notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[backend/federation] Make publish/update date checks stricter (ISH-687)

Browse source
This commit is contained in:
Laura Hausmann 2025-01-19 09:59:43 +01:00
parent cd76e82a1e
commit 1bb199bf59
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 8 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Iceshrimp.Backend/Core/Services/NoteService.cs
View file

@ -964,9 +964,12 @@ public class NoteService(
return null;
}
if (note.PublishedAt is null or { Year: < 2007 } || note.PublishedAt > DateTime.Now + TimeSpan.FromDays(3))
if (note.PublishedAt is null or { Year: < 2007 } || note.PublishedAt > DateTime.Now + TimeSpan.FromMinutes(5))
throw GracefulException.UnprocessableEntity("Note.PublishedAt is nonsensical");
if (note.PublishedAt > DateTime.Now)
note.PublishedAt = DateTime.Now;
if (replyUri != null)
{
if (reply == null && note.Name != null)
@ -1084,11 +1087,14 @@ public class NoteService(
throw GracefulException.Forbidden("User is suspended");
if (dbNote.UpdatedAt != null && dbNote.UpdatedAt > updatedAt)
throw GracefulException.UnprocessableEntity("Note update is older than last known version");
if (updatedAt.Year < 2007 || updatedAt > DateTime.Now + TimeSpan.FromDays(3))
if (updatedAt.Year < 2007 || updatedAt > DateTime.Now + TimeSpan.FromMinutes(5))
throw GracefulException.UnprocessableEntity("updatedAt is nonsensical");
if (actor.Host == null)
throw GracefulException.UnprocessableEntity("User.Host is null");
if (note.UpdatedAt > DateTime.Now)
note.UpdatedAt = DateTime.Now;
var mentionData = await ResolveNoteMentionsAsync(note);
var text = note.MkContent;