'application/activity+json', ]; $headers = HttpSignature::instanceActorSign($url, false, $baseHeaders, 'get'); $headers['Accept'] = 'application/activity+json'; $headers['User-Agent'] = 'PixelFedBot/1.0.0 (Pixelfed/'.config('pixelfed.version').'; +'.config('app.url').')'; try { $res = Http::withOptions([ 'allow_redirects' => [ 'max' => 2, 'protocols' => ['https'], ]]) ->withHeaders($headers) ->timeout(30) ->connectTimeout(5) ->retry(3, 500) ->get($url); } catch (RequestException $e) { return; } catch (ConnectionException $e) { return; } catch (Exception $e) { return; } if (! $res->ok()) { return; } if (! $res->hasHeader('Content-Type')) { return; } $acceptedTypes = [ 'application/activity+json; charset=utf-8', 'application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"', ]; $contentType = $res->getHeader('Content-Type')[0]; if (! $contentType) { return; } if (! in_array($contentType, $acceptedTypes)) { return; } return $res->body(); }); } public static function validateUrl($url) { if (is_array($url)) { $url = $url[0]; } $localhosts = [ '127.0.0.1', 'localhost', '::1', ]; if (strtolower(mb_substr($url, 0, 8)) !== 'https://') { return false; } if (substr_count($url, '://') !== 1) { return false; } if (mb_substr($url, 0, 8) !== 'https://') { $url = 'https://'.substr($url, 8); } $valid = filter_var($url, FILTER_VALIDATE_URL); if (! $valid) { return false; } $host = parse_url($valid, PHP_URL_HOST); if (in_array($host, $localhosts)) { return false; } if (config('security.url.verify_dns')) { if (DomainService::hasValidDns($host) === false) { return false; } } if (app()->environment() === 'production') { $bannedInstances = InstanceService::getBannedDomains(); if (in_array($host, $bannedInstances)) { return false; } } return $url; } }