aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorAriadne Conill <ariadne@dereferenced.org>2019-07-14 17:47:08 +0000
committerAriadne Conill <ariadne@dereferenced.org>2019-07-14 17:47:08 +0000
commit739bbe0d3bbe06ca9d634498ea5909f35fc5ad84 (patch)
tree7be3db46ffca2240ba392c6ed1e359af53a60b00 /lib
parent93701c3399add8af2d4a5d43b6f171d84655a533 (diff)
downloadpleroma-739bbe0d3bbe06ca9d634498ea5909f35fc5ad84.tar.gz
security: detect object containment violations at the IR level
It is more efficient to check for object containment violations at the IR level instead of in the protocol handlers. OStatus containment is especially a tricky situation, as the containment rules don't match those of IR and ActivityPub. Accordingly, we just always do a final containment check at the IR level before the object is added to the IR object graph.
Diffstat (limited to 'lib')
-rw-r--r--lib/pleroma/object/containment.ex8
-rw-r--r--lib/pleroma/web/activity_pub/activity_pub.ex2
2 files changed, 10 insertions, 0 deletions
diff --git a/lib/pleroma/object/containment.ex b/lib/pleroma/object/containment.ex
index ada9da0bb..f077a9f32 100644
--- a/lib/pleroma/object/containment.ex
+++ b/lib/pleroma/object/containment.ex
@@ -48,6 +48,9 @@ defmodule Pleroma.Object.Containment do
end
end
+ def contain_origin(id, %{"attributedTo" => actor} = params),
+ do: contain_origin(id, Map.put(params, "actor", actor))
+
def contain_origin_from_id(_id, %{"id" => nil}), do: :error
def contain_origin_from_id(id, %{"id" => other_id} = _params) do
@@ -60,4 +63,9 @@ defmodule Pleroma.Object.Containment do
:error
end
end
+
+ def contain_child(%{"object" => %{"id" => id, "attributedTo" => _} = object}),
+ do: contain_origin(id, object)
+
+ def contain_child(_), do: :ok
end
diff --git a/lib/pleroma/web/activity_pub/activity_pub.ex b/lib/pleroma/web/activity_pub/activity_pub.ex
index a3174a787..87963b691 100644
--- a/lib/pleroma/web/activity_pub/activity_pub.ex
+++ b/lib/pleroma/web/activity_pub/activity_pub.ex
@@ -8,6 +8,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
alias Pleroma.Conversation
alias Pleroma.Notification
alias Pleroma.Object
+ alias Pleroma.Object.Containment
alias Pleroma.Object.Fetcher
alias Pleroma.Pagination
alias Pleroma.Repo
@@ -126,6 +127,7 @@ defmodule Pleroma.Web.ActivityPub.ActivityPub do
{:ok, map} <- MRF.filter(map),
{recipients, _, _} = get_recipients(map),
{:fake, false, map, recipients} <- {:fake, fake, map, recipients},
+ :ok <- Containment.contain_child(map),
{:ok, map, object} <- insert_full_object(map) do
{:ok, activity} =
Repo.insert(%Activity{
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-24 20:20:36 +0000