mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 15:55:13 +00:00
mopping up fep-8b32, also added FEP-2c59
This commit is contained in:
parent
df76f4966f
commit
bb5c7a2f76
4 changed files with 15 additions and 12 deletions
11
.gitignore
vendored
11
.gitignore
vendored
|
@ -49,12 +49,15 @@ view/theme/*
|
|||
view/theme/redbasic/schema/default.php
|
||||
# Doxygen API documentation, run 'doxygen util/Doxyfile' to generate it
|
||||
doc/html/
|
||||
# zotsh configuration files
|
||||
.zotshrc
|
||||
# nsh configuration files
|
||||
.nshrc
|
||||
# external repositories for themes/addons
|
||||
extend/
|
||||
# files generated by phpunit
|
||||
.phpunit.result.cache
|
||||
tests/results/
|
||||
tests/.phpunit.result.cache
|
||||
tests/.phpunit.cache
|
||||
|
||||
## exclude IDE files
|
||||
# config files and folders from Eclipse
|
||||
|
@ -69,10 +72,6 @@ nbproject/
|
|||
*.kdev4
|
||||
# PHPStorm
|
||||
.idea/
|
||||
.phpunit.result.cache
|
||||
tests/.phpunit.result.cache
|
||||
tests/.phpunit.cache
|
||||
|
||||
|
||||
## composer
|
||||
# locally installed composer binary
|
||||
|
|
|
@ -1679,6 +1679,7 @@ class Activity
|
|||
$ret['outbox'] = z_root() . '/outbox/' . $c['channel_address'];
|
||||
$ret['followers'] = z_root() . '/followers/' . $c['channel_address'];
|
||||
$ret['following'] = z_root() . '/following/' . $c['channel_address'];
|
||||
$ret['webfinger'] = 'acct:' . $c['channel_address'] . '@' . App::get_hostname();
|
||||
$ret['wall'] = z_root() . '/outbox/' . $c['channel_address'];
|
||||
|
||||
$ret['endpoints'] = [
|
||||
|
@ -4862,7 +4863,8 @@ class Activity
|
|||
'https://w3id.org/security/v1',
|
||||
'https://www.w3.org/ns/did/v1',
|
||||
'https://w3id.org/security/multikey/v1',
|
||||
// 'https://w3id.org/security/data-integrity/v1',
|
||||
'https://w3id.org/security/data-integrity/v1',
|
||||
'https://purl.archive.org/socialweb/webfinger',
|
||||
self::ap_schema($contextType)
|
||||
]];
|
||||
}
|
||||
|
|
|
@ -68,11 +68,15 @@ class Inbox extends Controller
|
|||
// By convention, fediverse server-to-server communications require a valid HTTP Signature
|
||||
// which includes a signed digest header.
|
||||
|
||||
if (!($hsig['header_signed'] && $hsig['header_valid'] && $hsig['content_signed'] && $hsig['content_valid'])) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
|
||||
$AS = new ActivityStreams($data, portable_id: $hsig['portable_id']);
|
||||
// FEP-8b32 valid object signatures take priority over HTTP-Signatures
|
||||
if (!$AS->sigok) {
|
||||
if (!($hsig['header_signed'] && $hsig['header_valid'] && $hsig['content_signed'] && $hsig['content_valid'])) {
|
||||
http_status_exit(403, 'Permission denied');
|
||||
}
|
||||
}
|
||||
|
||||
if (
|
||||
$AS->is_valid() && $AS->type === 'Announce' && is_array($AS->obj)
|
||||
&& array_key_exists('object', $AS->obj) && array_key_exists('actor', $AS->obj)
|
||||
|
|
2
util/nsh
2
util/nsh
|
@ -24,8 +24,6 @@ USER = None
|
|||
PASSWD = None
|
||||
VERIFY_SSL=True
|
||||
|
||||
|
||||
|
||||
class Completer():
|
||||
|
||||
matches = []
|
||||
|
|
Loading…
Reference in a new issue