diff options
| author |  default | 2023-06-19 17:39:53 +0200 |
|---|---|---|
| committer | default | 2023-06-19 17:39:53 +0200 |
| commit | 96b879175442b8c48a38d5b9f8bf0fddeec3a4d4 (patch) | |
| tree | 4c406526e11c22088433a80cd2872401ab590fde | |
| parent | Fixed crash in _object_fn_by_md5(). (diff) | |
| download | snac2-96b879175442b8c48a38d5b9f8bf0fddeec3a4d4.tar.gz snac2-96b879175442b8c48a38d5b9f8bf0fddeec3a4d4.tar.xz snac2-96b879175442b8c48a38d5b9f8bf0fddeec3a4d4.zip | |
Defend from kbin.social messages not having a content-type header.
| -rw-r--r-- | activitypub.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/activitypub.c b/activitypub.c index e6af8bf..5523b65 100644 --- a/activitypub.c +++ b/activitypub.c | |||
| @@ -90,6 +90,9 @@ int activitypub_request(snac *snac, const char *url, xs_dict **data) | |||
| 90 | /* ensure it's ActivityPub data */ | 90 | /* ensure it's ActivityPub data */ |
| 91 | ctype = xs_dict_get(response, "content-type"); | 91 | ctype = xs_dict_get(response, "content-type"); |
| 92 | 92 | ||
| 93 | if (xs_is_null(ctype)) | ||
| 94 | status = 400; | ||
| 95 | else | ||
| 93 | if (xs_str_in(ctype, "application/activity+json") != -1 || | 96 | if (xs_str_in(ctype, "application/activity+json") != -1 || |
| 94 | xs_str_in(ctype, "application/ld+json") != -1) | 97 | xs_str_in(ctype, "application/ld+json") != -1) |
| 95 | *data = xs_json_loads(payload); | 98 | *data = xs_json_loads(payload); |