From ad8e8793c7b0ecc08bb271cd83ba04f6f8be7036 Mon Sep 17 00:00:00 2001
From: Laura Hausmann <laura@hausmann.dev>
Date: Thu, 24 Oct 2024 04:37:47 +0200
Subject: fix: primitives 5 & 8: reject activities with non-string identifiers

---
 packages/backend/src/queue/processors/InboxProcessorService.ts | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'packages/backend/src/queue')

diff --git a/packages/backend/src/queue/processors/InboxProcessorService.ts b/packages/backend/src/queue/processors/InboxProcessorService.ts
index 11b00bb683..f453d7d1ae 100644
--- a/packages/backend/src/queue/processors/InboxProcessorService.ts
+++ b/packages/backend/src/queue/processors/InboxProcessorService.ts
@@ -193,6 +193,9 @@ export class InboxProcessorService implements OnApplicationShutdown {
 				throw new Bull.UnrecoverableError(`skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`);
 			}
 		}
+		else {
+			throw new Bull.UnrecoverableError('skip: activity id is not a string');
+		}
 
 		// Update stats
 		this.federatedInstanceService.fetch(authUser.user.host).then(i => {
-- 
cgit v1.2.3-freya


From 23c4aa25714af145098baa7edd74c1d217e51c1a Mon Sep 17 00:00:00 2001
From: Julia Johannesen <julia@insertdomain.name>
Date: Wed, 20 Nov 2024 20:24:59 -0500
Subject: Fix style error

---
 packages/backend/src/core/HttpRequestService.ts                | 10 +++++-----
 packages/backend/src/queue/processors/InboxProcessorService.ts |  3 +--
 2 files changed, 6 insertions(+), 7 deletions(-)

(limited to 'packages/backend/src/queue')

diff --git a/packages/backend/src/core/HttpRequestService.ts b/packages/backend/src/core/HttpRequestService.ts
index 0ad5667049..6dcd0cdff3 100644
--- a/packages/backend/src/core/HttpRequestService.ts
+++ b/packages/backend/src/core/HttpRequestService.ts
@@ -54,19 +54,19 @@ class HttpRequestServiceAgent extends http.Agent {
 				}
 			});
 		return socket;
-	};
+	}
 
 	@bindThis
 	private isPrivateIp(ip: string): boolean {
 		const parsedIp = ipaddr.parse(ip);
-	
+
 		for (const net of this.config.allowedPrivateNetworks ?? []) {
 			const cidr = ipaddr.parseCIDR(net);
 			if (cidr[0].kind() === parsedIp.kind() && parsedIp.match(ipaddr.parseCIDR(net))) {
 				return false;
 			}
 		}
-	
+
 		return parsedIp.range() !== 'unicast';
 	}
 }
@@ -98,14 +98,14 @@ class HttpsRequestServiceAgent extends https.Agent {
 	@bindThis
 	private isPrivateIp(ip: string): boolean {
 		const parsedIp = ipaddr.parse(ip);
-	
+
 		for (const net of this.config.allowedPrivateNetworks ?? []) {
 			const cidr = ipaddr.parseCIDR(net);
 			if (cidr[0].kind() === parsedIp.kind() && parsedIp.match(ipaddr.parseCIDR(net))) {
 				return false;
 			}
 		}
-	
+
 		return parsedIp.range() !== 'unicast';
 	}
 }
diff --git a/packages/backend/src/queue/processors/InboxProcessorService.ts b/packages/backend/src/queue/processors/InboxProcessorService.ts
index f453d7d1ae..102e835e24 100644
--- a/packages/backend/src/queue/processors/InboxProcessorService.ts
+++ b/packages/backend/src/queue/processors/InboxProcessorService.ts
@@ -192,8 +192,7 @@ export class InboxProcessorService implements OnApplicationShutdown {
 			if (signerHost !== activityIdHost) {
 				throw new Bull.UnrecoverableError(`skip: signerHost(${signerHost}) !== activity.id host(${activityIdHost}`);
 			}
-		}
-		else {
+		} else {
 			throw new Bull.UnrecoverableError('skip: activity id is not a string');
 		}
 
-- 
cgit v1.2.3-freya