Fix the following of accounts with "?" in the URL

This commit is contained in:
Michael 2024-10-16 03:00:20 +00:00
parent c4aaff181c
commit 93536f31e8
7 changed files with 27 additions and 13 deletions

View file

@ -78,7 +78,7 @@ class VCard
if (in_array($rel, [Contact::SHARING, Contact::FRIEND])) { if (in_array($rel, [Contact::SHARING, Contact::FRIEND])) {
$unfollow_link = 'contact/unfollow?url=' . urlencode($contact_url) . '&auto=1'; $unfollow_link = 'contact/unfollow?url=' . urlencode($contact_url) . '&auto=1';
} elseif (!$pending) { } elseif (!$pending) {
$follow_link = 'contact/follow?url=' . urlencode($contact_url) . '&auto=1'; $follow_link = 'contact/follow?binurl=' . bin2hex($contact_url) . '&auto=1';
} }
} }

View file

@ -1225,7 +1225,7 @@ class Contact
if ($contact['uid'] && in_array($contact['rel'], [self::SHARING, self::FRIEND])) { if ($contact['uid'] && in_array($contact['rel'], [self::SHARING, self::FRIEND])) {
$unfollow_link = 'contact/unfollow?url=' . urlencode($contact['url']) . '&auto=1'; $unfollow_link = 'contact/unfollow?url=' . urlencode($contact['url']) . '&auto=1';
} elseif (!$contact['pending']) { } elseif (!$contact['pending']) {
$follow_link = 'contact/follow?url=' . urlencode($contact['url']) . '&auto=1'; $follow_link = 'contact/follow?binurl=' . bin2hex($contact['url']) . '&auto=1';
} }
} }

View file

@ -325,7 +325,7 @@ class Profile
if ($visitor_is_following) { if ($visitor_is_following) {
$unfollow_link = $visitor_base_path . '/contact/unfollow?url=' . urlencode($profile_url) . '&auto=1'; $unfollow_link = $visitor_base_path . '/contact/unfollow?url=' . urlencode($profile_url) . '&auto=1';
} else { } else {
$follow_link = $visitor_base_path . '/contact/follow?url=' . urlencode($profile_url) . '&auto=1'; $follow_link = $visitor_base_path . '/contact/follow?binurl=' . bin2hex($profile_url) . '&auto=1';
} }
} }

View file

@ -56,11 +56,15 @@ class Follow extends BaseModule
throw new ForbiddenException($this->t('Access denied.')); throw new ForbiddenException($this->t('Access denied.'));
} }
if (isset($request['cancel']) || empty($request['url'])) { if (!empty($request['follow-url'])) {
$this->baseUrl->redirect('contact'); $this->baseUrl->redirect('contact/follow?binurl=' . bin2hex($request['follow-url']));
} }
$url = Probe::cleanURI($request['url']); $url = $this->getUrl($request);
if (isset($request['cancel']) || empty($url)) {
$this->baseUrl->redirect('contact');
}
$this->process($url); $this->process($url);
} }
@ -77,7 +81,7 @@ class Follow extends BaseModule
$uid = $this->session->getLocalUserId(); $uid = $this->session->getLocalUserId();
// uri is used by the /authorize_interaction Mastodon route // uri is used by the /authorize_interaction Mastodon route
$url = Probe::cleanURI(trim($request['uri'] ?? $request['url'] ?? '')); $url = $this->getUrl($request);
// Issue 6874: Allow remote following from Peertube // Issue 6874: Allow remote following from Peertube
if (strpos($url, 'acct:') === 0) { if (strpos($url, 'acct:') === 0) {
@ -182,7 +186,7 @@ class Follow extends BaseModule
protected function process(string $url) protected function process(string $url)
{ {
$returnPath = 'contact/follow?url=' . urlencode($url); $returnPath = 'contact/follow?binurl=' . bin2hex($url);
$result = Contact::createFromProbeForUser($this->session->getLocalUserId(), $url); $result = Contact::createFromProbeForUser($this->session->getLocalUserId(), $url);
@ -227,4 +231,14 @@ class Follow extends BaseModule
return; return;
} }
} }
private function getUrl(array $request): string
{
if (!empty($request['binurl']) && Strings::isHex($request['binurl'])) {
$url = hex2bin($request['binurl']);
} else {
$url = $request['url'] ?? '';
}
return Probe::cleanURI($url);
}
} }

View file

@ -477,7 +477,7 @@ class Profile extends BaseModule
} else { } else {
$contact_actions['follow'] = [ $contact_actions['follow'] = [
'label' => $this->t('Follow'), 'label' => $this->t('Follow'),
'url' => 'contact/follow?url=' . urlencode($contact['url']) . '&auto=1', 'url' => 'contact/follow?binurl=' . bin2hex($contact['url']) . '&auto=1',
'title' => '', 'title' => '',
'sel' => '', 'sel' => '',
'id' => 'follow', 'id' => 'follow',

View file

@ -8,8 +8,8 @@
<div id="follow-sidebar" class="widget"> <div id="follow-sidebar" class="widget">
<h3>{{$connect}}</h3> <h3>{{$connect}}</h3>
<div id="connect-desc">{{$desc nofilter}}</div> <div id="connect-desc">{{$desc nofilter}}</div>
<form action="contact/follow" method="get"> <form action="contact/follow" method="post">
<input id="side-follow-url" type="text" name="url" value="{{$value}}" size="24" placeholder="{{$hint}}" title="{{$hint}}" /><input id="side-follow-submit" type="submit" name="submit" value="{{$follow}}" /> <input id="side-follow-url" type="text" name="follow-url" value="{{$value}}" size="24" placeholder="{{$hint}}" title="{{$hint}}" /><input id="side-follow-submit" type="submit" name="submit" value="{{$follow}}" />
</form> </form>
</div> </div>

View file

@ -8,10 +8,10 @@
<div id="follow-sidebar" class="widget"> <div id="follow-sidebar" class="widget">
<h3>{{$connect}}</h3> <h3>{{$connect}}</h3>
<form action="contact/follow" method="get"> <form action="contact/follow" method="post">
{{* The input field - For visual consistence we are using a search input field*}} {{* The input field - For visual consistence we are using a search input field*}}
<div class="form-group form-group-search"> <div class="form-group form-group-search">
<input id="side-follow-url" class="search-input form-control form-search" type="text" name="url" value="{{$value}}" placeholder="{{$hint}}" data-toggle="tooltip" title="{{$hint}}" /> <input id="side-follow-url" class="search-input form-control form-search" type="text" name="follow-url" value="{{$value}}" placeholder="{{$hint}}" data-toggle="tooltip" title="{{$hint}}" />
<button id="side-follow-submit" class="btn btn-default btn-sm form-button-search" type="submit">{{$follow}}</button> <button id="side-follow-submit" class="btn btn-default btn-sm form-button-search" type="submit">{{$follow}}</button>
</div> </div>
</form> </form>