mirrors/barkey
1
0
Fork 0
mirror of https://codeberg.org/yeentown/barkey.git synced 2025-07-06 20:16:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

add same-authority check between fetched note and summary url

Browse source
This commit is contained in:
Hazelnoot 2025-05-05 10:37:04 -04:00
parent 633718ffe9
commit 1ac9625eea
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
packages/backend/src/server/web/UrlPreviewService.ts
View file

@ -297,7 +297,7 @@ export class UrlPreviewService {
// Finally, attempt a signed GET in case it's a direct link to an instance with authorized fetch. // Finally, attempt a signed GET in case it's a direct link to an instance with authorized fetch.
const instanceActor = await this.systemAccountService.getInstanceActor(); const instanceActor = await this.systemAccountService.getInstanceActor();
const remoteObject = await this.apRequestService.signedGet(summary.url, instanceActor).catch(() => null); const remoteObject = await this.apRequestService.signedGet(summary.url, instanceActor).catch(() => null);
if (remoteObject) { if (remoteObject && this.apUtilityService.haveSameAuthority(remoteObject.id, summary.url)) {
summary.activityPub = remoteObject.id; summary.activityPub = remoteObject.id;
return; return;
} }