Merge branch '2077-fix-bogus-webfinger-ids' into 'develop'
Webfinger: Handle bogus ids better. Closes #2077 See merge request pleroma/pleroma!2919
This commit is contained in:
commit
976094cd7b
@ -149,6 +149,18 @@ defmodule Pleroma.Web.WebFinger do
|
|||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
defp get_address_from_domain(domain, encoded_account) when is_binary(domain) do
|
||||||
|
case find_lrdd_template(domain) do
|
||||||
|
{:ok, template} ->
|
||||||
|
String.replace(template, "{uri}", encoded_account)
|
||||||
|
|
||||||
|
_ ->
|
||||||
|
"https://#{domain}/.well-known/webfinger?resource=#{encoded_account}"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
defp get_address_from_domain(_, _), do: nil
|
||||||
|
|
||||||
@spec finger(String.t()) :: {:ok, map()} | {:error, any()}
|
@spec finger(String.t()) :: {:ok, map()} | {:error, any()}
|
||||||
def finger(account) do
|
def finger(account) do
|
||||||
account = String.trim_leading(account, "@")
|
account = String.trim_leading(account, "@")
|
||||||
@ -163,16 +175,8 @@ defmodule Pleroma.Web.WebFinger do
|
|||||||
|
|
||||||
encoded_account = URI.encode("acct:#{account}")
|
encoded_account = URI.encode("acct:#{account}")
|
||||||
|
|
||||||
address =
|
with address when is_binary(address) <- get_address_from_domain(domain, encoded_account),
|
||||||
case find_lrdd_template(domain) do
|
response <-
|
||||||
{:ok, template} ->
|
|
||||||
String.replace(template, "{uri}", encoded_account)
|
|
||||||
|
|
||||||
_ ->
|
|
||||||
"https://#{domain}/.well-known/webfinger?resource=#{encoded_account}"
|
|
||||||
end
|
|
||||||
|
|
||||||
with response <-
|
|
||||||
HTTP.get(
|
HTTP.get(
|
||||||
address,
|
address,
|
||||||
[{"accept", "application/xrd+xml,application/jrd+json"}]
|
[{"accept", "application/xrd+xml,application/jrd+json"}]
|
||||||
|
@ -40,6 +40,11 @@ defmodule Pleroma.Web.WebFingerTest do
|
|||||||
end
|
end
|
||||||
|
|
||||||
describe "fingering" do
|
describe "fingering" do
|
||||||
|
test "returns error for nonsensical input" do
|
||||||
|
assert {:error, _} = WebFinger.finger("bliblablu")
|
||||||
|
assert {:error, _} = WebFinger.finger("pleroma.social")
|
||||||
|
end
|
||||||
|
|
||||||
test "returns error when fails parse xml or json" do
|
test "returns error when fails parse xml or json" do
|
||||||
user = "invalid_content@social.heldscal.la"
|
user = "invalid_content@social.heldscal.la"
|
||||||
assert {:error, %Jason.DecodeError{}} = WebFinger.finger(user)
|
assert {:error, %Jason.DecodeError{}} = WebFinger.finger(user)
|
||||||
|
Loading…
Reference in New Issue
Block a user