diff --git a/CHANGELOG.md b/CHANGELOG.md index 64b47883d4..df9c47df9b 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -42,6 +42,7 @@ You should also include the user name that made the change. - Server: Bug fix for Pinned Users lookup on instance @squidicuzz - Server: Fix peers API returning suspended instances @ineffyble - Server: trim long text of note from ap @syuilo +- Server: Ap inboxの最大ペイロードサイズを256kbに制限 @syuilo - Client: case insensitive emoji search @saschanaz - Client: InAppウィンドウが操作できなくなることがあるのを修正 @tamaina - Client: use proxied image for instance icon @syuilo diff --git a/packages/backend/src/server/ActivityPubServerService.ts b/packages/backend/src/server/ActivityPubServerService.ts index 0c3da39dbb..e76a8ef541 100644 --- a/packages/backend/src/server/ActivityPubServerService.ts +++ b/packages/backend/src/server/ActivityPubServerService.ts @@ -88,7 +88,6 @@ export class ActivityPubServerService { @bindThis private inbox(request: FastifyRequest, reply: FastifyReply) { - let signature; try { signature = httpSignature.parseRequest(request.raw, { 'headers': [] }); @@ -438,9 +437,9 @@ export class ActivityPubServerService { fastify.addContentTypeParser('application/ld+json', { parseAs: 'string' }, fastify.getDefaultJsonParser('ignore', 'ignore')); //#region Routing - // inbox - fastify.post('/inbox', async (request, reply) => await this.inbox(request, reply)); - fastify.post('/users/:user/inbox', async (request, reply) => await this.inbox(request, reply)); + // inbox (limit: 256kb) + fastify.post('/inbox', { bodyLimit: 1024 * 256 }, async (request, reply) => await this.inbox(request, reply)); + fastify.post('/users/:user/inbox', { bodyLimit: 1024 * 256 }, async (request, reply) => await this.inbox(request, reply)); // note fastify.get<{ Params: { note: string; } }>('/notes/:note', { constraints: { apOrHtml: 'ap' } }, async (request, reply) => {