From a8752844eff70e714fc8c5faaa3fdc62c95b7e04 Mon Sep 17 00:00:00 2001 From: Mario Date: Sun, 21 Aug 2022 16:02:51 +0000 Subject: Activity: check for other forms of as:Public, Search: make sure to run htmlspecialchars_decode on the AP url so that previously encoded chars will be decoded again --- Zotlabs/Lib/Activity.php | 3 +-- Zotlabs/Module/Search.php | 15 +++++++++------ 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/Zotlabs/Lib/Activity.php b/Zotlabs/Lib/Activity.php index 7840e9999..67cfeea79 100644 --- a/Zotlabs/Lib/Activity.php +++ b/Zotlabs/Lib/Activity.php @@ -2680,8 +2680,7 @@ class Activity { // assume this is private unless specifically told otherwise. $s['item_private'] = 1; - - if ($act->recips && in_array(ACTIVITY_PUBLIC_INBOX, $act->recips)) { + if ($act->recips && (in_array(ACTIVITY_PUBLIC_INBOX, $act->recips) || in_array('Public', $act->recips) || in_array('as:Public', $act->recips))) { $s['item_private'] = 0; } diff --git a/Zotlabs/Module/Search.php b/Zotlabs/Module/Search.php index efea7bbdd..da4752186 100644 --- a/Zotlabs/Module/Search.php +++ b/Zotlabs/Module/Search.php @@ -59,15 +59,18 @@ class Search extends Controller { $o .= search($search, 'search-box', '/search', ((local_channel()) ? true : false)); if (local_channel() && strpos($search, 'https://') === 0 && !$update && !$load) { - if (strpos($search, 'b64.') !== false) { - if (strpos($search, '?') !== false) { - $search = strtok($search, '?'); + + $url = htmlspecialchars_decode($search); + + if (strpos($url, 'b64.') !== false) { + if (strpos($url, '?') !== false) { + $url = strtok($url, '?'); } - $search = unpack_link_id(basename($search)); + $url = unpack_link_id(basename($url)); } - $f = Libzot::fetch_conversation(App::get_channel(), punify($search), true); + $f = Libzot::fetch_conversation(App::get_channel(), punify($url), true); if ($f) { $mid = $f[0]['message_id']; @@ -83,7 +86,7 @@ class Search extends Controller { else { // try other fetch providers (e.g. diaspora, pubcrawl) $hookdata = [ - 'url' => punify($search) + 'url' => punify($url) ]; call_hooks('fetch_provider', $hookdata); } -- cgit v1.2.3