Validate Note on createNote for v10 (#4757)
* Validate Note on createNote * Add extractApHost
This commit is contained in:
MeiMei
syuilo
parent
828a2a73c9
commit
7d31bd97ff
2 changed files with 32 additions and 3 deletions
|
|
@ -16,6 +16,11 @@ export function extractDbHost(uri: string) {
|
||||||
return toDbHost(url.hostname);
|
return toDbHost(url.hostname);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export function extractApHost(uri: string) {
|
||||||
|
const url = new URL(uri);
|
||||||
|
return toApHost(url.hostname);
|
||||||
|
}
|
||||||
|
|
||||||
export function toDbHost(host: string) {
|
export function toDbHost(host: string) {
|
||||||
if (host == null) return null;
|
if (host == null) return null;
|
||||||
return toUnicode(host.toLowerCase());
|
return toUnicode(host.toLowerCase());
|
||||||
|
|
|
||||||
|
|
@ -20,10 +20,32 @@ import { apLogger } from '../logger';
|
||||||
import { IDriveFile } from '../../../models/drive-file';
|
import { IDriveFile } from '../../../models/drive-file';
|
||||||
import { deliverQuestionUpdate } from '../../../services/note/polls/update';
|
import { deliverQuestionUpdate } from '../../../services/note/polls/update';
|
||||||
import Instance from '../../../models/instance';
|
import Instance from '../../../models/instance';
|
||||||
import { extractDbHost } from '../../../misc/convert-host';
|
import { extractDbHost, extractApHost } from '../../../misc/convert-host';
|
||||||
|
|
||||||
const logger = apLogger;
|
const logger = apLogger;
|
||||||
|
|
||||||
|
export function validateNote(object: any, uri: string) {
|
||||||
|
const expectHost = extractApHost(uri);
|
||||||
|
|
||||||
|
if (object == null) {
|
||||||
|
return new Error('invalid Note: object is null');
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!['Note', 'Question', 'Article'].includes(object.type)) {
|
||||||
|
return new Error(`invalid Note: invalied object type ${object.type}`);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (object.id && extractApHost(object.id) !== expectHost) {
|
||||||
|
return new Error(`invalid Note: id has different host. expected: ${expectHost}, actual: ${extractApHost(object.id)}`);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (object.attributedTo && extractApHost(object.attributedTo) !== expectHost) {
|
||||||
|
return new Error(`invalid Note: attributedTo has different host. expected: ${expectHost}, actual: ${extractApHost(object.attributedTo)}`);
|
||||||
|
}
|
||||||
|
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Noteをフェッチします。
|
* Noteをフェッチします。
|
||||||
*
|
*
|
||||||
|
|
@ -57,8 +79,10 @@ export async function createNote(value: any, resolver?: Resolver, silent = false
|
||||||
|
|
||||||
const object: any = await resolver.resolve(value);
|
const object: any = await resolver.resolve(value);
|
||||||
|
|
||||||
if (!object || !['Note', 'Question', 'Article'].includes(object.type)) {
|
const entryUri = value.id || value;
|
||||||
logger.error(`invalid note: ${value}`, {
|
const err = validateNote(object, entryUri);
|
||||||
|
if (err) {
|
||||||
|
logger.error(`${err.message}`, {
|
||||||
resolver: {
|
resolver: {
|
||||||
history: resolver.getHistory()
|
history: resolver.getHistory()
|
||||||
},
|
},
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue