Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-26 21:10:16 +00:00
Code Issues Projects Releases Packages Wiki Activity

Return 400 error code on malformed request. Fixes #14281

Browse source
This commit is contained in:
Matthew Exon 2024-07-08 19:23:20 +02:00
parent 491a5cab53
commit 1701156a18
1 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/Module/Xrd.php
View file

@ -26,6 +26,7 @@ use Friendica\Core\System;
use Friendica\DI; use Friendica\DI;
use Friendica\Model\Photo; use Friendica\Model\Photo;
use Friendica\Model\User; use Friendica\Model\User;
use Friendica\Network\HTTPException\BadRequestException;
use Friendica\Network\HTTPException\NotFoundException; use Friendica\Network\HTTPException\NotFoundException;
use Friendica\Protocol\ActivityNamespace; use Friendica\Protocol\ActivityNamespace;
use Friendica\Protocol\Salmon; use Friendica\Protocol\Salmon;
@ -68,13 +69,15 @@ class Xrd extends BaseModule
if (substr($uri, 0, 4) === 'http') { if (substr($uri, 0, 4) === 'http') {
$name = ltrim(basename($uri), '~'); $name = ltrim(basename($uri), '~');
$host = parse_url($uri, PHP_URL_HOST); $host = parse_url($uri, PHP_URL_HOST);
} else { } else if (substr($uri, 0, 4) === 'acct') {
$local = str_replace('acct:', '', $uri); $local = str_replace('acct:', '', $uri);
if (substr($local, 0, 2) == '//') { if (substr($local, 0, 2) == '//') {
$local = substr($local, 2); $local = substr($local, 2);
} }
list($name, $host) = explode('@', $local); list($name, $host) = explode('@', $local);
} else {
throw new BadRequestException();
} }
if (!empty($host) && $host !== DI::baseUrl()->getHost()) { if (!empty($host) && $host !== DI::baseUrl()->getHost()) {