From a74ce2d77a53873b3edceeda7287b299c7922a8c Mon Sep 17 00:00:00 2001 From: Hélène Date: Wed, 18 May 2022 21:25:10 +0200 Subject: StealEmojiPolicy: fix String rejected_shortcodes * rejected_shortcodes is defined as a list of strings in the configuration description. As such, database-based configuration was led to handle those settings as strings, and not as the actually expected type, Regex. * This caused each message passing through this MRF, if a rejected shortcode was set and the emoji did not exist already on the instance, to fail federating, as an exception was raised, swiftly caught and mostly silenced. * This commit fixes the issue by introducing new behavior: strings are now handled as perfect matches for an emoji shortcode (meaning that if the emoji-to-be-pulled's shortcode is in the blacklist, it will be rejected), while still supporting Regex types as before. --- lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex | 18 +++++++++++++++--- .../web/activity_pub/mrf/steal_emoji_policy_test.exs | 16 +++++++++++++++- 2 files changed, 30 insertions(+), 4 deletions(-) diff --git a/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex b/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex index 06305235e..f66c379b5 100644 --- a/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/steal_emoji_policy.ex @@ -12,6 +12,14 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do defp accept_host?(host), do: host in Config.get([:mrf_steal_emoji, :hosts], []) + defp shortcode_matches?(shortcode, pattern) when is_binary(pattern) do + shortcode == pattern + end + + defp shortcode_matches?(shortcode, pattern) do + String.match?(shortcode, pattern) + end + defp steal_emoji({shortcode, url}, emoji_dir_path) do url = Pleroma.Web.MediaProxy.url(url) @@ -72,7 +80,7 @@ def filter(%{"object" => %{"emoji" => foreign_emojis, "actor" => actor}} = messa reject_emoji? = [:mrf_steal_emoji, :rejected_shortcodes] |> Config.get([]) - |> Enum.find(false, fn regex -> String.match?(shortcode, regex) end) + |> Enum.find(false, fn pattern -> shortcode_matches?(shortcode, pattern) end) !reject_emoji? end) @@ -122,8 +130,12 @@ def config_description do %{ key: :rejected_shortcodes, type: {:list, :string}, - description: "Regex-list of shortcodes to reject", - suggestions: [""] + description: """ + A list of patterns or matches to reject shortcodes with. + + Each pattern can be a string or [Regex](https://hexdocs.pm/elixir/Regex.html) in the format of `~r/PATTERN/`. + """, + suggestions: ["foo", ~r/foo/] }, %{ key: :size_limit, diff --git a/test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs b/test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs index c537670f2..89d32352f 100644 --- a/test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs +++ b/test/pleroma/web/activity_pub/mrf/steal_emoji_policy_test.exs @@ -60,7 +60,7 @@ test "Steals emoji on unknown shortcode from allowed remote host", %{ |> File.exists?() end - test "reject shortcode", %{message: message} do + test "reject regex shortcode", %{message: message} do refute "firedfox" in installed() clear_config(:mrf_steal_emoji, @@ -74,6 +74,20 @@ test "reject shortcode", %{message: message} do refute "firedfox" in installed() end + test "reject string shortcode", %{message: message} do + refute "firedfox" in installed() + + clear_config(:mrf_steal_emoji, + hosts: ["example.org"], + size_limit: 284_468, + rejected_shortcodes: ["firedfox"] + ) + + assert {:ok, _message} = StealEmojiPolicy.filter(message) + + refute "firedfox" in installed() + end + test "reject if size is above the limit", %{message: message} do refute "firedfox" in installed() -- cgit v1.2.3