Event-Federation/wordpress-activitypub
Event-Federation/wordpress-activitypub
7
1
Fork 0
Code Issues 3 Pull requests Projects Releases Wiki Activity Actions

ignore www subdomain when comparing hosts

Browse source 
fix #290
This commit is contained in:
Matthias Pfefferle 2023-04-25 20:44:54 +02:00
parent b2751b4721
commit ca646588d2
1 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
includes/rest/class-webfinger.php
View file

@ -54,15 +54,16 @@ class Webfinger {
$resource = \str_replace( 'acct:', '', $resource ); $resource = \str_replace( 'acct:', '', $resource );
$resource_identifier = \substr( $resource, 0, \strrpos( $resource, '@' ) ); $resource_identifier = \substr( $resource, 0, \strrpos( $resource, '@' ) );
$resource_host = \substr( \strrchr( $resource, '@' ), 1 ); $resource_host = \str_replace( 'www.', '', \substr( \strrchr( $resource, '@' ), 1 ) );
$blog_host = \str_replace( 'www.', '', \wp_parse_url( \home_url( '/' ), \PHP_URL_HOST ) );
if ( \wp_parse_url( \home_url( '/' ), \PHP_URL_HOST ) !== $resource_host ) { if ( $blog_host !== $resource_host ) {
return new WP_Error( 'activitypub_wrong_host', \__( 'Resource host does not match blog host', 'activitypub' ), array( 'status' => 404 ) ); return new WP_Error( 'activitypub_wrong_host', \__( 'Resource host does not match blog host', 'activitypub' ), array( 'status' => 404 ) );
} }
$user = \get_user_by( 'login', \esc_sql( $resource_identifier ) ); $user = \get_user_by( 'login', \esc_sql( $resource_identifier ) );
if ( ! $user || ! user_can( $user, 'publish_posts' ) ) { if ( ! $user || ! \user_can( $user, 'publish_posts' ) ) {
return new WP_Error( 'activitypub_user_not_found', \__( 'User not found', 'activitypub' ), array( 'status' => 404 ) ); return new WP_Error( 'activitypub_user_not_found', \__( 'User not found', 'activitypub' ), array( 'status' => 404 ) );
} }