diff options
author | Friendika <info@friendika.com> | 2011-10-06 00:26:25 -0700 |
---|---|---|
committer | Friendika <info@friendika.com> | 2011-10-06 00:26:25 -0700 |
commit | e232c50c9e429b53005873a28ddeb549a7bcf959 (patch) | |
tree | 6abb8594d0c1c22eb12464f4c5bedc0fd6ada9ad /mod | |
parent | ce11d231b8157568a48bf046ae28ef23e500887e (diff) | |
download | volse-hubzilla-e232c50c9e429b53005873a28ddeb549a7bcf959.tar.gz volse-hubzilla-e232c50c9e429b53005873a28ddeb549a7bcf959.tar.bz2 volse-hubzilla-e232c50c9e429b53005873a28ddeb549a7bcf959.zip |
check author url to see if it matches current contact before relay is accepted
Diffstat (limited to 'mod')
-rw-r--r-- | mod/dfrn_notify.php | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/mod/dfrn_notify.php b/mod/dfrn_notify.php index 01bb9119e..19a2fa61c 100644 --- a/mod/dfrn_notify.php +++ b/mod/dfrn_notify.php @@ -462,10 +462,18 @@ function dfrn_notify_post(&$a) { ); if($r && count($r)) { + logger('dfrn_notify: received remote comment'); $is_like = false; // remote reply to our post. Import and then notify everybody else. $datarray = get_atom_elements($feed,$item); + + if(! link_compare($datarray['author-link'],$importer['url'])) { + logger('dfrn_notify: received relay claiming to be from ' . $importer['url'] . ' however comment author url is ' . $datarray['author-link'] ); + // they won't know what to do so don't report an error. Just quietly die. + xml_status(0); + } + $datarray['type'] = 'remote-comment'; $datarray['wall'] = 1; $datarray['parent-uri'] = $parent_uri; |