mirror
/
bridgy-fed
kopia lustrzana https://github.com/snarfed/bridgy-fed
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

webfinger error handling: return 400 on ?resource=acct:@fed.brid.gy 

fixes https://console.cloud.google.com/errors/detail/CPn404XJ2rC6rAE;time=P30D?project=bridgy-federated
pull/321/head
Ryan Barrett 2022-11-26 06:59:27 -08:00
rodzic d2d0932893
commit 18a80d09fb
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 6BE31FDF4776E9D4
2 zmienionych plików z 11 dodań i 8 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

15
tests/test_webfinger.py
Wyświetl plik

@ -187,12 +187,13 @@ class WebfingerTest(testutil.TestCase):
for resource in ('foo.com@foo.com', 'acct:foo.com@foo.com', 'xyz@foo.com',
'foo.com', 'http://foo.com/', 'https://foo.com/',
'http://localhost/foo.com'):
url = '/.well-known/webfinger?%s' % urllib.parse.urlencode(
{'resource': resource})
got = self.client.get(url, headers={'Accept': 'application/json'})
self.assertEqual(200, got.status_code, got.get_data(as_text=True))
self.assertEqual('application/jrd+json', got.headers['Content-Type'])
self.assertEqual(self.expected_webfinger, got.json)
with self.subTest(resource=resource):
url = '/.well-known/webfinger?%s' % urllib.parse.urlencode(
{'resource': resource})
got = self.client.get(url, headers={'Accept': 'application/json'})
self.assertEqual(200, got.status_code, got.get_data(as_text=True))
self.assertEqual('application/jrd+json', got.headers['Content-Type'])
self.assertEqual(self.expected_webfinger, got.json)
@mock.patch('requests.get')
def test_webfinger_custom_username(self, mock_get):
@ -241,3 +242,5 @@ class WebfingerTest(testutil.TestCase):
got = self.client.get('/.well-known/webfinger?resource=http://localhost/')
self.assertEqual(400, got.status_code, got.get_data(as_text=True))
got = self.client.get('/.well-known/webfinger?resource=acct%3A%40localhost')
self.assertEqual(400, got.status_code, got.get_data(as_text=True))

4
webfinger.py
Wyświetl plik

@ -156,10 +156,10 @@ class Webfinger(Actor):
"""
def template_vars(self):
resource = flask_util.get_required_param('resource').strip()
resource = resource.removeprefix(request.host_url)
# handle Bridgy Fed actor URLs, eg https://fed.brid.gy/snarfed.org
resource = resource.removeprefix(request.host_url)
if not resource or resource == '/':
if resource in ('', '/', f'acct:{request.host}', f'acct:@{request.host}'):
error('Expected other domain, not fed.brid.gy')
try: