forked from GNUsocial/gnu-social
Import backlog on new subscription.
Danger is when importing a new feed that may be maliciously crafted to contain a zillion entries.
This commit is contained in:
parent
f51cb6fca9
commit
e98bceec10
@ -77,7 +77,7 @@ class PushCallbackAction extends Action
|
|||||||
/**
|
/**
|
||||||
* Handler for GET verification requests from the hub.
|
* Handler for GET verification requests from the hub.
|
||||||
*/
|
*/
|
||||||
function handleGet()
|
public function handleGet()
|
||||||
{
|
{
|
||||||
$mode = $this->arg('hub_mode');
|
$mode = $this->arg('hub_mode');
|
||||||
$topic = $this->arg('hub_topic');
|
$topic = $this->arg('hub_topic');
|
||||||
@ -110,12 +110,21 @@ class PushCallbackAction extends Action
|
|||||||
}
|
}
|
||||||
|
|
||||||
if ($mode == 'subscribe') {
|
if ($mode == 'subscribe') {
|
||||||
if ($feedsub->sub_state == 'active') {
|
$renewal = ($feedsub->sub_state == 'active');
|
||||||
|
if ($renewal) {
|
||||||
common_log(LOG_INFO, __METHOD__ . ': sub update confirmed');
|
common_log(LOG_INFO, __METHOD__ . ': sub update confirmed');
|
||||||
} else {
|
} else {
|
||||||
common_log(LOG_INFO, __METHOD__ . ': sub confirmed');
|
common_log(LOG_INFO, __METHOD__ . ': sub confirmed');
|
||||||
}
|
}
|
||||||
|
|
||||||
$feedsub->confirmSubscribe($lease_seconds);
|
$feedsub->confirmSubscribe($lease_seconds);
|
||||||
|
|
||||||
|
if (!$renewal) {
|
||||||
|
// Kickstart the feed by importing its most recent backlog
|
||||||
|
// FIXME: Send this to background queue handling
|
||||||
|
common_log(LOG_INFO, __METHOD__ . ': Confirmed a new subscription, importing backlog...');
|
||||||
|
$feedsub->importFeed();
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
common_log(LOG_INFO, __METHOD__ . ": unsub confirmed; deleting sub record for $topic");
|
common_log(LOG_INFO, __METHOD__ . ": unsub confirmed; deleting sub record for $topic");
|
||||||
$feedsub->confirmUnsubscribe();
|
$feedsub->confirmUnsubscribe();
|
||||||
|
@ -405,6 +405,7 @@ class FeedSub extends Managed_DataObject
|
|||||||
}
|
}
|
||||||
$this->modified = common_sql_now();
|
$this->modified = common_sql_now();
|
||||||
|
|
||||||
|
common_debug(__METHOD__ . ': Updating sub state and metadata for '.$this->getUri());
|
||||||
return $this->update($original);
|
return $this->update($original);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -463,6 +464,24 @@ class FeedSub extends Managed_DataObject
|
|||||||
$this->receiveFeed($post);
|
$this->receiveFeed($post);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* All our feed URIs should be URLs.
|
||||||
|
*/
|
||||||
|
public function importFeed()
|
||||||
|
{
|
||||||
|
$feed_url = $this->getUri();
|
||||||
|
|
||||||
|
// Fetch the URL
|
||||||
|
try {
|
||||||
|
common_log(LOG_INFO, sprintf('Importing feed backlog from %s', $feed_url));
|
||||||
|
$feed_xml = HTTPClient::quickGet($feed_url, 'application/atom+xml');
|
||||||
|
} catch (Exception $e) {
|
||||||
|
throw new FeedSubException("Could not fetch feed from URL '%s': %s (%d).\n", $feed_url, $e->getMessage(), $e->getCode());
|
||||||
|
}
|
||||||
|
|
||||||
|
return $this->receiveFeed($feed_xml);
|
||||||
|
}
|
||||||
|
|
||||||
protected function receiveFeed($feed_xml)
|
protected function receiveFeed($feed_xml)
|
||||||
{
|
{
|
||||||
// We're passed the XML for the Atom feed as $feed_xml,
|
// We're passed the XML for the Atom feed as $feed_xml,
|
||||||
|
@ -53,9 +53,11 @@ if (!$sub) {
|
|||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// XXX: This could maybe be replaced with $sub->importFeed()
|
||||||
|
|
||||||
// Fetch the URL
|
// Fetch the URL
|
||||||
try {
|
try {
|
||||||
$xml = HTTPClient::quickGet($feedurl, 'text/html,application/xhtml+xml');
|
$xml = HTTPClient::quickGet($feedurl, 'application/atom+xml');
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
echo sprintf("Could not fetch feedurl %s (%d).\n", $e->getMessage(), $e->getCode());
|
echo sprintf("Could not fetch feedurl %s (%d).\n", $e->getMessage(), $e->getCode());
|
||||||
exit(1);
|
exit(1);
|
||||||
|
Loading…
Reference in New Issue
Block a user