Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Fix #2706 - Always respond with 200 to PuSH payloads (#2733)

Browse source 
Fix #2196 - Respond with 201 when Salmon accepted, 400 when unverified
Fix #2629 - Correctly handle confirm_domain? for local accounts
Unify rules for extracting author acct from XML, prefer <email>, fall back
to <name> + <uri> (see also #2017, #2172)
This commit is contained in:
Eugen Rochko 2017-05-03 17:02:18 +02:00 committed by GitHub
parent dd9d57300b
commit bafd22ecf4
9 changed files with 77 additions and 85 deletions
Download patch file Download diff file Expand all files Collapse all files

28
app/services/fetch_remote_status_service.rb
View file

@ -1,6 +1,8 @@
# frozen_string_literal: true
class FetchRemoteStatusService < BaseService
include AuthorExtractor
def call(url, prefetched_body = nil)
if prefetched_body.nil?
atom_url, body = FetchAtomService.new.call(url)
@ -21,37 +23,19 @@ class FetchRemoteStatusService < BaseService
xml = Nokogiri::XML(body)
xml.encoding = 'utf-8'
account = extract_author(url, xml)
account = author_from_xml(xml.at_xpath('/xmlns:entry', xmlns: TagManager::XMLNS))
domain = Addressable::URI.parse(url).normalize.host
return nil if account.nil?
return nil unless !account.nil? && confirmed_domain?(domain, account)
statuses = ProcessFeedService.new.call(body, account)
statuses.first
end
def extract_author(url, xml)
url_parts = Addressable::URI.parse(url).normalize
username = xml.at_xpath('//xmlns:author/xmlns:name').try(:content)
domain = url_parts.host
return nil if username.nil?
Rails.logger.debug "Going to webfinger #{username}@#{domain}"
account = FollowRemoteAccountService.new.call("#{username}@#{domain}")
# If the author's confirmed URLs do not match the domain of the URL
# we are reading this from, abort
return nil unless confirmed_domain?(domain, account)
account
rescue Nokogiri::XML::XPath::SyntaxError
Rails.logger.debug 'Invalid XML or missing namespace'
nil
end
def confirmed_domain?(domain, account)
domain.casecmp(account.domain).zero? || domain.casecmp(Addressable::URI.parse(account.remote_url).normalize.host).zero?
account.domain.nil? || domain.casecmp(account.domain).zero? || domain.casecmp(Addressable::URI.parse(account.remote_url).normalize.host).zero?
end
end