Browse Source

Fix trying to fetch key from empty URI when verifying HTTP signature (#16100)

closed-social-v3
Eugen Rochko 7 months ago
committed by GitHub
parent
commit
f627d2eb93
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 3 additions and 1 deletions
  1. +1
    -1
      app/helpers/jsonld_helper.rb
  2. +2
    -0
      app/services/activitypub/fetch_remote_key_service.rb

+ 1
- 1
app/helpers/jsonld_helper.rb View File

@ -67,7 +67,7 @@ module JsonLdHelper
unless id
json = fetch_resource_without_id_validation(uri, on_behalf_of)
return unless json
return if !json.is_a?(Hash) || unsupported_uri_scheme?(json['id'])
uri = json['id']
end

+ 2
- 0
app/services/activitypub/fetch_remote_key_service.rb View File

@ -5,6 +5,8 @@ class ActivityPub::FetchRemoteKeyService < BaseService
# Returns account that owns the key
def call(uri, id: true, prefetched_body: nil)
return if uri.blank?
if prefetched_body.nil?
if id
@json = fetch_resource_without_id_validation(uri)

Loading…
Cancel
Save