diff --git a/lib/pleroma/web/activity_pub/mrf.ex b/lib/pleroma/web/activity_pub/mrf.ex index dae6d7f6a..6ecd62c99 100644 --- a/lib/pleroma/web/activity_pub/mrf.ex +++ b/lib/pleroma/web/activity_pub/mrf.ex @@ -161,10 +161,17 @@ defp get_policies(_), do: [] # - https://extra.baddomain.net/ # Does NOT match the following: # - https://maybebaddomain.net/ + + # *.baddomain.net def subdomain_regex("*." <> domain), do: subdomain_regex(domain) + # baddomain.net def subdomain_regex(domain) do - ~r/^(.+\.)?#{Regex.escape(domain)}$/i + if String.ends_with?(domain, ".*") do + ~r/^(.+\.)?#{Regex.escape(String.replace_suffix(domain, ".*", ""))}\.(.+)$/i + else + ~r/^(.+\.)?#{Regex.escape(domain)}$/i + end end @spec subdomains_regex([String.t()]) :: [Regex.t()] diff --git a/test/pleroma/web/activity_pub/mrf_test.exs b/test/pleroma/web/activity_pub/mrf_test.exs index 86ad0ab6b..7359398fe 100644 --- a/test/pleroma/web/activity_pub/mrf_test.exs +++ b/test/pleroma/web/activity_pub/mrf_test.exs @@ -48,6 +48,31 @@ test "wildcard domains with two subdomains" do refute MRF.subdomain_match?(regexes, "sub.unsafe.tldanother") end + test "wildcard on the tld" do + regexes = MRF.subdomains_regex(["somewhere.*"]) + + assert regexes == [~r/^(.+\.)?somewhere\.(.+)$/i] + + assert MRF.subdomain_match?(regexes, "somewhere.net") + assert MRF.subdomain_match?(regexes, "somewhere.com") + assert MRF.subdomain_match?(regexes, "somewhere.somewherelese.net") + refute MRF.subdomain_match?(regexes, "somewhere") + end + + test "wildcards on subdomain _and_ tld" do + regexes = MRF.subdomains_regex(["*.somewhere.*"]) + + assert regexes == [~r/^(.+\.)?somewhere\.(.+)$/i] + + assert MRF.subdomain_match?(regexes, "somewhere.net") + assert MRF.subdomain_match?(regexes, "somewhere.com") + assert MRF.subdomain_match?(regexes, "sub.somewhere.net") + assert MRF.subdomain_match?(regexes, "sub.somewhere.com") + assert MRF.subdomain_match?(regexes, "sub.sub.somewhere.net") + assert MRF.subdomain_match?(regexes, "sub.sub.somewhere.com") + refute MRF.subdomain_match?(regexes, "somewhere") + end + test "matches are case-insensitive" do regexes = MRF.subdomains_regex(["UnSafe.TLD", "UnSAFE2.Tld"]) diff --git a/test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs b/test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs index 0d39dee67..62ac5e051 100644 --- a/test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs +++ b/test/pleroma/web/activity_pub/object_validators/article_note_page_validator_test.exs @@ -40,7 +40,7 @@ test "a basic note validates", %{note: note} do end test "a note with a language validates" do - user = insert(:user, %{ap_id: "https://mastodon.social/users/akkoma_ap_integration_tester"}) + insert(:user, %{ap_id: "https://mastodon.social/users/akkoma_ap_integration_tester"}) note = File.read!("test/fixtures/mastodon/note_with_language.json") |> Jason.decode!() %{