Improved Content-Type check on incoming requests

This commit is contained in:
Michael 2024-02-28 23:34:58 +00:00
parent f60638787e
commit 11a16589da
3 changed files with 36 additions and 30 deletions

View file

@ -77,6 +77,11 @@ class Inbox extends BaseApi
throw new \Friendica\Network\HTTPException\BadRequestException();
}
if (!HTTPSignature::isValidContentType($this->server['CONTENT_TYPE'] ?? '')) {
Logger::notice('Unexpected content type', ['content-type' => $this->server['CONTENT_TYPE'] ?? '', 'agent' => $this->server['HTTP_USER_AGENT'] ?? '']);
throw new \Friendica\Network\HTTPException\UnsupportedMediaTypeException();
}
if (DI::config()->get('debug', 'ap_inbox_log')) {
if (HTTPSignature::getSigner($postdata, $_SERVER)) {
$filename = 'signed-activitypub';

View file

@ -95,16 +95,17 @@ class ActivityPub
public static function isRequest(): bool
{
header('Vary: Accept', false);
$isrequest = stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/activity+json') ||
stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/json') ||
stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/ld+json');
if ($isrequest) {
if (stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/activity+json') || stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/ld+json')) {
Logger::debug('Is AP request', ['accept' => $_SERVER['HTTP_ACCEPT'], 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '']);
return true;
}
return $isrequest;
if (stristr($_SERVER['HTTP_ACCEPT'] ?? '', 'application/json')) {
Logger::debug('Is JSON request', ['accept' => $_SERVER['HTTP_ACCEPT'], 'agent' => $_SERVER['HTTP_USER_AGENT'] ?? '']);
return true;
}
return false;
}
private static function getAccountType(array $apcontact): int