Actor validation for arriving posts

2021-02-15 10:06:49 +00:00 · 2021-02-15 10:06:49 +00:00 · ea23f01df2
parent 01385fbdfe
commit ea23f01df2
2 changed files with 25 additions and 1 deletions
--- a/outbox.py
+++ b/outbox.py
@ -14,6 +14,7 @@ from posts import outboxMessageCreateWrap
 from posts import savePostToBox
 from posts import sendToFollowersThread
 from posts import sendToNamedAddresses
+from utils import getLocalNetworkAddresses
 from utils import getFullDomain
 from utils import removeIdEnding
 from utils import getDomainFromActor
@ -114,6 +115,23 @@ def postMessageToOutbox(messageJson: {}, postToNickname: str,
                          'Create does not have the "to" parameter ' +
                          str(messageJson))
            return False
+
+        # actor should be a string
+        if not isinstance(messageJson['actor'], str):
+            return False
+
+        # actor should look like a url
+        if '://' not in messageJson['actor'] or \
+           '.' not in messageJson['actor']:
+            return False
+
+        # sent by an actor on a local network address?
+        if not allowLocalNetworkAccess:
+            localNetworkPatternList = getLocalNetworkAddresses()
+            for localNetworkPattern in localNetworkPatternList:
+                if localNetworkPattern in messageJson['actor']:
+                    return False
+
        testDomain, testPort = getDomainFromActor(messageJson['actor'])
        testDomain = getFullDomain(testDomain, testPort)
        if isBlockedDomain(baseDir, testDomain):
--- a/utils.py
+++ b/utils.py
@ -605,6 +605,12 @@ def urlPermitted(url: str, federationList: []):
    return False


+def getLocalNetworkAddresses() -> []:
+    """Returns patterns for local network address detection
+    """
+    return ('localhost', '127.0.', '192.168', '10.0.')
+
+
 def dangerousMarkup(content: str, allowLocalNetworkAccess: bool) -> bool:
    """Returns true if the given content contains dangerous html markup
    """
@ -615,7 +621,7 @@ def dangerousMarkup(content: str, allowLocalNetworkAccess: bool) -> bool:
    contentSections = content.split('<')
    invalidPartials = ()
    if not allowLocalNetworkAccess:
-        invalidPartials = ('localhost', '127.0.', '192.168', '10.0.')
+        invalidPartials = getLocalNetworkAddresses()
    invalidStrings = ('script', 'canvas', 'style', 'abbr',
                      'frame', 'iframe', 'html', 'body',
                      'hr', 'allow-popups', 'allow-scripts')