forked from FoundKeyGang/FoundKey
Merge pull request 'backend: increase requestId max size for GNU Social' (#147) from fix/gnusocial-follow-request-ids into main
Reviewed-on: FoundKeyGang/FoundKey#147 Fixes: #146 Changelog: Fixed
This commit is contained in:
commit
193674ce03
3 changed files with 19 additions and 2 deletions
packages/backend
migration
src
|
@ -0,0 +1,12 @@
|
|||
export class largerFollowRequestIds1662943835603 {
|
||||
name = 'largerFollowRequestIds1662943835603';
|
||||
|
||||
async up(queryRunner) {
|
||||
await queryRunner.query(`ALTER TABLE "follow_request" ALTER COLUMN "requestId" TYPE VARCHAR(2048)`);
|
||||
}
|
||||
|
||||
async down(queryRunner) {
|
||||
await queryRunner.query(`ALTER TABLE "follow_request" ALTER COLUMN "requestId" TYPE VARCHAR(128)`);
|
||||
}
|
||||
|
||||
}
|
|
@ -40,7 +40,7 @@ export class FollowRequest {
|
|||
public follower: User | null;
|
||||
|
||||
@Column('varchar', {
|
||||
length: 128, nullable: true,
|
||||
length: 2048, nullable: true,
|
||||
comment: 'id of Follow Activity.',
|
||||
})
|
||||
public requestId: string | null;
|
||||
|
|
|
@ -127,13 +127,18 @@ export default async (job: Bull.Job<InboxJobData>): Promise<string> => {
|
|||
}
|
||||
}
|
||||
|
||||
// activity.idがあればホストが署名者のホストであることを確認する
|
||||
if (typeof activity.id === 'string') {
|
||||
// Verify that activity and actor are from the same host.
|
||||
const signerHost = extractDbHost(authUser.user.uri!);
|
||||
const activityIdHost = extractDbHost(activity.id);
|
||||
if (signerHost !== activityIdHost) {
|
||||
return `skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`;
|
||||
}
|
||||
|
||||
// Verify that the id has a sane length
|
||||
if (activity.id.length > 2048) {
|
||||
return `skip: overly long id from ${signerHost}`;
|
||||
}
|
||||
}
|
||||
|
||||
// Update stats
|
||||
|
|
Loading…
Reference in a new issue