Fix trying to fetch key from empty URI when verifying HTTP signature (#16100)

master
Eugen Rochko 3 years ago committed by GitHub
parent 422df9d670
commit f627d2eb93
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      app/helpers/jsonld_helper.rb
  2. 2
      app/services/activitypub/fetch_remote_key_service.rb

@ -67,7 +67,7 @@ module JsonLdHelper
unless id
json = fetch_resource_without_id_validation(uri, on_behalf_of)
return unless json
return if !json.is_a?(Hash) || unsupported_uri_scheme?(json['id'])
uri = json['id']
end

@ -5,6 +5,8 @@ class ActivityPub::FetchRemoteKeyService < BaseService
# Returns account that owns the key
def call(uri, id: true, prefetched_body: nil)
return if uri.blank?
if prefetched_body.nil?
if id
@json = fetch_resource_without_id_validation(uri)

Loading…
Cancel
Save