From 12724a3681b12ad8e369737fd458e44ade51f3be Mon Sep 17 00:00:00 2001 From: Django Doucet Date: Sun, 14 May 2023 22:53:11 -0600 Subject: [PATCH] Switch secure_mode to a filter --- activitypub.php | 1 + includes/class-activitypub.php | 2 +- includes/class-admin.php | 18 +++++++++--------- includes/rest/class-server.php | 2 +- templates/settings.php | 6 +++--- 5 files changed, 15 insertions(+), 14 deletions(-) diff --git a/activitypub.php b/activitypub.php index 4292684..378e999 100644 --- a/activitypub.php +++ b/activitypub.php @@ -25,6 +25,7 @@ function init() { \defined( 'ACTIVITYPUB_HASHTAGS_REGEXP' ) || \define( 'ACTIVITYPUB_HASHTAGS_REGEXP', '(?:(?<=\s)|(?<=

)|(?<=
)|^)#([A-Za-z0-9_]+)(?:(?=\s|[[:punct:]]|$))' ); \defined( 'ACTIVITYPUB_USERNAME_REGEXP' ) || \define( 'ACTIVITYPUB_USERNAME_REGEXP', '(?:([A-Za-z0-9_-]+)@((?:[A-Za-z0-9_-]+\.)+[A-Za-z]+))' ); \defined( 'ACTIVITYPUB_CUSTOM_POST_CONTENT' ) || \define( 'ACTIVITYPUB_CUSTOM_POST_CONTENT', "

[ap_title]

\n\n[ap_content]\n\n

[ap_hashtags]

\n\n

[ap_shortlink]

" ); + \defined( 'ACTIVITYPUB_SECURE_MODE' ) || \define( 'ACTIVITYPUB_SECURE_MODE', apply_filters( 'activitypub_secure_mode', $value = false ) ); \define( 'ACTIVITYPUB_PLUGIN_DIR', plugin_dir_path( __FILE__ ) ); \define( 'ACTIVITYPUB_PLUGIN_BASENAME', plugin_basename( __FILE__ ) ); diff --git a/includes/class-activitypub.php b/includes/class-activitypub.php index 30cc7d0..f7885cd 100644 --- a/includes/class-activitypub.php +++ b/includes/class-activitypub.php @@ -78,7 +78,7 @@ class Activitypub { \in_array( 'application/ld+json', $accept, true ) || \in_array( 'application/json', $accept, true ) ) { - if ( \get_option( 'activitypub_use_secure_mode', '0' ) ) { + if ( ACTIVITYPUB_SECURE_MODE ) { $verification = Signature::verify_http_signature( $_SERVER ); if ( \is_wp_error( $verification ) ) { // fallback as template_loader can't return http headers diff --git a/includes/class-admin.php b/includes/class-admin.php index 7a19e8e..4bc7b9c 100644 --- a/includes/class-admin.php +++ b/includes/class-admin.php @@ -144,15 +144,15 @@ class Admin { 'default' => array( 'post', 'pages' ), ) ); - \register_setting( - 'activitypub', - 'activitypub_use_secure_mode', - array( - 'type' => 'boolean', - 'description' => \__( 'Secure mode allows blocking servers from fetching public activities', 'activitypub' ), - 'default' => 0, - ) - ); + // \register_setting( + // 'activitypub', + // 'activitypub_use_secure_mode', + // array( + // 'type' => 'boolean', + // 'description' => \__( 'Secure mode allows blocking servers from fetching public activities', 'activitypub' ), + // 'default' => 0, + // ) + // ); } public static function schedule_migration() { diff --git a/includes/rest/class-server.php b/includes/rest/class-server.php index a2d837a..b5b55fd 100644 --- a/includes/rest/class-server.php +++ b/includes/rest/class-server.php @@ -94,7 +94,7 @@ class Server { } else { if ( '/activitypub/1.0/webfinger' !== $route ) { // SecureMode/Authorized fetch. - if ( \get_option( 'activitypub_use_secure_mode', '0' ) ) { + if ( ACTIVITYPUB_SECURE_MODE ) { $verified_request = Signature::verify_http_signature( $request ); if ( \is_wp_error( $verified_request ) ) { return $verified_request; diff --git a/templates/settings.php b/templates/settings.php index 6429688..1966c4f 100644 --- a/templates/settings.php +++ b/templates/settings.php @@ -171,7 +171,7 @@ - +