@fedify/fedify 0.14.0-dev.344 → 0.14.0-dev.345

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/CHANGES.md +6 -0
  2. package/esm/vocab/actor.js +13 -1
  3. package/esm/webfinger/lookup.js +11 -4
  4. package/package.json +1 -1
  5. package/types/vocab/actor.d.ts.map +1 -1
  6. package/types/webfinger/lookup.d.ts.map +1 -1
package/CHANGES.md CHANGED
@@ -79,6 +79,12 @@ To be released.
79
79
  applicable to `format: "compact"`. Otherwise, it throws
80
80
  a `TypeError`.
81
81
 
82
+ - The `getActorHandle()` function now supports cross-origin WebFinger
83
+ resources.
84
+
85
+ - The `lookupWebFinger()` and `getActorHandle()` functions no more throw
86
+ an error when they fail to reach the WebFinger resource.
87
+
82
88
  - Now `fedify init` generates a default *tsconfig.json* file on Node.js and
83
89
  Bun, and fills the *deno.json* file with the default `compilerOptions` on
84
90
  Deno.
package/esm/vocab/actor.js CHANGED
@@ -87,8 +87,10 @@ export async function getActorHandle(actor, options = {}) {
87
87
  const match = alias.match(/^acct:([^@]+)@([^@]+)$/);
88
88
  if (match != null) {
89
89
  const hostname = new URL(`https://${match[2]}/`).hostname;
90
- if (hostname !== actorId.hostname)
90
+ if (hostname !== actorId.hostname &&
91
+ !await verifyCrossOriginActorHandle(actorId.href, alias)) {
91
92
  continue;
93
+ }
92
94
  return normalizeActorHandle(`@${match[1]}@${match[2]}`, options);
93
95
  }
94
96
  }
@@ -100,6 +102,16 @@ export async function getActorHandle(actor, options = {}) {
100
102
  }
101
103
  throw new TypeError("Actor does not have enough information to get the handle.");
102
104
  }
105
+ async function verifyCrossOriginActorHandle(actorId, alias) {
106
+ const response = await lookupWebFinger(alias);
107
+ if (response == null)
108
+ return false;
109
+ for (const alias of response.aliases ?? []) {
110
+ if (new URL(alias).href === actorId)
111
+ return true;
112
+ }
113
+ return false;
114
+ }
103
115
  /**
104
116
  * Normalizes the given actor handle.
105
117
  * @param handle The full handle of the actor to normalize.
package/esm/webfinger/lookup.js CHANGED
@@ -27,10 +27,17 @@ export async function lookupWebFinger(resource) {
27
27
  url.searchParams.set("resource", resource.href);
28
28
  while (true) {
29
29
  logger.debug("Fetching WebFinger resource descriptor from {url}...", { url: url.href });
30
- const response = await fetch(url, {
31
- headers: { Accept: "application/jrd+json" },
32
- redirect: "manual",
33
- });
30
+ let response;
31
+ try {
32
+ response = await fetch(url, {
33
+ headers: { Accept: "application/jrd+json" },
34
+ redirect: "manual",
35
+ });
36
+ }
37
+ catch (error) {
38
+ logger.debug("Failed to fetch WebFinger resource descriptor: {error}", { url: url.href, error });
39
+ return null;
40
+ }
34
41
  if (response.status >= 300 && response.status < 400 &&
35
42
  response.headers.has("Location")) {
36
43
  url = new URL(response.headers.get("Location"));
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@fedify/fedify",
3
- "version": "0.14.0-dev.344+533fbb6d",
3
+ "version": "0.14.0-dev.345+786bfc4f",
4
4
  "description": "An ActivityPub server framework",
5
5
  "keywords": [
6
6
  "ActivityPub",
package/types/vocab/actor.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"actor.d.ts","sourceRoot":"","sources":["../../src/vocab/actor.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAE/E;;;GAGG;AACH,MAAM,MAAM,KAAK,GAAG,WAAW,GAAG,KAAK,GAAG,YAAY,GAAG,MAAM,GAAG,OAAO,CAAC;AAE1E;;;;GAIG;AACH,wBAAgB,OAAO,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,IAAI,KAAK,CAQxD;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GACrB,aAAa,GACb,OAAO,GACP,cAAc,GACd,QAAQ,GACR,SAAS,CAAC;AAEd;;;;GAIG;AACH,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,KAAK,GACX,aAAa,CAOf;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,aAAa,GAErB,OAAO,WAAW,GAClB,OAAO,KAAK,GACZ,OAAO,YAAY,GACnB,OAAO,MAAM,GACb,OAAO,OAAO,CAcjB;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAsB,cAAc,CAClC,KAAK,EAAE,KAAK,GAAG,GAAG,EAClB,OAAO,GAAE,2BAAgC,GACxC,OAAO,CAAC,IAAI,MAAM,IAAI,MAAM,EAAE,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC,CA6BzD;AAED;;;GAGG;AACH,MAAM,WAAW,2BAA2B;IAC1C;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,2BAAgC,GACxC,IAAI,MAAM,IAAI,MAAM,EAAE,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAahD;AAED;;;;GAIG;AACH,MAAM,WAAW,SAAS;IACxB;;OAEG;IACH,QAAQ,CAAC,EAAE,EAAE,GAAG,GAAG,IAAI,CAAC;IAExB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,GAAG,GAAG,IAAI,CAAC;IAE7B;;OAEG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE;QACnB;;WAEG;QACH,WAAW,EAAE,GAAG,GAAG,IAAI,CAAC;KACzB,GAAG,IAAI,CAAC;CACV"}
1
+ {"version":3,"file":"actor.d.ts","sourceRoot":"","sources":["../../src/vocab/actor.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAE/E;;;GAGG;AACH,MAAM,MAAM,KAAK,GAAG,WAAW,GAAG,KAAK,GAAG,YAAY,GAAG,MAAM,GAAG,OAAO,CAAC;AAE1E;;;;GAIG;AACH,wBAAgB,OAAO,CAAC,MAAM,EAAE,OAAO,GAAG,MAAM,IAAI,KAAK,CAQxD;AAED;;GAEG;AACH,MAAM,MAAM,aAAa,GACrB,aAAa,GACb,OAAO,GACP,cAAc,GACd,QAAQ,GACR,SAAS,CAAC;AAEd;;;;GAIG;AACH,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,KAAK,GACX,aAAa,CAOf;AAED;;;;GAIG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,aAAa,GAErB,OAAO,WAAW,GAClB,OAAO,KAAK,GACZ,OAAO,YAAY,GACnB,OAAO,MAAM,GACb,OAAO,OAAO,CAcjB;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAsB,cAAc,CAClC,KAAK,EAAE,KAAK,GAAG,GAAG,EAClB,OAAO,GAAE,2BAAgC,GACxC,OAAO,CAAC,IAAI,MAAM,IAAI,MAAM,EAAE,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAAC,CAkCzD;AAcD;;;GAGG;AACH,MAAM,WAAW,2BAA2B;IAC1C;;;OAGG;IACH,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB;;;OAGG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED;;;;;;;GAOG;AACH,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,2BAAgC,GACxC,IAAI,MAAM,IAAI,MAAM,EAAE,GAAG,GAAG,MAAM,IAAI,MAAM,EAAE,CAahD;AAED;;;;GAIG;AACH,MAAM,WAAW,SAAS;IACxB;;OAEG;IACH,QAAQ,CAAC,EAAE,EAAE,GAAG,GAAG,IAAI,CAAC;IAExB;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,GAAG,GAAG,IAAI,CAAC;IAE7B;;OAEG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE;QACnB;;WAEG;QACH,WAAW,EAAE,GAAG,GAAG,IAAI,CAAC;KACzB,GAAG,IAAI,CAAC;CACV"}
package/types/webfinger/lookup.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"lookup.d.ts","sourceRoot":"","sources":["../../src/webfinger/lookup.ts"],"names":[],"mappings":";AACA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAInD;;;;;GAKG;AACH,wBAAsB,eAAe,CACnC,QAAQ,EAAE,GAAG,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAuDpC"}
1
+ {"version":3,"file":"lookup.d.ts","sourceRoot":"","sources":["../../src/webfinger/lookup.ts"],"names":[],"mappings":";AACA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAC;AAInD;;;;;GAKG;AACH,wBAAsB,eAAe,CACnC,QAAQ,EAAE,GAAG,GAAG,MAAM,GACrB,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAgEpC"}