From 4ac6fbe6c97571aa9c750c607b7d90b7edcae8dd Mon Sep 17 00:00:00 2001 From: smitten Date: Thu, 27 Jul 2023 16:41:07 -0400 Subject: [PATCH] Use URI builtins --- .../controllers/protocol_handler_controller.ex | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/web/akkoma_api/controllers/protocol_handler_controller.ex b/lib/pleroma/web/akkoma_api/controllers/protocol_handler_controller.ex index 82d618ed9..ee0cdf69b 100644 --- a/lib/pleroma/web/akkoma_api/controllers/protocol_handler_controller.ex +++ b/lib/pleroma/web/akkoma_api/controllers/protocol_handler_controller.ex @@ -23,15 +23,15 @@ def reroute(conn, %{"target" => target_param}) do end def reroute(conn, _), do: conn |> json_response(:bad_request, "Missing `target` parameter") - def handle(%{assigns: %{user: user}} = conn, %{"target" => "web+ap://" <> identifier}) when is_nil(user) do + def handle(%{assigns: %{user: user}} = conn, %{"target" => "web+ap:" <> identifier}) when is_nil(user) do # Unauthenticated, only local records should be searched cond do - String.starts_with?(identifier, Pleroma.Config.get([Pleroma.Web.Endpoint, :url, :host])) -> find_and_redirect(conn, identifier) + URI.parse(identifier).host == Pleroma.Config.get([Pleroma.Web.Endpoint, :url, :host]) -> find_and_redirect(conn, identifier) true -> conn |> json_response(:forbidden, "Invalid credentials.") end end - def handle(%{assigns: %{user: user}} = conn, %{"target" => "web+ap://" <> identifier}) when not is_nil(user) do + def handle(%{assigns: %{user: user}} = conn, %{"target" => "web+ap:" <> identifier}) when not is_nil(user) do # Authenticated User find_and_redirect(conn, identifier) end @@ -40,9 +40,9 @@ def handle(conn, _), do: conn |> json_response(:bad_request, "Could not handle p defp find_and_redirect(%{assigns: %{user: user}} = conn, identifier) do # Remove userinfo if present (username:password@) - cleaned = String.replace(identifier, ~r/^[^\/]*?@/, "") - with {:error, _err} <- User.get_or_fetch("https://" <> cleaned), - [] <- DatabaseSearch.maybe_fetch([], user, "https://" <> cleaned) do + cleaned = URI.parse("https:" <> identifier) |> Map.merge(%{ userinfo: nil }) |> URI.to_string() + with {:error, _err} <- User.get_or_fetch( cleaned), + [] <- DatabaseSearch.maybe_fetch([], user, cleaned) do conn |> json_response(:not_found, "Not Found - #{cleaned}") else {:ok, %User{} = found_user} -> conn |> redirect(to: "/users/#{found_user.id}")