diff --git a/CHANGELOG.md b/CHANGELOG.md index e2a3635f6..8a38e80ba 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,6 +19,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Documentation issue in which a non-existing nginx file was referenced - Issue where a bad inbox URL could break federation - Issue where hashtag rel values would be scrubbed +- Issue where short domains listed in `transparency_obfuscate_domains` were not actually obfuscated ## 2023.08 diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex index ba54eb674..c2e17ca9e 100644 --- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex @@ -314,6 +314,20 @@ def filter(object) when is_binary(object) do def filter(object), do: {:ok, object} defp obfuscate(string) when is_binary(string) do + # Want to strip at least two neighbouring chars + # to ensure at least one non-dot char is in the obfuscation area + stripped = String.length(string) - 6 + + {keepstart, keepend} = + if stripped > 1 do + {3, 3} + else + { + 2 - div(1 - stripped, 2), + 2 + div(stripped, 2) + } + end + string |> to_charlist() |> Enum.with_index() @@ -322,7 +336,7 @@ defp obfuscate(string) when is_binary(string) do ?. {char, index} -> - if 3 <= index && index < String.length(string) - 3, do: ?*, else: char + if keepstart <= index && index < String.length(string) - keepend, do: ?*, else: char end) |> to_string() end diff --git a/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs b/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs index 875cf8f43..c6600f001 100644 --- a/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs +++ b/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs @@ -283,7 +283,7 @@ test "obfuscates domains listed in :transparency_obfuscate_domains" do assert {:ok, %{ - mrf_simple: %{reject: ["rem***.*****nce", "a.b"]}, + mrf_simple: %{reject: ["rem***.*****nce", "*.b"]}, mrf_simple_info: %{reject: %{"rem***.*****nce" => %{}}} }} = SimplePolicy.describe() end