From 8810501a9725cf997138ff3e5708e3dc7615ded8 Mon Sep 17 00:00:00 2001
From: bashrc <bob@libreserver.org>
Date: Fri, 20 Feb 2026 11:41:50 +0000
Subject: [PATCH] Test for invalid nicknames in search requests

---
 daemon_post_search.py | 8 ++++++++
 tests.py              | 4 ++++
 2 files changed, 12 insertions(+)

diff --git a/daemon_post_search.py b/daemon_post_search.py
index dcceb9f5b..743e8da5a 100644
--- a/daemon_post_search.py
+++ b/daemon_post_search.py
@@ -21,6 +21,7 @@ from utils import get_domain_from_actor
 from utils import get_full_domain
 from utils import local_actor_url
 from utils import remove_eol
+from utils import valid_nickname
 from webapp_utils import get_avatar_image_url
 from webapp_search import html_hashtag_search
 from webapp_search import html_skills_search
@@ -493,8 +494,15 @@ def _receive_search_handle(self, search_str: str,
     # are we already following or followed by the searched
     # for handle?
     search_nickname = get_nickname_from_actor(search_str)
+    # check that nickname is valid, otherwise DNS resolution can fail
     search_domain, search_port = \
         get_domain_from_actor(search_str)
+    if search_nickname and search_domain:
+        if not valid_nickname(search_domain, search_nickname):
+            self.send_response(400)
+            self.end_headers()
+            self.server.postreq_busy = False
+            return True
     search_follower = \
         is_follower_of_person(base_dir, nickname, domain,
                               search_nickname, search_domain)
diff --git a/tests.py b/tests.py
index 1354871d6..544e9daa7 100644
--- a/tests.py
+++ b/tests.py
@@ -5205,6 +5205,10 @@ def _test_valid_nick():
     nickname = 'my invalid nick?'
     assert not valid_nickname(domain, nickname)
 
+    # causes http signature check failures
+    nickname = '你好'
+    assert not valid_nickname(domain, nickname)
+
 
 def _test_guess_tag_category() -> None:
     print('test_guess_hashtag_category')