -13,7 +13,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
require Pleroma.Constants require Pleroma.Constants
defp check_accept(%{host: actor_host} = _actor_info) do def check_accept(%{host: actor_host} = _actor_info) do
accepts = accepts =
instance_list(:accept) instance_list(:accept)
|> MRF.subdomains_regex() |> MRF.subdomains_regex()
@ -26,7 +26,7 @@ defp check_accept(%{host: actor_host} = _actor_info) do
end end
end end
defp check_reject(%{host: actor_host} = _actor_info) do def check_reject(%{host: actor_host} = _actor_info) do
rejects = rejects =
instance_list(:reject) instance_list(:reject)
|> MRF.subdomains_regex() |> MRF.subdomains_regex()

View file

@ -161,6 +161,28 @@ test "it does not fetch a spoofed object uploaded on an instance as an attachmen
) )
end end
test "does not fetch anything from a rejected instance" do
clear_config([:mrf_simple, :reject], [{"evil.example.org", "i said so"}])
assert {:reject, _} =
Fetcher.fetch_object_from_id("http://evil.example.org/@admin/99541947525187367")
end
test "does not fetch anything if mrf_simple accept is on" do
clear_config([:mrf_simple, :accept], [{"mastodon.example.org", "i said so"}])
clear_config([:mrf_simple, :reject], [])
assert {:reject, _} =
Fetcher.fetch_object_from_id(
"http://notlisted.example.org/@admin/99541947525187367"
)
assert {:ok, _object} =
Fetcher.fetch_object_from_id(
"http://mastodon.example.org/@admin/99541947525187367"
)
end
test "it resets instance reachability on successful fetch" do test "it resets instance reachability on successful fetch" do
id = "http://mastodon.example.org/@admin/99541947525187367" id = "http://mastodon.example.org/@admin/99541947525187367"
Instances.set_consistently_unreachable(id) Instances.set_consistently_unreachable(id)