HTTP署名パースにおいてDateとサーバー時間のズレは両方向に300sを許容するように

https://github.com/misskey-dev/misskey/issues/14273#issuecomment-2241244494
This commit is contained in:
tamaina 2024-07-21 03:02:35 +09:00
parent 88085fd59c
commit 7503fc8145
1 changed files with 6 additions and 2 deletions

View File

@ -28,10 +28,10 @@ import { UserEntityService } from '@/core/entities/UserEntityService.js';
import { bindThis } from '@/decorators.js'; import { bindThis } from '@/decorators.js';
import { IActivity } from '@/core/activitypub/type.js'; import { IActivity } from '@/core/activitypub/type.js';
import { isQuote, isRenote } from '@/misc/is-renote.js'; import { isQuote, isRenote } from '@/misc/is-renote.js';
import type { FastifyInstance, FastifyRequest, FastifyReply, FastifyPluginOptions, FastifyBodyParser } from 'fastify';
import type { FindOptionsWhere } from 'typeorm';
import { LoggerService } from '@/core/LoggerService.js'; import { LoggerService } from '@/core/LoggerService.js';
import Logger from '@/logger.js'; import Logger from '@/logger.js';
import type { FastifyInstance, FastifyRequest, FastifyReply, FastifyPluginOptions, FastifyBodyParser } from 'fastify';
import type { FindOptionsWhere } from 'typeorm';
const ACTIVITY_JSON = 'application/activity+json; charset=utf-8'; const ACTIVITY_JSON = 'application/activity+json; charset=utf-8';
const LD_JSON = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"; charset=utf-8'; const LD_JSON = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"; charset=utf-8';
@ -128,6 +128,10 @@ export class ActivityPubServerService {
requiredInputs: { requiredInputs: {
draft: ['(request-target)', 'digest', 'host', 'date'], draft: ['(request-target)', 'digest', 'host', 'date'],
}, },
clockSkew: {
forward: 300_000,
delay: 300_000,
},
}); });
} catch (err) { } catch (err) {
this.inboxLogger.warn('signature header parsing failed', { err }); this.inboxLogger.warn('signature header parsing failed', { err });