Capture and don't thrash on badly formatted AP messages

activities/models/post.py

@@ -25,7 +25,7 @@ from activities.models.post_types import (
     PostTypeDataEncoder,
     QuestionData,
 )
-from core.exceptions import capture_message
+from core.exceptions import ActivityPubFormatError, capture_message
 from core.html import ContentRenderer, FediverseHtmlParser
 from core.ld import (
     canonicalise,
@@ -916,6 +916,8 @@ class Post(StatorModel):
                     focal_x, focal_y = None, None
                 mimetype = attachment.get("mediaType")
                 if not mimetype or not isinstance(mimetype, str):
+                    if "url" not in attachment:
+                        raise ActivityPubFormatError("No URL present on attachment")
                     mimetype, _ = mimetypes.guess_type(attachment["url"])
                     if not mimetype:
                         mimetype = "application/octet-stream"

core/exceptions.py

@@ -9,6 +9,12 @@ class ActivityPubError(BaseException):
     """
 
 
+class ActivityPubFormatError(ActivityPubError):
+    """
+    A problem with an ActivityPub message's format/keys
+    """
+
+
 class ActorMismatchError(ActivityPubError):
     """
     The actor is not authorised to do the action we saw

core/ld.py

@@ -6,6 +6,8 @@ from dateutil import parser
 from pyld import jsonld
 from pyld.jsonld import JsonLdError
 
+from core.exceptions import ActivityPubFormatError
+
 schemas = {
     "www.w3.org/ns/activitystreams": {
         "contentType": "application/ld+json",
@@ -695,7 +697,7 @@ def get_value_or_map(data, key, map_key):
         if "und" in map_key:
             return data[map_key]["und"]
         return list(data[map_key].values())[0]
-    raise KeyError(f"Cannot find {key} or {map_key}")
+    raise ActivityPubFormatError(f"Cannot find {key} or {map_key}")
 
 
 def media_type_from_filename(filename):

users/models/inbox_message.py

@@ -1,15 +1,16 @@
 from django.db import models
 
+from core.exceptions import ActivityPubError
 from stator.models import State, StateField, StateGraph, StatorModel
 
 
 class InboxMessageStates(StateGraph):
     received = State(try_interval=300, delete_after=86400 * 3)
     processed = State(externally_progressed=True, delete_after=86400)
-    purge = State(delete_after=24 * 60 * 60)  # Delete after release (back compat)
+    errored = State(externally_progressed=True, delete_after=86400)
 
     received.transitions_to(processed)
-    processed.transitions_to(purge)  # Delete after release (back compat)
+    received.transitions_to(errored)
 
     @classmethod
     def handle_received(cls, instance: "InboxMessage"):
@@ -17,6 +18,7 @@ class InboxMessageStates(StateGraph):
         from users.models import Block, Follow, Identity, Report
         from users.services import IdentityService
 
+        try:
             match instance.message_type:
                 case "follow":
                     Follow.handle_request_ap(instance.message)
@@ -139,7 +141,9 @@ class InboxMessageStates(StateGraph):
                         case "fetchpost":
                             Post.handle_fetch_internal(instance.message["object"])
                         case "cleartimeline":
-                        TimelineEvent.handle_clear_timeline(instance.message["object"])
+                            TimelineEvent.handle_clear_timeline(
+                                instance.message["object"]
+                            )
                         case "addfollow":
                             IdentityService.handle_internal_add_follow(
                                 instance.message["object"]
@@ -151,6 +155,8 @@ class InboxMessageStates(StateGraph):
                 case unknown:
                     raise ValueError(f"Cannot handle activity of type {unknown}")
             return cls.processed
+        except ActivityPubError:
+            return cls.errored
 
 
 class InboxMessage(StatorModel):