From caa284e786d22d8c1d985fe9c86128ab7e195769 Mon Sep 17 00:00:00 2001 From: friendica Date: Fri, 21 Mar 2014 01:14:51 -0700 Subject: we don't allow forgeries to be received - save some bandwidth by not allowing them to be sent. We do have to figure out how some secondary delivery chains are ending up with posts belonging to the original owner instead of the chain owner, but that's for another day. --- include/notifier.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/include/notifier.php b/include/notifier.php index 81f971107..a4a9051c3 100644 --- a/include/notifier.php +++ b/include/notifier.php @@ -288,6 +288,11 @@ function notifier_run($argv, $argc){ if($s) $channel = $s[0]; + if($channel['channel_hash'] !== $target_item['author_xchan'] && $channel['channel_hash'] !== $target_item['owner_xchan']) { + logger("notifier: Sending channel {$channel['channel_hash']} is not owner {$target_item['owner_xchan']} or author {$target_item['author_xchan']}"); + return; + } + if($target_item['id'] == $target_item['parent']) { $parent_item = $target_item; -- cgit v1.2.3