* enhance: Add a few validation fixes from Sharkey
See the original MR on the GitLab instance:
https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/484
Co-Authored-By: Dakkar <dakkar@thenautilus.net>
* fix: primitive 2: acceptance of cross-origin alternate
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 3: validation of non-final url
* fix: primitive 4: missing same-origin identifier validation of collection-wrapped activities
* fix: primitives 5 & 8: reject activities with non
string identifiers
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 6: reject anonymous objects that were fetched by their id
* fix: primitives 9, 10 & 11: http signature validation
doesn't enforce required headers or specify auth header name
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 14: improper validation of outbox, followers, following & shared inbox collections
* fix: code style for primitive 14
* fix: primitive 15: improper same-origin validation for
note uri and url
Co-Authored-By: Laura Hausmann <laura@hausmann.dev>
* fix: primitive 16: improper same-origin validation for user uri and url
* fix: primitive 17: note same-origin identifier validation can be bypassed by wrapping the id in an array
* fix: code style for primitive 17
* fix: check attribution against actor in notes
While this isn't strictly required to fix the exploits at hand, this
mirrors the fix in `ApQuestionService` for GHSA-5h8r-gq97-xv69, as a
preemptive countermeasure.
* fix: primitive 18: `ap/get` bypasses access checks
One might argue that we could make this one actually preform access
checks against the returned activity object, but I feel like that's a
lot more work than just restricting it to administrators, since, to me
at least, it seems more like a debugging tool than anything else.
* fix: primitive 19 & 20: respect blocks and hide more
Ideally, the user property should also be hidden (as leaving it in leaks
information slightly), but given the schema of the note endpoint, I
don't think that would be possible without introducing some kind of
"ghost" user, who is attributed for posts by users who have you blocked.
* fix: primitives 21, 22, and 23: reuse resolver
This also increases the default `recursionLimit` for `Resolver`, as it
theoretically will go higher that it previously would and could possibly
fail on non-malicious collection activities.
* fix: primitives 25-33: proper local instance checks
* revert: fix: primitive 19 & 20
This reverts commit 465a9fe6591de90f78bd3d084e3c01e65dc3cf3c.
---------
Co-authored-by: Dakkar <dakkar@thenautilus.net>
Co-authored-by: Laura Hausmann <laura@hausmann.dev>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
(cherry picked from commit 5f675201f261d5db6a58d3099a190372bb2f09f0)
* refactor: use IdentifiableError instead of NoteCreateService.ContainsProhibitedWordsError
* fix: notes with prohibited words are reprocessed with delay
* docs(changelog): 禁止キーワードを含むノートがDelayed Queueに追加されて再処理される問題
* lint: fix lint errors
* fix: rethrowするべきなのにrethrowし忘れていたのを修正
* chore: Add the SPDX information to each file
Add copyright and licensing information as defined in version 3.0 of
the REUSE Specification.
* tweak format
---------
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
* copy block and mute then create follow and unfollow jobs
* copy block and mute and update lists when detecting an account has moved
* no need to care promise orders
* refactor updating actor and target
* automatically accept if a locked account had accepted an old account
* fix exception format
* prevent the old account from calling some endpoints
* do not unfollow when moving
* adjust following and follower counts
* check movedToUri when receiving a follow request
* skip if no need to adjust
* Revert "disable account migration"
This reverts commit 2321214c98.
* fix translation specifier
* fix checking alsoKnownAs and uri
* fix updating account
* fix refollowing locked account
* decrease followersCount if followed by the old account
* adjust following and followers counts when unfollowing
* fix copying mutings
* prohibit moved account from moving again
* fix move service
* allow app creation after moving
* fix lint
* remove unnecessary field
* fix cache update
* add e2e test
* add e2e test of accepting the new account automatically
* force follow if any error happens
* remove unnecessary joins
* use Array.map instead of for const of
* ユーザーリストの移行は追加のみを行う
* nanka iroiro
* fix misskey-js?
* ✌️
* 移行を行ったアカウントからのフォローリクエストの自動許可を調整
* newUriを外に出す
* newUriを外に出す2
* clean up
* fix newUri
* prevent moving if the destination account has already moved
* set alsoKnownAs via /i/update
* fix database initialization
* add return type
* prohibit updating alsoKnownAs after moving
* skip to add to alsoKnownAs if toUrl is known
* skip adding to the list if it already has
* use Acct.parse instead
* rename error code
* 🎨
* 制限を5から10に緩和
* movedTo(Uri), alsoKnownAsはユーザーidを返すように
* test api res
* fix
* 元アカウントはミュートし続ける
* 🎨
* unfollow
* fix
* getUserUriをUserEntityServiceに
* ?
* job!
* 🎨
* instance => server
* accountMovedShort, forbiddenBecauseYouAreMigrated
* accountMovedShort
* fix test
* import, pin禁止
* 実績を凍結する
* clean up
* ✌️
* change message
* ブロック, フォロー, ミュート, リストのインポートファイルの制限を32MiBに
* Revert "ブロック, フォロー, ミュート, リストのインポートファイルの制限を32MiBに"
This reverts commit 3bd7be35d8aa455cb01ae58f8172a71a50485db1.
* validateAlsoKnownAs
* 移行後2時間以内はインポート可能なファイルサイズを拡大
* clean up
* どうせactorをupdatePersonで更新するならupdatePersonしか移行処理を発行しないことにする
* handle error?
* リモートからの移行処理の条件を是正
* log, port
* fix
* fix
* enhance(dev): non-production環境でhttpサーバー間でもユーザー、ノートの連合が可能なように
* refactor (use checkHttps)
* MISSKEY_WEBFINGER_USE_HTTP
* Environment Variable readme
* NEVER USE IN PRODUCTION
* fix punyHost
* fix indent
* fix
* experimental
---------
Co-authored-by: tamaina <tamaina@hotmail.co.jp>
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
