logo

pleroma

My custom branche(s) on git.pleroma.social/pleroma/pleroma git clone https://hacktivis.me/git/pleroma.git
commit: 0f8b10ff5a2141eacd53a0907b6147f7548d60cf
parent eb0f7620f2f7d5a5e61c94a625610d6d3eb115b7
Author: lain <lain@soykaf.club>
Date:   Sun, 14 Nov 2021 16:14:09 +0000

Merge branch 'bugfix/inbox-misleading-warning' into 'develop'

activity_pub_controller: Fix misleading debug warning in post_inbox_fallback

See merge request pleroma/pleroma!3531

Diffstat:


Mlib/pleroma/web/activity_pub/activity_pub_controller.ex37+++++++++++++++++--------------------


1 file changed, 17 insertions(+), 20 deletions(-)

diff --git a/lib/pleroma/web/activity_pub/activity_pub_controller.ex b/lib/pleroma/web/activity_pub/activity_pub_controller.ex
@@ -283,15 +283,29 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
     json(conn, "ok")
   end
 
+  def inbox(%{assigns: %{valid_signature: false}} = conn, _params) do
+    conn
+    |> put_status(:bad_request)
+    |> json("Invalid HTTP Signature")
+  end
+
   # POST /relay/inbox -or- POST /internal/fetch/inbox
-  def inbox(conn, params) do
-    if params["type"] == "Create" && FederatingPlug.federating?() do
+  def inbox(conn, %{"type" => "Create"} = params) do
+    if FederatingPlug.federating?() do
       post_inbox_relayed_create(conn, params)
     else
-      post_inbox_fallback(conn, params)
+      conn
+      |> put_status(:bad_request)
+      |> json("Not federating")
     end
   end
 
+  def inbox(conn, _params) do
+    conn
+    |> put_status(:bad_request)
+    |> json("error, missing HTTP Signature")
+  end
+
   defp post_inbox_relayed_create(conn, params) do
     Logger.debug(
       "Signature missing or not from author, relayed Create message, fetching object from source"
@@ -302,23 +316,6 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubController do
     json(conn, "ok")
   end
 
-  defp post_inbox_fallback(conn, params) do
-    headers = Enum.into(conn.req_headers, %{})
-
-    if headers["signature"] && params["actor"] &&
-         String.contains?(headers["signature"], params["actor"]) do
-      Logger.debug(
-        "Signature validation error for: #{params["actor"]}, make sure you are forwarding the HTTP Host header!"
-      )
-
-      Logger.debug(inspect(conn.req_headers))
-    end
-
-    conn
-    |> put_status(:bad_request)
-    |> json(dgettext("errors", "error"))
-  end
-
   defp represent_service_actor(%User{} = user, conn) do
     with {:ok, user} <- User.ensure_keys_present(user) do
       conn