mirrors/misskey
1
0
Fork 1
mirror of https://github.com/misskey-dev/misskey.git synced 2026-05-19 17:05:35 +02:00
Code Releases Activity

fix: change bare activity.actor to getApId(activity.actor) in InboxPr… (#17340)

Browse Source 
* fix: change bare activity.actor to getApId(activity.actor) in InboxProcessorService (closes #17338)

* doc: update CHANGELOG.md to note fix for #17338

* fix: additional activity.actor wrappers in ApInboxService

* Update CHANGELOG.md

---------

Co-authored-by: かっこかり <67428053+kakkokari-gtyih@users.noreply.github.com>
Co-authored-by: syuilo <4439005+syuilo@users.noreply.github.com>
This commit is contained in:
Evan Prodromou
2026-04-25 22:39:16 -04:00
committed by GitHub
parent 1dc5c60b2b
commit 23715c649c
3 changed files with 11 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@@ -25,6 +25,7 @@
- Fix: robots.txtの内容を調整 - Fix: robots.txtの内容を調整
- Fix: 特定のユーザーに管理者権限を持つロールが複数ついている際に、取得できるユーザーIDが重複する問題を修正 - Fix: 特定のユーザーに管理者権限を持つロールが複数ついている際に、取得できるユーザーIDが重複する問題を修正
(Cherry-picked from https://github.com/lqvp/misskey-tempura/commit/17ed4108cec4b6bd2fd989db5a9091db91fa37a7) (Cherry-picked from https://github.com/lqvp/misskey-tempura/commit/17ed4108cec4b6bd2fd989db5a9091db91fa37a7)
- Fix: support activity with `actor` as an id string or embedded object in inbox processor and ActivityPub inbox service
- Fix: コンフィグファイルに `meilisearch` の設定がある状態でほかの検索プロバイダを利用すると、UI上からリモートのートの検索ができない問題を修正 - Fix: コンフィグファイルに `meilisearch` の設定がある状態でほかの検索プロバイダを利用すると、UI上からリモートのートの検索ができない問題を修正
## 2026.3.2 ## 2026.3.2

10
packages/backend/src/core/activitypub/ApInboxService.ts
View File

@@ -259,7 +259,7 @@ export class ApInboxService {
@bindThis @bindThis
private async add(actor: MiRemoteUser, activity: IAdd, resolver?: Resolver): Promise<string | void> { private async add(actor: MiRemoteUser, activity: IAdd, resolver?: Resolver): Promise<string | void> {
if (actor.uri !== activity.actor) { if (actor.uri !== getApId(activity.actor)) {
return 'invalid actor'; return 'invalid actor';
} }
@@ -469,7 +469,7 @@ export class ApInboxService {
@bindThis @bindThis
private async delete(actor: MiRemoteUser, activity: IDelete): Promise<string> { private async delete(actor: MiRemoteUser, activity: IDelete): Promise<string> {
if (actor.uri !== activity.actor) { if (actor.uri !== getApId(activity.actor)) {
return 'invalid actor'; return 'invalid actor';
} }
@@ -623,7 +623,7 @@ export class ApInboxService {
@bindThis @bindThis
private async remove(actor: MiRemoteUser, activity: IRemove, resolver?: Resolver): Promise<string | void> { private async remove(actor: MiRemoteUser, activity: IRemove, resolver?: Resolver): Promise<string | void> {
if (actor.uri !== activity.actor) { if (actor.uri !== getApId(activity.actor)) {
return 'invalid actor'; return 'invalid actor';
} }
@@ -643,7 +643,7 @@ export class ApInboxService {
@bindThis @bindThis
private async undo(actor: MiRemoteUser, activity: IUndo, resolver?: Resolver): Promise<string> { private async undo(actor: MiRemoteUser, activity: IUndo, resolver?: Resolver): Promise<string> {
if (actor.uri !== activity.actor) { if (actor.uri !== getApId(activity.actor)) {
return 'invalid actor'; return 'invalid actor';
} }
@@ -777,7 +777,7 @@ export class ApInboxService {
@bindThis @bindThis
private async update(actor: MiRemoteUser, activity: IUpdate, resolver?: Resolver): Promise<string> { private async update(actor: MiRemoteUser, activity: IUpdate, resolver?: Resolver): Promise<string> {
if (actor.uri !== activity.actor) { if (actor.uri !== getApId(activity.actor)) {
return 'skip: invalid actor'; return 'skip: invalid actor';
} }

10
packages/backend/src/queue/processors/InboxProcessorService.ts
View File

@@ -115,9 +115,9 @@ export class InboxProcessorService implements OnApplicationShutdown {
// 対象が4xxならスキップ // 対象が4xxならスキップ
if (err instanceof StatusError) { if (err instanceof StatusError) {
if (!err.isRetryable) { if (!err.isRetryable) {
throw new Bull.UnrecoverableError(`skip: Ignored deleted actors on both ends ${activity.actor} - ${err.statusCode}`); throw new Bull.UnrecoverableError(`skip: Ignored deleted actors on both ends ${getApId(activity.actor)} - ${err.statusCode}`);
} }
throw new Error(`Error in actor ${activity.actor} - ${err.statusCode}`); throw new Error(`Error in actor ${getApId(activity.actor)} - ${err.statusCode}`);
} }
} }
} }
@@ -136,7 +136,7 @@ export class InboxProcessorService implements OnApplicationShutdown {
const httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem); const httpSignatureValidated = httpSignature.verifySignature(signature, authUser.key.keyPem);
// また、signatureのsignerは、activity.actorと一致する必要がある // また、signatureのsignerは、activity.actorと一致する必要がある
if (!httpSignatureValidated || authUser.user.uri !== activity.actor) { if (!httpSignatureValidated || authUser.user.uri !== getApId(activity.actor)) {
// 一致しなくても、でもLD-Signatureがありそうならそっちも見る // 一致しなくても、でもLD-Signatureがありそうならそっちも見る
const ldSignature = activity.signature; const ldSignature = activity.signature;
if (ldSignature) { if (ldSignature) {
@@ -187,8 +187,8 @@ export class InboxProcessorService implements OnApplicationShutdown {
//#endregion //#endregion
// もう一度actorチェック // もう一度actorチェック
if (authUser.user.uri !== activity.actor) { if (authUser.user.uri !== getApId(activity.actor)) {
throw new Bull.UnrecoverableError(`skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${activity.actor})`); throw new Bull.UnrecoverableError(`skip: LD-Signature user(${authUser.user.uri}) !== activity.actor(${getApId(activity.actor)})`);
} }
const ldHost = this.utilityService.extractDbHost(authUser.user.uri); const ldHost = this.utilityService.extractDbHost(authUser.user.uri);