mirrors/barkey
1
0
Fork 0
mirror of https://codeberg.org/yeentown/barkey.git synced 2025-07-06 12:06:58 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

check that detected AP object is actually a note before recording it in UrlPreviewService

Browse source
This commit is contained in:
Hazelnoot 2025-06-07 18:50:28 -04:00
parent 73eeabc118
commit 36b85d62c2
1 changed files with 3 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
packages/backend/src/server/web/UrlPreviewService.ts
View file

@ -32,6 +32,7 @@ import type { MiLocalUser } from '@/models/User.js';
import { getIpHash } from '@/misc/get-ip-hash.js';
import { isRetryableError } from '@/misc/is-retryable-error.js';
import * as Acct from '@/misc/acct.js';
import { isNote } from '@/core/activitypub/type.js';
import type { FastifyRequest, FastifyReply } from 'fastify';
export type LocalSummalyResult = SummalyResult & {
@ -42,7 +43,7 @@ export type LocalSummalyResult = SummalyResult & {
};
// Increment this to invalidate cached previews after a major change.
const cacheFormatVersion = 3;
const cacheFormatVersion = 4;
type PreviewRoute = {
Querystring: {
@ -409,7 +410,7 @@ export class UrlPreviewService {
// Finally, attempt a signed GET in case it's a direct link to an instance with authorized fetch.
const instanceActor = await this.systemAccountService.getInstanceActor();
const remoteObject = await this.apRequestService.signedGet(summary.url, instanceActor).catch(() => null);
if (remoteObject && this.apUtilityService.haveSameAuthority(remoteObject.id, summary.url)) {
if (remoteObject && isNote(remoteObject) && this.apUtilityService.haveSameAuthority(remoteObject.id, summary.url)) {
summary.activityPub = remoteObject.id;
return;
}