activitypub 0.5.1 → 0.5.3

Sign up to get free protection for your applications and to get access to all the features.
Files changed (4) hide show
  1. checksums.yaml +4 -4
  2. data/lib/activitypub/resolvers.rb +9 -0
  3. data/lib/activitypub/version.rb +1 -1
  4. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 259eb9ee62ae1fdd8155792569764c2ed1725755463cdf97ad3ec1807bdcf88a
4
- data.tar.gz: b8758711d3bdd3eafe0747c7f16f279634f87ee67ad4c6ce3e18fada660a2648
3
+ metadata.gz: c79db959b5ea6174f498559a8e668e1a2428f2cf494733a73aea82b1a4408f5f
4
+ data.tar.gz: d07463295371863d4edbe55713e63614e078f578769d7527aebad5da11ee3fd8
5
5
  SHA512:
6
- metadata.gz: d38fe32f27c42f7ff652cbafdb7a97506d963bed70c94d49782da0a44396232b2236e0965bb08547928f73c7fcb9b232461cef384f051d51dd4000f1f22f6fd1
7
- data.tar.gz: 0a3c78633eae0eaf5a7f74c5cb424de24e4f0148c10209de6da8e2f956c3ed1e563cedda71c79c7a14bb19284b6081526d6a1d244f42a37069b435439b6fa586
6
+ metadata.gz: bd2f0229349ca5ab4a0f0a473b930f5a23e513484c6d0c063ee232495c3a1f30d85698c862f6044079f7e276b4b7f767a59a741c442da53bff2c639560c1e0e2
7
+ data.tar.gz: 9115b93cf7404621eca8056c087b3290a1a00aff3e48ef567ea12e5eb8d8ce0caa6ddd35c7bbd590118f0cfeeff88c6611679e8fa96d32cbb2ace4d69c4046fd
data/lib/activitypub/resolvers.rb CHANGED
@@ -1,6 +1,8 @@
1
1
 
2
2
  require 'uri'
3
3
  require 'faraday'
4
+ require 'socket'
5
+ require 'ipaddr'
4
6
 
5
7
  # Classes to resolve URI's into objects.
6
8
 
@@ -9,6 +11,13 @@ module ActivityPub
9
11
 
10
12
  class WebResolver
11
13
  def self.call(path)
14
+
15
+ uri = URI(path)
16
+ addr = IPAddr.new(IPSocket.getaddress(uri.host))
17
+ if addr.loopback? || addr.private? || addr.link_local?
18
+ raise "Local access denied"
19
+ end
20
+
12
21
  response = Faraday.get(path, {}, {"Accept": "application/activity+json"})
13
22
  if response.status == 200
14
23
  ActivityPub.from_json(response.body)
data/lib/activitypub/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module ActivityPub
4
- VERSION = "0.5.1"
4
+ VERSION = "0.5.3"
5
5
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: activitypub
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.5.1
4
+ version: 0.5.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Vidar Hokstad
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2024-07-20 00:00:00.000000000 Z
11
+ date: 2024-07-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: webfinger