Dont allow localhost or raw IPs in activitypub IDs (ref #1221)
This commit is contained in:
parent
dd99e77881
commit
b08e0a6415
1 changed files with 7 additions and 0 deletions
|
@ -27,6 +27,7 @@ use lemmy_structs::blocking;
|
||||||
use lemmy_utils::{location_info, settings::Settings, LemmyError};
|
use lemmy_utils::{location_info, settings::Settings, LemmyError};
|
||||||
use lemmy_websocket::LemmyContext;
|
use lemmy_websocket::LemmyContext;
|
||||||
use serde::Serialize;
|
use serde::Serialize;
|
||||||
|
use std::net::IpAddr;
|
||||||
use url::{ParseError, Url};
|
use url::{ParseError, Url};
|
||||||
|
|
||||||
/// Activitystreams type for community
|
/// Activitystreams type for community
|
||||||
|
@ -72,6 +73,12 @@ fn check_is_apub_id_valid(apub_id: &Url) -> Result<(), LemmyError> {
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
|
let host = apub_id.host_str().context(location_info!())?;
|
||||||
|
let host_as_ip = host.parse::<IpAddr>();
|
||||||
|
if host == "localhost" || host_as_ip.is_ok() {
|
||||||
|
return Err(anyhow!("invalid hostname: {:?}", host).into());
|
||||||
|
}
|
||||||
|
|
||||||
if apub_id.scheme() != Settings::get().get_protocol_string() {
|
if apub_id.scheme() != Settings::get().get_protocol_string() {
|
||||||
return Err(anyhow!("invalid apub id scheme: {:?}", apub_id.scheme()).into());
|
return Err(anyhow!("invalid apub id scheme: {:?}", apub_id.scheme()).into());
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue