Import backlog on new subscription.

Danger is when importing a new feed that may be maliciously crafted to contain a zillion entries.
2017-04-21 09:31:27 +02:00 · 2017-04-21 09:31:27 +02:00 · e98bceec10
parent f51cb6fca9
commit e98bceec10
3 changed files with 33 additions and 3 deletions
--- a/plugins/OStatus/actions/pushcallback.php
+++ b/plugins/OStatus/actions/pushcallback.php
@ -77,7 +77,7 @@ class PushCallbackAction extends Action
    /**
     * Handler for GET verification requests from the hub.
     */
-    function handleGet()
+    public function handleGet()
    {
        $mode = $this->arg('hub_mode');
        $topic = $this->arg('hub_topic');
@ -110,12 +110,21 @@ class PushCallbackAction extends Action
        }

        if ($mode == 'subscribe') {
-            if ($feedsub->sub_state == 'active') {
+            $renewal = ($feedsub->sub_state == 'active');
+            if ($renewal) {
                common_log(LOG_INFO, __METHOD__ . ': sub update confirmed');
            } else {
                common_log(LOG_INFO, __METHOD__ . ': sub confirmed');
            }
+
            $feedsub->confirmSubscribe($lease_seconds);
+
+            if (!$renewal) {
+                // Kickstart the feed by importing its most recent backlog
+                // FIXME: Send this to background queue handling
+                common_log(LOG_INFO, __METHOD__ . ': Confirmed a new subscription, importing backlog...');
+                $feedsub->importFeed();
+            }
        } else {
            common_log(LOG_INFO, __METHOD__ . ": unsub confirmed; deleting sub record for $topic");
            $feedsub->confirmUnsubscribe();
--- a/plugins/OStatus/classes/FeedSub.php
+++ b/plugins/OStatus/classes/FeedSub.php
@ -405,6 +405,7 @@ class FeedSub extends Managed_DataObject
        }
        $this->modified = common_sql_now();

+        common_debug(__METHOD__ . ': Updating sub state and metadata for '.$this->getUri());
        return $this->update($original);
    }

@ -463,6 +464,24 @@ class FeedSub extends Managed_DataObject
        $this->receiveFeed($post);
    }

+    /**
+     * All our feed URIs should be URLs.
+     */
+    public function importFeed()
+    {
+        $feed_url = $this->getUri();
+
+        // Fetch the URL
+        try {
+            common_log(LOG_INFO, sprintf('Importing feed backlog from %s', $feed_url));
+            $feed_xml = HTTPClient::quickGet($feed_url, 'application/atom+xml');
+        } catch (Exception $e) {
+            throw new FeedSubException("Could not fetch feed from URL '%s': %s (%d).\n", $feed_url, $e->getMessage(), $e->getCode());
+        }
+
+        return $this->receiveFeed($feed_xml);
+    }
+
    protected function receiveFeed($feed_xml)
    {
        // We're passed the XML for the Atom feed as $feed_xml,
--- a/plugins/OStatus/scripts/testfeed.php
+++ b/plugins/OStatus/scripts/testfeed.php
@ -53,9 +53,11 @@ if (!$sub) {
    exit(1);
 }

+// XXX: This could maybe be replaced with $sub->importFeed()
+
 // Fetch the URL
 try {
-    $xml = HTTPClient::quickGet($feedurl, 'text/html,application/xhtml+xml');
+    $xml = HTTPClient::quickGet($feedurl, 'application/atom+xml');
 } catch (Exception $e) {
    echo sprintf("Could not fetch feedurl %s (%d).\n", $e->getMessage(), $e->getCode());
    exit(1);