mirror
/
pixelfed
kopia lustrzana https://github.com/pixelfed/pixelfed
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

Updaet InboxPipelines, improve handling of missing signature validation headers

pull/4240/head
Daniel Supernault 2023-03-18 22:46:22 -06:00
rodzic da38b33a24
commit 419c0fb0fb
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: 0DEF1C662C9033F7
3 zmienionych plików z 357 dodań i 328 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

10
app/Jobs/InboxPipeline/DeleteWorker.php
Wyświetl plik

@ -126,6 +126,11 @@ class DeleteWorker implements ShouldQueue
return false;
}
$signatureData = HttpSignature::parseSignatureHeader($signature);
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
return false;
}
$keyId = Helpers::validateUrl($signatureData['keyId']);
$id = Helpers::validateUrl($bodyDecoded['id']);
$keyDomain = parse_url($keyId, PHP_URL_HOST);
@ -186,6 +191,11 @@ class DeleteWorker implements ShouldQueue
return;
}
$signatureData = HttpSignature::parseSignatureHeader($signature);
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
return;
}
$keyId = Helpers::validateUrl($signatureData['keyId']);
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
if(!$actor) {

10
app/Jobs/InboxPipeline/InboxValidator.php
Wyświetl plik

@ -113,6 +113,11 @@ class InboxValidator implements ShouldQueue
return false;
}
$signatureData = HttpSignature::parseSignatureHeader($signature);
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
return false;
}
$keyId = Helpers::validateUrl($signatureData['keyId']);
$id = Helpers::validateUrl($bodyDecoded['id']);
$keyDomain = parse_url($keyId, PHP_URL_HOST);
@ -173,6 +178,11 @@ class InboxValidator implements ShouldQueue
return;
}
$signatureData = HttpSignature::parseSignatureHeader($signature);
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
return;
}
$keyId = Helpers::validateUrl($signatureData['keyId']);
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
if(!$actor) {

9
app/Jobs/InboxPipeline/InboxWorker.php
Wyświetl plik

@ -94,6 +94,11 @@ class InboxWorker implements ShouldQueue
return false;
}
$signatureData = HttpSignature::parseSignatureHeader($signature);
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
return false;
}
$keyId = Helpers::validateUrl($signatureData['keyId']);
$id = Helpers::validateUrl($bodyDecoded['id']);
$keyDomain = parse_url($keyId, PHP_URL_HOST);
@ -154,6 +159,10 @@ class InboxWorker implements ShouldQueue
return;
}
$signatureData = HttpSignature::parseSignatureHeader($signature);
if(!isset($signatureData['keyId'], $signatureData['signature'], $signatureData['headers']) || isset($signatureData['error'])) {
return;
}
$keyId = Helpers::validateUrl($signatureData['keyId']);
$actor = Profile::whereKeyId($keyId)->whereNotNull('remote_url')->first();
if(!$actor) {