Switch secure_mode to a filter

This commit is contained in:
Django Doucet 2023-05-14 22:53:11 -06:00
parent 7456d36834
commit 12724a3681
5 changed files with 15 additions and 14 deletions

View file

@ -25,6 +25,7 @@ function init() {
\defined( 'ACTIVITYPUB_HASHTAGS_REGEXP' ) || \define( 'ACTIVITYPUB_HASHTAGS_REGEXP', '(?:(?<=\s)|(?<=<p>)|(?<=<br>)|^)#([A-Za-z0-9_]+)(?:(?=\s|[[:punct:]]|$))' );
\defined( 'ACTIVITYPUB_USERNAME_REGEXP' ) || \define( 'ACTIVITYPUB_USERNAME_REGEXP', '(?:([A-Za-z0-9_-]+)@((?:[A-Za-z0-9_-]+\.)+[A-Za-z]+))' );
\defined( 'ACTIVITYPUB_CUSTOM_POST_CONTENT' ) || \define( 'ACTIVITYPUB_CUSTOM_POST_CONTENT', "<p><strong>[ap_title]</strong></p>\n\n[ap_content]\n\n<p>[ap_hashtags]</p>\n\n<p>[ap_shortlink]</p>" );
\defined( 'ACTIVITYPUB_SECURE_MODE' ) || \define( 'ACTIVITYPUB_SECURE_MODE', apply_filters( 'activitypub_secure_mode', $value = false ) );
\define( 'ACTIVITYPUB_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
\define( 'ACTIVITYPUB_PLUGIN_BASENAME', plugin_basename( __FILE__ ) );

View file

@ -78,7 +78,7 @@ class Activitypub {
\in_array( 'application/ld+json', $accept, true ) ||
\in_array( 'application/json', $accept, true )
) {
if ( \get_option( 'activitypub_use_secure_mode', '0' ) ) {
if ( ACTIVITYPUB_SECURE_MODE ) {
$verification = Signature::verify_http_signature( $_SERVER );
if ( \is_wp_error( $verification ) ) {
// fallback as template_loader can't return http headers

View file

@ -144,15 +144,15 @@ class Admin {
'default' => array( 'post', 'pages' ),
)
);
\register_setting(
'activitypub',
'activitypub_use_secure_mode',
array(
'type' => 'boolean',
'description' => \__( 'Secure mode allows blocking servers from fetching public activities', 'activitypub' ),
'default' => 0,
)
);
// \register_setting(
// 'activitypub',
// 'activitypub_use_secure_mode',
// array(
// 'type' => 'boolean',
// 'description' => \__( 'Secure mode allows blocking servers from fetching public activities', 'activitypub' ),
// 'default' => 0,
// )
// );
}
public static function schedule_migration() {

View file

@ -94,7 +94,7 @@ class Server {
} else {
if ( '/activitypub/1.0/webfinger' !== $route ) {
// SecureMode/Authorized fetch.
if ( \get_option( 'activitypub_use_secure_mode', '0' ) ) {
if ( ACTIVITYPUB_SECURE_MODE ) {
$verified_request = Signature::verify_http_signature( $request );
if ( \is_wp_error( $verified_request ) ) {
return $verified_request;

View file

@ -171,7 +171,7 @@
</tbody>
</table>
<table class="form-table">
<!-- <table class="form-table">
<tbody>
<tr>
<th scope="row">
@ -179,12 +179,12 @@
</th>
<td>
<p>
<label><input type="checkbox" name="activitypub_use_secure_mode" id="activitypub_use_secure_mode" value="1" <?php echo \checked( '1', \get_option( 'activitypub_use_secure_mode', '0' ) ); ?> /> <?php echo wp_kses( \__( 'In secure mode every ActivityPub request must be signed. This disallows anonymous requests and prevents serving content to servers listed in the Blocklist.', 'activitypub' ), 'default' ); ?></label>
<label><input type="checkbox" name="activitypub_use_secure_mode" id="activitypub_use_secure_mode" value="1" <?php echo \checked( '1', \get_option( 'activitypub_use_secure_mode', '0' ) ); ?> /> <?php echo wp_kses( \__( 'In secure mode every ActivityPub request must be signed. This disallows anonymous requests and prevents serving content to servers listed in the Blocklist. WARNING this disallows caching so will affect server performance', 'activitypub' ), 'default' ); ?></label>
</p>
</td>
</tr>
</tbody>
</table>
</table> -->
<?php \do_settings_fields( 'activitypub', 'server' ); ?>