diff options
author | Maxence Lange <maxence@artificial-owl.com> | 2019-01-07 09:40:51 -0100 |
---|---|---|
committer | Backportbot <backportbot-noreply@rullzer.com> | 2019-01-09 15:09:09 +0000 |
commit | 9a8a736a49a0f1443c772c03a1b7e7499cb09408 (patch) | |
tree | 40d49b7d1ac20f8759f013e5925e0e11e80e00d3 /lib/webfinger.php | |
parent | f4bf12e61bf719a122a813832a5c13465b32c6e8 (diff) |
check address of the account
Signed-off-by: Maxence Lange <maxence@artificial-owl.com>
Diffstat (limited to 'lib/webfinger.php')
-rw-r--r-- | lib/webfinger.php | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/lib/webfinger.php b/lib/webfinger.php index 70a6f0fc..7d8f1fe0 100644 --- a/lib/webfinger.php +++ b/lib/webfinger.php @@ -31,6 +31,7 @@ namespace OCA\Social; use Exception; use OCA\Social\Service\CacheActorService; +use OCA\Social\Service\ConfigService; require_once(__DIR__ . '/../appinfo/autoload.php'); @@ -51,10 +52,16 @@ if ($type !== 'acct') { } -$username = substr($account, 0, strrpos($account, '@')); +list($username, $instance) = explode('@', $account); try { $cacheActorService = \OC::$server->query(CacheActorService::class); + $configService = \OC::$server->query(ConfigService::class); + + if ($configService->getCloudAddress(true) !== $instance) { + throw new Exception(); + } + $cacheActorService->getFromLocalAccount($username); } catch (Exception $e) { http_response_code(404); |