From 5b307c0417320942c796e180c4a7ae50b07ef175 Mon Sep 17 00:00:00 2001 From: Mikael Nordfeldth Date: Tue, 13 Oct 2015 23:37:26 +0200 Subject: [PATCH] Add a url test in Notice::saveActivity --- classes/Notice.php | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/classes/Notice.php b/classes/Notice.php index 2725d6c724..6d9ab31ac7 100644 --- a/classes/Notice.php +++ b/classes/Notice.php @@ -784,6 +784,26 @@ class Notice extends Managed_DataObject } } + $autosource = common_config('public', 'autosource'); + + // Sandboxed are non-false, but not 1, either + if (!$actor->hasRight(Right::PUBLICNOTICE) || + ($source && $autosource && in_array($source, $autosource))) { + $stored->is_local = Notice::LOCAL_NONPUBLIC; + } else { + $stored->is_local = $is_local; + } + + if (!$stored->isLocal()) { + // Only do these checks for non-local notices. Local notices will generate these values later. + if (!common_valid_http_url($url)) { + common_debug('Bad notice URL: ['.$url.'], URI: ['.$uri.']. Cannot link back to original! This is normal for shared notices etc.'); + } + if (empty($uri)) { + throw new ServerException('No URI for remote notice. Cannot accept that.'); + } + } + $stored->profile_id = $actor->id; $stored->source = $source; $stored->uri = $uri; @@ -796,16 +816,6 @@ class Notice extends Managed_DataObject : $act->content; $stored->content = common_strip_html($stored->rendered); - $autosource = common_config('public', 'autosource'); - - // Sandboxed are non-false, but not 1, either - if (!$actor->hasRight(Right::PUBLICNOTICE) || - ($source && $autosource && in_array($source, $autosource))) { - $stored->is_local = Notice::LOCAL_NONPUBLIC; - } else { - $stored->is_local = $is_local; - } - // Maybe a missing act-time should be fatal if the actor is not local? if (!empty($act->time)) { $stored->created = common_sql_date($act->time); -- 2.39.5