From 9bef0c2057f2b77efd68c5b17c1004a8746cdc33 Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 1 Jun 2025 17:49:21 +0000 Subject: [PATCH] Issue 14879: Fix activity trust check --- src/Protocol/ActivityPub/Receiver.php | 7 +++++-- src/Util/JsonLD.php | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/src/Protocol/ActivityPub/Receiver.php b/src/Protocol/ActivityPub/Receiver.php index c217d491ca..1cb1cb0649 100644 --- a/src/Protocol/ActivityPub/Receiver.php +++ b/src/Protocol/ActivityPub/Receiver.php @@ -644,16 +644,19 @@ class Receiver return true; } } else { - $attributed_to = ''; + $attributed_to = null; } // Test the provided signatures against the actor and "attributedTo" if ($trust_source) { - if ($attributed_to !== false && $attributed_to !== '') { + if (!is_null($attributed_to)) { $trust_source = (in_array($actor, $signer) && in_array($attributed_to, $signer)); } else { $trust_source = in_array($actor, $signer); } + if (!$trust_source) { + DI::logger()->info('Actor missmatch. Activity trust could not be achieved.', ['type' => $type, 'signer' => $signer, 'actor' => $actor, 'attributedTo' => $attributed_to]); + } } // Lemmy announces activities. diff --git a/src/Util/JsonLD.php b/src/Util/JsonLD.php index afca8d79ba..676c944381 100644 --- a/src/Util/JsonLD.php +++ b/src/Util/JsonLD.php @@ -286,7 +286,7 @@ class JsonLD * @param $type * @param $type_value * - * @return string|null fetched element + * @return mixed|null fetched element. If the element is not found, null is returned. */ public static function fetchElement($array, $element, $key = '@id', $type = null, $type_value = null) { -- 2.39.5