mirror
/
conduit
mirror of https://gitlab.com/famedly/conduit.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix: Do not allow fetching cached remote users' profiles over federation

Nyaaori/full-profile-directory
Nyaaori 3 years ago
parent
3ac3bdbac0
commit
f458916919
No known key found for this signature in database
GPG Key ID: E7819C3ED4D1F82E
1 changed files with 7 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 7
      src/api/server_server.rs

7
src/api/server_server.rs
Unescape View File

@ -1716,6 +1716,13 @@ pub async fn get_profile_information_route(
return Err(Error::bad_config("Federation is disabled."));
}
if body.user_id.server_name() != services().globals.server_name() {
return Err(Error::BadRequest(
ErrorKind::NotFound,
"User does not belong to this server",
));
}
let mut displayname = None;
let mut avatar_url = None;
let mut blurhash = None;

Write Preview
Loading…
Cancel
Save