Merge pull request #97 from immers-space/filter-fixes
fixup inboxFilter and bump apex
This commit is contained in:
commit
74c6a64367
4 changed files with 35 additions and 14 deletions
|
@ -1,3 +1,9 @@
|
||||||
|
## Unreleased
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
* Fix irrelevant activities filter and allow deletes and updates through
|
||||||
|
* Fixed unverifiable delete detection for duplicate deliveries
|
||||||
|
|
||||||
## v1.5.1 (2023-06-23)
|
## v1.5.1 (2023-06-23)
|
||||||
Efficiency and compatibility updates
|
Efficiency and compatibility updates
|
||||||
### Fixed
|
### Fixed
|
||||||
|
|
27
index.js
27
index.js
|
@ -92,16 +92,31 @@ async function actorOnDemand (req, res, next) {
|
||||||
} catch (err) { return next(err) }
|
} catch (err) { return next(err) }
|
||||||
next()
|
next()
|
||||||
}
|
}
|
||||||
// Lots of servers are delivering inappropriate activities to Guppe, move the filtering up earlier in the process to save work
|
const acceptablePublicActivities = ['delete', 'update']
|
||||||
apex.net.inbox.post.slice(
|
apex.net.inbox.post.splice(
|
||||||
// just after standardizing the jsonld
|
// just after standardizing the jsonld
|
||||||
apex.net.inbox.post.indexOf(apex.net.validators.jsonld) + 1,
|
apex.net.inbox.post.indexOf(apex.net.validators.jsonld) + 1,
|
||||||
0,
|
0,
|
||||||
function (req, res, next) {
|
function inboxLogger (req, res, next) {
|
||||||
try {
|
try {
|
||||||
const groupIRI = apex.utils.usernameToIRI(apex.actorParam)
|
console.log('%s from %s to %s', req.body.type, req.body.actor?.[0], req.params[apex.actorParam])
|
||||||
if (!apex.audienceFromActivity(req.body).includes(groupIRI) && !req.body.object?.[0] === groupIRI) {
|
} finally {
|
||||||
console.log('Ignoring irrelevant activity', req.body)
|
next()
|
||||||
|
}
|
||||||
|
},
|
||||||
|
// Lots of servers are delivering inappropriate activities to Guppe, move the filtering up earlier in the process to save work
|
||||||
|
function inboxFilter (req, res, next) {
|
||||||
|
try {
|
||||||
|
const groupIRI = apex.utils.usernameToIRI(req.params[apex.actorParam])
|
||||||
|
const activityAudience = apex.audienceFromActivity(req.body)
|
||||||
|
const activityType = req.body.type?.toLowerCase()
|
||||||
|
const activityObject = req.body.object?.[0]
|
||||||
|
if (
|
||||||
|
!activityAudience.includes(groupIRI) &&
|
||||||
|
activityObject !== groupIRI &&
|
||||||
|
!acceptablePublicActivities.includes(activityType)
|
||||||
|
) {
|
||||||
|
console.log('Ignoring irrelevant activity sent to %s: %j', groupIRI, req.body)
|
||||||
return res.status(202).send('Irrelevant activity ignored')
|
return res.status(202).send('Irrelevant activity ignored')
|
||||||
}
|
}
|
||||||
} catch (err) {
|
} catch (err) {
|
||||||
|
|
14
package-lock.json
generated
14
package-lock.json
generated
|
@ -10,7 +10,7 @@
|
||||||
"license": "AGPL-3.0-or-later",
|
"license": "AGPL-3.0-or-later",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@small-tech/auto-encrypt": "^3.1.0",
|
"@small-tech/auto-encrypt": "^3.1.0",
|
||||||
"activitypub-express": "^4.4.0",
|
"activitypub-express": "^4.4.1",
|
||||||
"connect-history-api-fallback": "^2.0.0",
|
"connect-history-api-fallback": "^2.0.0",
|
||||||
"cors": "^2.8.4",
|
"cors": "^2.8.4",
|
||||||
"dotenv": "^16.0.3",
|
"dotenv": "^16.0.3",
|
||||||
|
@ -1450,9 +1450,9 @@
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
"node_modules/activitypub-express": {
|
"node_modules/activitypub-express": {
|
||||||
"version": "4.4.0",
|
"version": "4.4.1",
|
||||||
"resolved": "https://registry.npmjs.org/activitypub-express/-/activitypub-express-4.4.0.tgz",
|
"resolved": "https://registry.npmjs.org/activitypub-express/-/activitypub-express-4.4.1.tgz",
|
||||||
"integrity": "sha512-viVA1g8FIEKM+f8nN5ow7MFJsevlu2j3HvCV91oDWWlLGR0JdW6uX30q46eZFiycJzAH3oMrTqPZTBjkjMfMbQ==",
|
"integrity": "sha512-pMh3ylzYFn/psSojmCCcpwV9Tqu2JIPGAVJu6o2M4nGyA1OXpSsaF67EVn2+r4tU1mqGsQWHWTWSqCn1KuzLkg==",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"deepmerge": "^4.2.2",
|
"deepmerge": "^4.2.2",
|
||||||
"express": "^4.18.0",
|
"express": "^4.18.0",
|
||||||
|
@ -7084,9 +7084,9 @@
|
||||||
"requires": {}
|
"requires": {}
|
||||||
},
|
},
|
||||||
"activitypub-express": {
|
"activitypub-express": {
|
||||||
"version": "4.4.0",
|
"version": "4.4.1",
|
||||||
"resolved": "https://registry.npmjs.org/activitypub-express/-/activitypub-express-4.4.0.tgz",
|
"resolved": "https://registry.npmjs.org/activitypub-express/-/activitypub-express-4.4.1.tgz",
|
||||||
"integrity": "sha512-viVA1g8FIEKM+f8nN5ow7MFJsevlu2j3HvCV91oDWWlLGR0JdW6uX30q46eZFiycJzAH3oMrTqPZTBjkjMfMbQ==",
|
"integrity": "sha512-pMh3ylzYFn/psSojmCCcpwV9Tqu2JIPGAVJu6o2M4nGyA1OXpSsaF67EVn2+r4tU1mqGsQWHWTWSqCn1KuzLkg==",
|
||||||
"requires": {
|
"requires": {
|
||||||
"deepmerge": "^4.2.2",
|
"deepmerge": "^4.2.2",
|
||||||
"express": "^4.18.0",
|
"express": "^4.18.0",
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
"main": "index.js",
|
"main": "index.js",
|
||||||
"dependencies": {
|
"dependencies": {
|
||||||
"@small-tech/auto-encrypt": "^3.1.0",
|
"@small-tech/auto-encrypt": "^3.1.0",
|
||||||
"activitypub-express": "^4.4.0",
|
"activitypub-express": "^4.4.1",
|
||||||
"connect-history-api-fallback": "^2.0.0",
|
"connect-history-api-fallback": "^2.0.0",
|
||||||
"cors": "^2.8.4",
|
"cors": "^2.8.4",
|
||||||
"dotenv": "^16.0.3",
|
"dotenv": "^16.0.3",
|
||||||
|
|
Loading…
Reference in a new issue