snac2

Fork of https://codeberg.org/grunfink/snac2
git clone https://git.inz.fi/snac2
Log | Files | Refs | README | LICENSE
commit 46cfc37f2bfe03baa4d6feadf7155483c8797459
parent 8b176292d60975f498a5a1564ab66393a9f4fd5b
Author: default <nobody@localhost>
Date:   Fri, 18 Aug 2023 18:21:52 +0200

Be more strict when serving note objects.

Diffstat:

Mactivitypub.c | 4++++


1 file changed, 4 insertions(+), 0 deletions(-)

diff --git a/activitypub.c b/activitypub.c
@@ -2059,6 +2059,10 @@ int activitypub_get_handler(const xs_dict *req, const char *q_path,
         xs *id = xs_fmt("%s/%s", snac.actor, p_path);
 
         status = object_get(id, &msg);
+
+        /* don't return non-public objects */
+        if (valid_status(status) && !is_msg_public(msg))
+            status = 404;
     }
     else
         status = 404;