StealEmojiPolicy: fix String rejected_shortcodes

* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
This commit is contained in:
Hélène 2022-05-18 21:25:10 +02:00
parent 4605efe272
commit a74ce2d77a
No known key found for this signature in database
GPG Key ID: A215F2E9F1589D62
2 changed files with 30 additions and 4 deletions

View File

@ -12,6 +12,14 @@ defmodule Pleroma.Web.ActivityPub.MRF.StealEmojiPolicy do
defp accept_host?(host), do: host in Config.get([:mrf_steal_emoji, :hosts], []) defp accept_host?(host), do: host in Config.get([:mrf_steal_emoji, :hosts], [])
defp shortcode_matches?(shortcode, pattern) when is_binary(pattern) do
shortcode == pattern
end
defp shortcode_matches?(shortcode, pattern) do
String.match?(shortcode, pattern)
end
defp steal_emoji({shortcode, url}, emoji_dir_path) do defp steal_emoji({shortcode, url}, emoji_dir_path) do
url = Pleroma.Web.MediaProxy.url(url) url = Pleroma.Web.MediaProxy.url(url)
@ -72,7 +80,7 @@ def filter(%{"object" => %{"emoji" => foreign_emojis, "actor" => actor}} = messa
reject_emoji? = reject_emoji? =
[:mrf_steal_emoji, :rejected_shortcodes] [:mrf_steal_emoji, :rejected_shortcodes]
|> Config.get([]) |> Config.get([])
|> Enum.find(false, fn regex -> String.match?(shortcode, regex) end) |> Enum.find(false, fn pattern -> shortcode_matches?(shortcode, pattern) end)
!reject_emoji? !reject_emoji?
end) end)
@ -122,8 +130,12 @@ def config_description do
%{ %{
key: :rejected_shortcodes, key: :rejected_shortcodes,
type: {:list, :string}, type: {:list, :string},
description: "Regex-list of shortcodes to reject", description: """
suggestions: [""] A list of patterns or matches to reject shortcodes with.
Each pattern can be a string or [Regex](https://hexdocs.pm/elixir/Regex.html) in the format of `~r/PATTERN/`.
""",
suggestions: ["foo", ~r/foo/]
}, },
%{ %{
key: :size_limit, key: :size_limit,

View File

@ -60,7 +60,7 @@ test "Steals emoji on unknown shortcode from allowed remote host", %{
|> File.exists?() |> File.exists?()
end end
test "reject shortcode", %{message: message} do test "reject regex shortcode", %{message: message} do
refute "firedfox" in installed() refute "firedfox" in installed()
clear_config(:mrf_steal_emoji, clear_config(:mrf_steal_emoji,
@ -74,6 +74,20 @@ test "reject shortcode", %{message: message} do
refute "firedfox" in installed() refute "firedfox" in installed()
end end
test "reject string shortcode", %{message: message} do
refute "firedfox" in installed()
clear_config(:mrf_steal_emoji,
hosts: ["example.org"],
size_limit: 284_468,
rejected_shortcodes: ["firedfox"]
)
assert {:ok, _message} = StealEmojiPolicy.filter(message)
refute "firedfox" in installed()
end
test "reject if size is above the limit", %{message: message} do test "reject if size is above the limit", %{message: message} do
refute "firedfox" in installed() refute "firedfox" in installed()