From 9c0fcf0e06e7380f00f79a0117a4a7cbda10d94e Mon Sep 17 00:00:00 2001
From: riku6460 <17585784+riku6460@users.noreply.github.com>
Date: Tue, 12 Sep 2023 02:56:51 +0900
Subject: [PATCH] =?UTF-8?q?deliver-delayed=20=E3=81=A7=20URL=20=E3=81=AE?=
 =?UTF-8?q?=E3=83=91=E3=83=BC=E3=82=B9=E3=81=AB=E5=A4=B1=E6=95=97=E3=81=97?=
 =?UTF-8?q?=E3=81=9F=E9=9A=9B=E3=81=AB=E5=85=A8=E3=81=A6=E3=81=8C=E3=82=B3?=
 =?UTF-8?q?=E3=82=B1=E3=82=8B=E5=95=8F=E9=A1=8C=E3=82=92=E4=BF=AE=E6=AD=A3?=
 =?UTF-8?q?=20(#164)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* deliver-delayed で URL のパースに失敗した際に全てがコケる問題を修正

* validateActor に inbox / sharedInbox のバリデーションを追加

* fix quote

* 念のため inbox-delayed も
---
 .../core/activitypub/models/ApPersonService.ts    | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/packages/backend/src/core/activitypub/models/ApPersonService.ts b/packages/backend/src/core/activitypub/models/ApPersonService.ts
index 73281078e5..b32d2af3bb 100644
--- a/packages/backend/src/core/activitypub/models/ApPersonService.ts
+++ b/packages/backend/src/core/activitypub/models/ApPersonService.ts
@@ -156,6 +156,21 @@ export class ApPersonService implements OnModuleInit {
 			throw new Error('invalid Actor: wrong inbox');
 		}
 
+		try {
+			new URL(x.inbox);
+		} catch {
+			throw new Error('invalid Actor: wrong inbox');
+		}
+
+		const sharedInbox = x.sharedInbox ?? x.endpoints?.sharedInbox;
+		if (typeof sharedInbox === 'string') {
+			try {
+				new URL(sharedInbox);
+			} catch {
+				throw new Error('invalid Actor: wrong sharedInbox');
+			}
+		}
+
 		if (!(typeof x.preferredUsername === 'string' && x.preferredUsername.length > 0 && x.preferredUsername.length <= 128 && /^\w([\w-.]*\w)?$/.test(x.preferredUsername))) {
 			throw new Error('invalid Actor: wrong username');
 		}