Merge pull request #2614 from pixelfed/staging

Update webfinger util, fail on invalid webfinger url. Fixes #2613
This commit is contained in:
daniel 2021-02-03 20:59:53 -07:00 committed by GitHub
commit 83aecc5595
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 108 additions and 15 deletions

View file

@ -25,6 +25,8 @@
- Updated DiscoverComponent, add blurhash and like/comment counts. ([a8ebdd2e](https://github.com/pixelfed/pixelfed/commit/a8ebdd2e))
- Updated DiscoverComponent, add spinner loaders and remove deprecated sections. ([34869247](https://github.com/pixelfed/pixelfed/commit/34869247))
- Updated AccountController, add mutes and blocks endpoint to pixelfed api. ([1fb7e2b2](https://github.com/pixelfed/pixelfed/commit/1fb7e2b2))
- Updated AccountService, cache object and observe changes. ([b299da93](https://github.com/pixelfed/pixelfed/commit/b299da93))
- Updated webfinger util, fail on invalid webfinger url. Fixes ([#2613](https://github.com/pixelfed/pixelfed/issues/2613)) ([2d11317c](https://github.com/pixelfed/pixelfed/commit/2d11317c))
- ([](https://github.com/pixelfed/pixelfed/commit/))
## [v0.10.10 (2021-01-28)](https://github.com/pixelfed/pixelfed/compare/v0.10.9...v0.10.10)

View file

@ -63,7 +63,7 @@ class FederationController extends Controller
}
$webfinger = (new Webfinger($profile))->generate();
return response()->json($webfinger, 200, [], JSON_PRETTY_PRINT)
return response()->json($webfinger, 200, [], JSON_PRETTY_PRINT|JSON_UNESCAPED_SLASHES)
->header('Access-Control-Allow-Origin','*');
}

View file

@ -5,6 +5,7 @@ namespace App\Observers;
use App\Avatar;
use Illuminate\Support\Facades\Storage;
use Illuminate\Support\Str;
use App\Services\AccountService;
class AvatarObserver
{
@ -27,7 +28,7 @@ class AvatarObserver
*/
public function updated(Avatar $avatar)
{
//
AccountService::del($avatar->profile_id);
}
/**
@ -64,6 +65,7 @@ class AvatarObserver
$disk->delete($avatar->media_path);
}
}
AccountService::del($avatar->profile_id);
}
/**

View file

@ -0,0 +1,64 @@
<?php
namespace App\Observers;
use App\Profile;
use App\Services\AccountService;
class ProfileObserver
{
/**
* Handle the Profile "created" event.
*
* @param \App\Profile $profile
* @return void
*/
public function created(Profile $profile)
{
//
}
/**
* Handle the Profile "updated" event.
*
* @param \App\Profile $profile
* @return void
*/
public function updated(Profile $profile)
{
AccountService::del($profile->id);
}
/**
* Handle the Profile "deleted" event.
*
* @param \App\Profile $profile
* @return void
*/
public function deleted(Profile $profile)
{
AccountService::del($profile->id);
}
/**
* Handle the Profile "restored" event.
*
* @param \App\Profile $profile
* @return void
*/
public function restored(Profile $profile)
{
//
}
/**
* Handle the Profile "force deleted" event.
*
* @param \App\Profile $profile
* @return void
*/
public function forceDeleted(Profile $profile)
{
//
}
}

View file

@ -6,6 +6,7 @@ use App\Observers\{
AvatarObserver,
NotificationObserver,
ModLogObserver,
ProfileObserver,
StatusHashtagObserver,
UserObserver,
UserFilterObserver,
@ -14,6 +15,7 @@ use App\{
Avatar,
Notification,
ModLog,
Profile,
StatusHashtag,
User,
UserFilter
@ -41,6 +43,7 @@ class AppServiceProvider extends ServiceProvider
Avatar::observe(AvatarObserver::class);
Notification::observe(NotificationObserver::class);
ModLog::observe(ModLogObserver::class);
Profile::observe(ProfileObserver::class);
StatusHashtag::observe(StatusHashtagObserver::class);
User::observe(UserObserver::class);
UserFilter::observe(UserFilterObserver::class);

View file

@ -14,16 +14,25 @@ class AccountService {
public static function get($id)
{
// $key = self::CACHE_KEY . ':' . $id;
// $ttl = now()->addSeconds(10);
// return Cache::remember($key, $ttl, function() use($id) {
// });
if($id > PHP_INT_MAX || $id < 1) {
return [];
}
$fractal = new Fractal\Manager();
$fractal->setSerializer(new ArraySerializer());
$profile = Profile::whereNull('status')->findOrFail($id);
$resource = new Fractal\Resource\Item($profile, new AccountTransformer());
return $fractal->createData($resource)->toArray();
$key = self::CACHE_KEY . $id;
$ttl = now()->addMinutes(15);
return Cache::remember($key, $ttl, function() use($id) {
$fractal = new Fractal\Manager();
$fractal->setSerializer(new ArraySerializer());
$profile = Profile::whereNull('status')->findOrFail($id);
$resource = new Fractal\Resource\Item($profile, new AccountTransformer());
return $fractal->createData($resource)->toArray();
});
}
public static function del($id)
{
return Cache::forget(self::CACHE_KEY . $id);
}
}

View file

@ -2,22 +2,35 @@
namespace App\Util\Lexer;
use Illuminate\Support\Str;
class Nickname
{
public static function normalizeProfileUrl($url)
{
if (starts_with($url, 'acct:')) {
if(!Str::of($url)->contains('@')) {
return;
}
if(Str::startsWith($url, 'acct:')) {
$url = str_replace('acct:', '', $url);
}
if(starts_with($url, '@')) {
if(Str::startsWith($url, '@')) {
$url = substr($url, 1);
if(!Str::of($url)->contains('@')) {
return;
}
}
$parts = explode('@', $url);
$username = $parts[0];
$domain = $parts[1];
return ['domain' => $domain, 'username' => $username];
return [
'domain' => $domain,
'username' => $username
];
}
}