summaryrefslogtreecommitdiff
path: root/internal/federation/federatingactor.go
diff options
context:
space:
mode:
authorLibravatar kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>2023-11-30 16:22:34 +0000
committerLibravatar GitHub <noreply@github.com>2023-11-30 16:22:34 +0000
commiteb170003b81504ba6eb85f950c223dc9eaf1cfca (patch)
treef1f9779e14875faa70f4db85a8cf19100633884d /internal/federation/federatingactor.go
parent[bugfix] always go through status parent dereferencing on isNew, even on data... (diff)
downloadgotosocial-eb170003b81504ba6eb85f950c223dc9eaf1cfca.tar.xz
[bugfix] return 400 Bad Request on more cases of malformed AS data (#2399)
Diffstat (limited to 'internal/federation/federatingactor.go')
-rw-r--r--internal/federation/federatingactor.go19
1 files changed, 12 insertions, 7 deletions
diff --git a/internal/federation/federatingactor.go b/internal/federation/federatingactor.go
index 774fa30af..81f3c3281 100644
--- a/internal/federation/federatingactor.go
+++ b/internal/federation/federatingactor.go
@@ -200,13 +200,18 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
//
// Post the activity to the Actor's inbox and trigger side effects .
if err := f.sideEffectActor.PostInbox(ctx, inboxID, activity); err != nil {
- // Special case: We know it is a bad request if the object or
- // target properties needed to be populated, but weren't.
+ // Special case: We know it is a bad request if the object or target
+ // props needed to be populated, or we failed parsing activity details.
// Send the rejection to the peer.
- if errors.Is(err, pub.ErrObjectRequired) || errors.Is(err, pub.ErrTargetRequired) {
- // Log the original error but return something a bit more generic.
- log.Warnf(ctx, "malformed incoming activity: %v", err)
- const text = "malformed activity: missing Object and / or Target"
+ if errors.Is(err, pub.ErrObjectRequired) ||
+ errors.Is(err, pub.ErrTargetRequired) ||
+ gtserror.IsMalformed(err) {
+
+ // Log malformed activities to help debug.
+ l = l.WithField("activity", activity)
+ l.Warnf("malformed incoming activity: %v", err)
+
+ const text = "malformed incoming activity"
return false, gtserror.NewErrorBadRequest(errors.New(text), text)
}
@@ -234,7 +239,7 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr
// This check may be removed when the `Exists()` func
// is updated, and/or federating callbacks are handled
// properly.
- if !errorsv2.Comparable(
+ if !errorsv2.IsV2(
err,
db.ErrAlreadyExists,
db.ErrNoEntries,