GNUsocial/gnu-social-v2-archive-activitypub-plugin
Archived
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Some bug fixes for Avatar Grabber

Browse Source 
Replace Exceptions for I/O msg on remote notice validation
This commit is contained in:
Diogo Cordeiro 2018-08-02 05:54:27 +01:00
parent 5f979a32f9
commit 0384890f7b
6 changed files with 39 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ActivityPubPlugin.php
View File

@ -121,11 +121,9 @@ class ActivityPubPlugin extends Plugin
$response = $client->get($url, $headers); $response = $client->get($url, $headers);
$res = json_decode($response->getBody(), true); $res = json_decode($response->getBody(), true);
$settings = []; $settings = [];
try { if (!Activitypub_notice::validate_remote_notice($res, $msg)) {
Activitypub_notice::validate_remote_notice($res);
} catch (Exception $e) {
common_debug('ActivityPubPlugin Notice Grabber: Invalid potential remote notice while processing id: '.$url. '. He returned the following: '.json_encode($res, JSON_UNESCAPED_SLASHES)); common_debug('ActivityPubPlugin Notice Grabber: Invalid potential remote notice while processing id: '.$url. '. He returned the following: '.json_encode($res, JSON_UNESCAPED_SLASHES));
throw $e; throw new Exception($msg);
} }
if (isset($res->inReplyTo)) { if (isset($res->inReplyTo)) {

2
README.md
View File

@ -31,7 +31,7 @@ GNU Social.
## Contributing ## Contributing
Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct, and the process for submitting pull requests to us. Please read [CONTRIBUTING.md](CONTRIBUTING.md) for details on our code of conduct, and the process for submitting merge requests to us.
## Versioning ## Versioning

8
actions/inbox/Create.php
View File

@ -33,11 +33,9 @@ $valid_object_types = ['Note'];
$res = $data->object; $res = $data->object;
try { if (!Activitypub_notice::validate_remote_notice((array) $res, $msg)) {
Activitypub_notice::validate_remote_notice((array) $res); common_debug('ActivityPub Inbox Create Note: Invalid note: '.$msg);
} catch (Exception $e) { ActivityPubReturn::error($msg);
common_debug('ActivityPub Inbox Create Note: Invalid note: '.$e->getMessage());
ActivityPubReturn::error($e->getMessage());
} }
$settings = []; $settings = [];

28
classes/Activitypub_notice.php
View File

@ -202,39 +202,49 @@ class Activitypub_notice extends Managed_DataObject
* *
* @author Diogo Cordeiro <diogo@fc.up.pt> * @author Diogo Cordeiro <diogo@fc.up.pt>
* @param Array $data * @param Array $data
* @param string $msg I/O
* @return boolean true in case of success * @return boolean true in case of success
* @throws Exception * @throws Exception
*/ */
public static function validate_remote_notice($data) public static function validate_remote_notice($data, &$msg)
{ {
if (!isset($data['attributedTo'])) { if (!isset($data['attributedTo'])) {
common_debug('ActivityPub Notice Validator: Rejected because attributedTo was not specified.'); common_debug('ActivityPub Notice Validator: Rejected because attributedTo was not specified.');
throw new Exception('No attributedTo specified.'); $msg = 'No attributedTo specified.';
return false;
} }
if (!isset($data['id'])) { if (!isset($data['id'])) {
common_debug('ActivityPub Notice Validator: Rejected because Object ID was not specified.'); common_debug('ActivityPub Notice Validator: Rejected because Object ID was not specified.');
throw new Exception('Object ID not specified.'); $msg = 'Object ID not specified.';
return false;
} elseif (!filter_var($data['id'], FILTER_VALIDATE_URL)) { } elseif (!filter_var($data['id'], FILTER_VALIDATE_URL)) {
common_debug('ActivityPub Notice Validator: Rejected because Object ID is invalid.'); common_debug('ActivityPub Notice Validator: Rejected because Object ID is invalid.');
throw new Exception('Invalid Object ID.'); $msg = 'Invalid Object ID.';
return false;
} }
if (!isset($data['type']) || $data['type'] !== 'Note') { if (!isset($data['type']) || $data['type'] !== 'Note') {
common_debug('ActivityPub Notice Validator: Rejected because of Type.'); common_debug('ActivityPub Notice Validator: Rejected because of Type.');
throw new Exception('Invalid Object type.'); $msg = 'Invalid Object type.';
return false;
} }
if (!isset($data['content'])) { if (!isset($data['content'])) {
common_debug('ActivityPub Notice Validator: Rejected because Content was not specified.'); common_debug('ActivityPub Notice Validator: Rejected because Content was not specified.');
throw new Exception('Object content was not specified.'); $msg = 'Object content was not specified.';
return false;
} }
if (!isset($data['url'])) { if (!isset($data['url'])) {
throw new Exception('Object URL was not specified.'); common_debug('ActivityPub Notice Validator: Rejected because Object URL was not specified.');
$msg = 'Object URL was not specified.';
return false;
} elseif (!filter_var($data['url'], FILTER_VALIDATE_URL)) { } elseif (!filter_var($data['url'], FILTER_VALIDATE_URL)) {
common_debug('ActivityPub Notice Validator: Rejected because Object URL is invalid.'); common_debug('ActivityPub Notice Validator: Rejected because Object URL is invalid.');
throw new Exception('Invalid Object URL.'); $msg = 'Invalid Object URL.';
return false;
} }
if (!isset($data['cc'])) { if (!isset($data['cc'])) {
common_debug('ActivityPub Notice Validator: Rejected because Object CC was not specified.'); common_debug('ActivityPub Notice Validator: Rejected because Object CC was not specified.');
throw new Exception('Object CC was not specified.'); $msg = 'Object CC was not specified.';
return false;
} }
return true; return true;
} }

7
utils/explorer.php
View File

@ -269,7 +269,12 @@ class Activitypub_explorer
// Avatar // Avatar
if (isset($res['icon']['url'])) { if (isset($res['icon']['url'])) {
try {
$this->_store_avatar($profile, $res['icon']['url']); $this->_store_avatar($profile, $res['icon']['url']);
} catch (Exception $e) {
// Let the exception go, it isn't a serious issue
common_debug('An error ocurred while grabbing remote avatar'.$e->getMessage());
}
} }
return $profile; return $profile;
@ -297,7 +302,7 @@ class Activitypub_explorer
$imgData = HTTPClient::quickGet($url); $imgData = HTTPClient::quickGet($url);
// Make sure it's at least an image file. ImageFile can do the rest. // Make sure it's at least an image file. ImageFile can do the rest.
if (false === getimagesizefromstring($imgData)) { if (false === getimagesizefromstring($imgData)) {
throw new UnsupportedMediaException('Downloaded group avatar was not an image.'); throw new UnsupportedMediaException('Downloaded avatar was not an image.');
} }
file_put_contents($temp_filename, $imgData); file_put_contents($temp_filename, $imgData);
unset($imgData); // No need to carry this in memory. unset($imgData); // No need to carry this in memory.