autonomic-cooperative/hometown
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add ActivityPub secure mode (#11269)

Browse Source 
* Add HTTP signature requirement for served ActivityPub resources

* Change `SECURE_MODE` to `AUTHORIZED_FETCH`

* Add 'Signature' to 'Vary' header and improve code style

* Improve code style by adding `public_fetch_mode?` method
This commit is contained in:
Eugen Rochko
2019-07-11 20:11:09 +02:00
committed by GitHub
parent 4e1260feaa
commit 5bf67ca913
14 changed files with 89 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/controllers/activitypub/collections_controller.rb
View File

@ -4,12 +4,13 @@ class ActivityPub::CollectionsController < Api::BaseController
include SignatureVerification
include AccountOwnedConcern
before_action :require_signature!, if: :authorized_fetch_mode?
before_action :set_size
before_action :set_statuses
before_action :set_cache_headers
def show
expires_in 3.minutes, public: true
expires_in 3.minutes, public: public_fetch_mode?
render json: collection_presenter, content_type: 'application/activity+json', serializer: ActivityPub::CollectionSerializer, adapter: ActivityPub::Adapter, skip_activities: true
end