Issue 9303: Detect AP accesses as backend, prevent ping pong
This commit is contained in:
parent
97f07b7518
commit
73a7df85f7
3 changed files with 25 additions and 5 deletions
|
@ -448,7 +448,7 @@ class App
|
||||||
Core\Worker::executeIfIdle();
|
Core\Worker::executeIfIdle();
|
||||||
}
|
}
|
||||||
|
|
||||||
if ($this->mode->isNormal()) {
|
if ($this->mode->isNormal() && !$this->mode->isBackend()) {
|
||||||
$requester = HTTPSignature::getSigner('', $_SERVER);
|
$requester = HTTPSignature::getSigner('', $_SERVER);
|
||||||
if (!empty($requester)) {
|
if (!empty($requester)) {
|
||||||
Profile::addVisitorCookieForHandle($requester);
|
Profile::addVisitorCookieForHandle($requester);
|
||||||
|
@ -456,7 +456,7 @@ class App
|
||||||
}
|
}
|
||||||
|
|
||||||
// ZRL
|
// ZRL
|
||||||
if (!empty($_GET['zrl']) && $this->mode->isNormal()) {
|
if (!empty($_GET['zrl']) && $this->mode->isNormal() && !$this->mode->isBackend()) {
|
||||||
if (!local_user()) {
|
if (!local_user()) {
|
||||||
// Only continue when the given profile link seems valid
|
// Only continue when the given profile link seems valid
|
||||||
// Valid profile links contain a path with "/profile/" and no query parameters
|
// Valid profile links contain a path with "/profile/" and no query parameters
|
||||||
|
|
|
@ -134,8 +134,15 @@ class Mode
|
||||||
*/
|
*/
|
||||||
public function determineRunMode(bool $isBackend, Module $module, array $server, MobileDetect $mobileDetect)
|
public function determineRunMode(bool $isBackend, Module $module, array $server, MobileDetect $mobileDetect)
|
||||||
{
|
{
|
||||||
$isBackend = $isBackend ||
|
$contenttypes = ['application/jrd+json', 'application/xrd+xml', 'text/xml',
|
||||||
$module->isBackend();
|
'application/rss+xml', 'application/atom+xml', 'application/activity+json'];
|
||||||
|
foreach ($contenttypes as $type) {
|
||||||
|
if (strpos(strtolower($server['HTTP_ACCEPT'] ?? ''), $type) !== false) {
|
||||||
|
$isBackend = true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$isBackend = $isBackend || $module->isBackend();
|
||||||
$isMobile = $mobileDetect->isMobile();
|
$isMobile = $mobileDetect->isMobile();
|
||||||
$isTablet = $mobileDetect->isTablet();
|
$isTablet = $mobileDetect->isTablet();
|
||||||
$isAjax = strtolower($server['HTTP_X_REQUESTED_WITH'] ?? '') == 'xmlhttprequest';
|
$isAjax = strtolower($server['HTTP_X_REQUESTED_WITH'] ?? '') == 'xmlhttprequest';
|
||||||
|
|
|
@ -22,8 +22,11 @@
|
||||||
namespace Friendica\Model;
|
namespace Friendica\Model;
|
||||||
|
|
||||||
use Friendica\Content\Text\HTML;
|
use Friendica\Content\Text\HTML;
|
||||||
|
use Friendica\Core\Cache\Duration;
|
||||||
use Friendica\Core\Logger;
|
use Friendica\Core\Logger;
|
||||||
|
use Friendica\Core\System;
|
||||||
use Friendica\Database\DBA;
|
use Friendica\Database\DBA;
|
||||||
|
use Friendica\DI;
|
||||||
use Friendica\Network\Probe;
|
use Friendica\Network\Probe;
|
||||||
use Friendica\Protocol\ActivityNamespace;
|
use Friendica\Protocol\ActivityNamespace;
|
||||||
use Friendica\Protocol\ActivityPub;
|
use Friendica\Protocol\ActivityPub;
|
||||||
|
@ -40,7 +43,7 @@ class APContact
|
||||||
* @param string $addr Address
|
* @param string $addr Address
|
||||||
* @return array webfinger data
|
* @return array webfinger data
|
||||||
*/
|
*/
|
||||||
public static function fetchWebfingerData(string $addr)
|
private static function fetchWebfingerData(string $addr)
|
||||||
{
|
{
|
||||||
$addr_parts = explode('@', $addr);
|
$addr_parts = explode('@', $addr);
|
||||||
if (count($addr_parts) != 2) {
|
if (count($addr_parts) != 2) {
|
||||||
|
@ -154,6 +157,16 @@ class APContact
|
||||||
return $fetched_contact;
|
return $fetched_contact;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Detect multiple fast repeating request to the same address
|
||||||
|
// See https://github.com/friendica/friendica/issues/9303
|
||||||
|
$cachekey = 'apcontact:getByURL:' . $url;
|
||||||
|
$result = DI::cache()->get($cachekey);
|
||||||
|
if (!is_null($result)) {
|
||||||
|
Logger::notice('Multiple requests for the address', ['url' => $url, 'update' => $update, 'callstack' => System::callstack(20), 'result' => $result]);
|
||||||
|
} else {
|
||||||
|
DI::cache()->set($cachekey, System::callstack(20), Duration::FIVE_MINUTES);
|
||||||
|
}
|
||||||
|
|
||||||
$apcontact['url'] = $compacted['@id'];
|
$apcontact['url'] = $compacted['@id'];
|
||||||
$apcontact['uuid'] = JsonLD::fetchElement($compacted, 'diaspora:guid', '@value');
|
$apcontact['uuid'] = JsonLD::fetchElement($compacted, 'diaspora:guid', '@value');
|
||||||
$apcontact['type'] = str_replace('as:', '', JsonLD::fetchElement($compacted, '@type'));
|
$apcontact['type'] = str_replace('as:', '', JsonLD::fetchElement($compacted, '@type'));
|
||||||
|
|
Loading…
Reference in a new issue