notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[backend/federation] Add extra guard clauses to UserService

Browse source 
This should be caught by WebFingerService, but more checks are always a good idea.
This commit is contained in:
Laura Hausmann 2024-10-29 16:10:39 +01:00
parent d36fa802d8
commit 5d1e1ed05d
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
Iceshrimp.Backend/Core/Services/UserService.cs
View file

@ -104,6 +104,8 @@ public class UserService(
logger.LogDebug("Creating user {acct} with uri {uri}", acct, uri); logger.LogDebug("Creating user {acct} with uri {uri}", acct, uri);
var host = AcctToTuple(acct).Host ?? throw new Exception("Host must not be null at this stage"); var host = AcctToTuple(acct).Host ?? throw new Exception("Host must not be null at this stage");
if (host == instance.Value.WebDomain || host == instance.Value.AccountDomain)
throw GracefulException.UnprocessableEntity("Refusing to create remote user on local instance domain");
if (await fedCtrlSvc.ShouldBlockAsync(uri, host)) if (await fedCtrlSvc.ShouldBlockAsync(uri, host))
throw GracefulException.UnprocessableEntity("Refusing to create user on blocked instance"); throw GracefulException.UnprocessableEntity("Refusing to create user on blocked instance");