commit: 093d39b63416f597b336e1e2b7fb12af3591ef43
parent: 61a88a6757bc557a370888d288f93681cff9668b
Author: kaniini <nenolod@gmail.com>
Date: Sun, 23 Dec 2018 11:28:43 +0000
Merge branch 'feature/hellthread-mitigation' into 'develop'
implement hellthread mitigation
Closes #474
See merge request pleroma/pleroma!588
Diffstat:
3 files changed, 23 insertions(+), 0 deletions(-)
diff --git a/config/config.exs b/config/config.exs
@@ -163,6 +163,8 @@ config :pleroma, :mrf_rejectnonpublic,
allow_followersonly: false,
allow_direct: false
+config :pleroma, :mrf_hellthread, threshold: 10
+
config :pleroma, :mrf_simple,
media_removal: [],
media_nsfw: [],
diff --git a/docs/config.md b/docs/config.md
@@ -121,6 +121,9 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i
* `allow_followersonly`: whether to allow followers-only posts
* `allow_direct`: whether to allow direct messages
+## :mrf_hellthread
+* `threshold`: Number of mentioned users after which the message gets discarded as spam
+
## :media_proxy
* `enabled`: Enables proxying of remote media to the instance’s proxy
* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts.
diff --git a/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex b/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex
@@ -0,0 +1,18 @@
+defmodule Pleroma.Web.ActivityPub.MRF.HellthreadPolicy do
+ @behaviour Pleroma.Web.ActivityPub.MRF
+
+ @impl true
+ def filter(%{"type" => "Create"} = object) do
+ threshold = Pleroma.Config.get([:mrf_hellthread, :threshold])
+ recipients = (object["to"] || []) ++ (object["cc"] || [])
+
+ if length(recipients) > threshold do
+ {:reject, nil}
+ else
+ {:ok, object}
+ end
+ end
+
+ @impl true
+ def filter(object), do: {:ok, object}
+end