Merge commit from fork

* Refuse granting quote authorization for reblogs * Add validation to reject quotes of reblogs * Do not process quotes of reblogs as potentially valid quotes * Refuse to serve quoted reblogs over REST API
2025-10-21 15:00:28 +02:00
parent 2b9e4294fe
commit 405a49df44
8 changed files with 146 additions and 5 deletions
--- a/app/lib/activitypub/activity/quote_request.rb
+++ b/app/lib/activitypub/activity/quote_request.rb
@@ -7,7 +7,7 @@ class ActivityPub::Activity::QuoteRequest < ActivityPub::Activity
    return if non_matching_uri_hosts?(@account.uri, @json['id'])

    quoted_status = status_from_uri(object_uri)
-    return if quoted_status.nil? || !quoted_status.account.local? || !quoted_status.distributable?
+    return if quoted_status.nil? || !quoted_status.account.local? || !quoted_status.distributable? || quoted_status.reblog?

    if StatusPolicy.new(@account, quoted_status).quote?
      accept_quote_request!(quoted_status)
--- a/app/models/concerns/status/interaction_policy_concern.rb
+++ b/app/models/concerns/status/interaction_policy_concern.rb
@@ -27,7 +27,7 @@ module Status::InteractionPolicyConcern

  # Returns `:automatic`, `:manual`, `:unknown` or `:denied`
  def quote_policy_for_account(other_account, preloaded_relations: {})
-    return :denied if other_account.nil? || direct_visibility?
+    return :denied if other_account.nil? || direct_visibility? || reblog?

    following_author = nil
    followed_by_author = nil
--- a/app/models/quote.rb
+++ b/app/models/quote.rb
@@ -39,6 +39,7 @@ class Quote < ApplicationRecord
  validates :activity_uri, presence: true, if: -> { account.local? && quoted_account&.remote? }
  validates :approval_uri, absence: true, if: -> { quoted_account&.local? }
  validate :validate_visibility
+  validate :validate_original_quoted_status

  after_create_commit :increment_counter_caches!
  after_destroy_commit :decrement_counter_caches!
@@ -85,6 +86,10 @@ class Quote < ApplicationRecord
    errors.add(:quoted_status_id, :visibility_mismatch)
  end

+  def validate_original_quoted_status
+    errors.add(:quoted_status_id, :reblog_unallowed) if quoted_status&.reblog?
+  end
+
  def set_activity_uri
    self.activity_uri = [ActivityPub::TagManager.instance.uri_for(account), '/quote_requests/', SecureRandom.uuid].join
  end
--- a/app/serializers/rest/base_quote_serializer.rb
+++ b/app/serializers/rest/base_quote_serializer.rb
@@ -14,7 +14,7 @@ class REST::BaseQuoteSerializer < ActiveModel::Serializer
  end

  def quoted_status
-    object.quoted_status if object.accepted? && object.quoted_status.present? && !status_filter.filtered_for_quote?
+    object.quoted_status if object.accepted? && object.quoted_status.present? && !object.quoted_status&.reblog? && !status_filter.filtered_for_quote?
  end

  private
--- a/app/services/activitypub/verify_quote_service.rb
+++ b/app/services/activitypub/verify_quote_service.rb
@@ -73,7 +73,7 @@ class ActivityPub::VerifyQuoteService < BaseService

    status ||= ActivityPub::FetchRemoteStatusService.new.call(uri, on_behalf_of: @quote.account.followers.local.first, prefetched_body:, request_id: @request_id, depth: @depth + 1)

-    @quote.update(quoted_status: status) if status.present?
+    @quote.update(quoted_status: status) if status.present? && !status.reblog?
  rescue Mastodon::RecursionLimitExceededError, Mastodon::UnexpectedResponseError, *Mastodon::HTTP_CONNECTION_ERRORS => e
    @fetching_error = e
  end
@@ -91,7 +91,7 @@ class ActivityPub::VerifyQuoteService < BaseService

    status = ActivityPub::FetchRemoteStatusService.new.call(object['id'], prefetched_body: object, on_behalf_of: @quote.account.followers.local.first, request_id: @request_id, depth: @depth)

-    if status.present?
+    if status.present? && !status.reblog?
      @quote.update(quoted_status: status)
      true
    else