diff options
author | 2023-11-30 16:22:34 +0000 | |
---|---|---|
committer | 2023-11-30 16:22:34 +0000 | |
commit | eb170003b81504ba6eb85f950c223dc9eaf1cfca (patch) | |
tree | f1f9779e14875faa70f4db85a8cf19100633884d /internal/federation/federatingactor.go | |
parent | [bugfix] always go through status parent dereferencing on isNew, even on data... (diff) | |
download | gotosocial-eb170003b81504ba6eb85f950c223dc9eaf1cfca.tar.xz |
[bugfix] return 400 Bad Request on more cases of malformed AS data (#2399)
Diffstat (limited to 'internal/federation/federatingactor.go')
-rw-r--r-- | internal/federation/federatingactor.go | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/internal/federation/federatingactor.go b/internal/federation/federatingactor.go index 774fa30af..81f3c3281 100644 --- a/internal/federation/federatingactor.go +++ b/internal/federation/federatingactor.go @@ -200,13 +200,18 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr // // Post the activity to the Actor's inbox and trigger side effects . if err := f.sideEffectActor.PostInbox(ctx, inboxID, activity); err != nil { - // Special case: We know it is a bad request if the object or - // target properties needed to be populated, but weren't. + // Special case: We know it is a bad request if the object or target + // props needed to be populated, or we failed parsing activity details. // Send the rejection to the peer. - if errors.Is(err, pub.ErrObjectRequired) || errors.Is(err, pub.ErrTargetRequired) { - // Log the original error but return something a bit more generic. - log.Warnf(ctx, "malformed incoming activity: %v", err) - const text = "malformed activity: missing Object and / or Target" + if errors.Is(err, pub.ErrObjectRequired) || + errors.Is(err, pub.ErrTargetRequired) || + gtserror.IsMalformed(err) { + + // Log malformed activities to help debug. + l = l.WithField("activity", activity) + l.Warnf("malformed incoming activity: %v", err) + + const text = "malformed incoming activity" return false, gtserror.NewErrorBadRequest(errors.New(text), text) } @@ -234,7 +239,7 @@ func (f *federatingActor) PostInboxScheme(ctx context.Context, w http.ResponseWr // This check may be removed when the `Exists()` func // is updated, and/or federating callbacks are handled // properly. - if !errorsv2.Comparable( + if !errorsv2.IsV2( err, db.ErrAlreadyExists, db.ErrNoEntries, |