Fix: `<link rel="alternate">`を追って照会するのはOKレスポンスが返却された場合のみに (#14627)

* Only accept HTML `<link rel="alternate">` on success

(cherry picked from commit 6ea48be84abdab66301a957c27dd5d84886dfb36)

* Use `res.ok` instead of 200-299

(cherry picked from commit b667a68bd4eb916084658592d2942d521950005b)

* jsdomに戻す

* Update Changelog

* Revert "jsdomに戻す"

This reverts commit c03603611b74d16df52e77e44c558e958a82f3f4.

* :art:

---------

Co-authored-by: Julia Johannesen <julia@insertdomain.name>

2 files changed, 7 insertions, 1 deletions

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fd43344b6a..046dab073d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -38,6 +38,8 @@
   (Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/commit/8a982c61c01909e7540ff1be9f019df07c3f0624)
 - Fix: サーバーサイドのDOM解析完了時にリソースを開放するように
 	(Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/634)
+- Fix: `<link rel="alternate">`を追って照会するのはOKレスポンスが返却された場合のみに  
+  (Cherry-picked from https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/633)
 
 ## 2024.8.0
 
diff --git a/packages/backend/src/core/activitypub/ApRequestService.ts b/packages/backend/src/core/activitypub/ApRequestService.ts
index 7c78f3319b..c7d19adfd5 100644
--- a/packages/backend/src/core/activitypub/ApRequestService.ts
+++ b/packages/backend/src/core/activitypub/ApRequestService.ts
@@ -205,7 +205,11 @@ export class ApRequestService {
 		//#region リクエスト先がhtmlかつactivity+jsonへのalternate linkタグがあるとき
 		const contentType = res.headers.get('content-type');
 
-		if ((contentType ?? '').split(';')[0].trimEnd().toLowerCase() === 'text/html' && _followAlternate === true) {
+		if (
+			res.ok &&
+			(contentType ?? '').split(';')[0].trimEnd().toLowerCase() === 'text/html' &&
+			_followAlternate === true
+		) {
 			const html = await res.text();
 			const { window, happyDOM } = new Window({
 				settings: {