From 9202c1973070f97c3fc028c75cddb6025ff68fe4 Mon Sep 17 00:00:00 2001 From: Django Doucet Date: Fri, 5 May 2023 14:39:33 -0600 Subject: [PATCH] Add secure mode to REST get requests --- includes/class-signature.php | 3 +-- includes/rest/class-server.php | 14 +++++++------- 2 files changed, 8 insertions(+), 9 deletions(-) diff --git a/includes/class-signature.php b/includes/class-signature.php index 59d20c7..47ab002 100644 --- a/includes/class-signature.php +++ b/includes/class-signature.php @@ -195,8 +195,7 @@ class Signature { } } - strtok( $signature_block['keyId'], '?'); - $public_key = \Activitypub\get_remote_metadata_by_actor( $signature_block['keyId'] ); // phpcs:ignore + $public_key = \Activitypub\get_remote_metadata_by_actor( strtok( strip_fragment_from_url( $signature_block['keyId'] ), '?' ) ); // phpcs:ignore if ( \is_wp_error( $public_key ) ) { return $public_key; } else { diff --git a/includes/rest/class-server.php b/includes/rest/class-server.php index fb3e569..585b68b 100644 --- a/includes/rest/class-server.php +++ b/includes/rest/class-server.php @@ -90,13 +90,13 @@ class Server { } } else { // SecureMode/Authorized fetch. - // $secure_mode = \get_option( 'activitypub_use_secure_mode', '0' ); - // if ( $secure_mode ) { - // $verified_request = Signature::verify_http_signature( $request ); - // if ( \is_wp_error( $verified_request ) ) { - // return $verified_request; - // } - // } + $secure_mode = \get_option( 'activitypub_use_secure_mode', '0' ); + if ( $secure_mode ) { + $verified_request = Signature::verify_http_signature( $request ); + if ( \is_wp_error( $verified_request ) ) { + return $verified_request; + } + } } } }