Fix obfuscation of short domains

Fixes https://akkoma.dev/AkkomaGang/akkoma/issues/645
This commit is contained in:
Oneric 2024-01-28 22:15:54 +01:00
parent 6fb91d79f3
commit e47c50666d
3 changed files with 17 additions and 2 deletions

View file

@ -19,6 +19,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Documentation issue in which a non-existing nginx file was referenced
- Issue where a bad inbox URL could break federation
- Issue where hashtag rel values would be scrubbed
- Issue where short domains listed in `transparency_obfuscate_domains` were not actually obfuscated
## 2023.08

View file

@ -314,6 +314,20 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
def filter(object), do: {:ok, object}
defp obfuscate(string) when is_binary(string) do
# Want to strip at least two neighbouring chars
# to ensure at least one non-dot char is in the obfuscation area
stripped = String.length(string) - 6
{keepstart, keepend} =
if stripped > 1 do
{3, 3}
else
{
2 - div(1 - stripped, 2),
2 + div(stripped, 2)
}
end
string
|> to_charlist()
|> Enum.with_index()
@ -322,7 +336,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
?.
{char, index} ->
if 3 <= index && index < String.length(string) - 3, do: ?*, else: char
if keepstart <= index && index < String.length(string) - keepend, do: ?*, else: char
end)
|> to_string()
end

View file

@ -283,7 +283,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
assert {:ok,
%{
mrf_simple: %{reject: ["rem***.*****nce", "a.b"]},
mrf_simple: %{reject: ["rem***.*****nce", "*.b"]},
mrf_simple_info: %{reject: %{"rem***.*****nce" => %{}}}
}} = SimplePolicy.describe()
end