gotosocial/internal/ap
tobi 469da93678
[security] Check all involved IRIs during block checking (#593)
* tidy up context keys, add otherInvolvedIRIs

* add ReplyToable interface

* skip block check if we own the requesting domain

* add block check for other involved IRIs

* use cacheable status fetch

* remove unused ContextActivity

* remove unused ContextActivity

* add helper for unique URIs

* check through CCs and clean slice

* add GetAccountIDForStatusURI

* add GetAccountIDForAccountURI

* check blocks on involved account

* add statuses to tests

* add some blocked tests

* go fmt

* extract Tos as well as CCs

* test PostInboxRequestBodyHook

* add some more testActivities

* deduplicate involvedAccountIDs

* go fmt

* use cacheable db functions, remove new functions
2022-05-23 11:46:50 +02:00
..
activitystreams.go Extend license notices to 2022 (#354) 2021-12-20 18:42:19 +01:00
contextkey.go [security] Check all involved IRIs during block checking (#593) 2022-05-23 11:46:50 +02:00
extract.go [bugfix] Fix CWs not showing sometimes (#488) 2022-04-26 10:47:21 +02:00
extract_test.go Extend license notices to 2022 (#354) 2021-12-20 18:42:19 +01:00
extractattachments_test.go tests are passing, but there's still much to be done 2022-01-09 18:41:22 +01:00
extractmentions_test.go Extend license notices to 2022 (#354) 2021-12-20 18:42:19 +01:00
extractsensitive_test.go Extend license notices to 2022 (#354) 2021-12-20 18:42:19 +01:00
extractvisibility_test.go Extend license notices to 2022 (#354) 2021-12-20 18:42:19 +01:00
interfaces.go [security] Check all involved IRIs during block checking (#593) 2022-05-23 11:46:50 +02:00