From f05f7c920ecc5028d00737f2c789a80c90e66b0d Mon Sep 17 00:00:00 2001 From: Johann150 Date: Sat, 14 Aug 2021 11:11:47 +0200 Subject: [PATCH] fix: truncate user information if it is too long (#7629) * truncate user information if it is too long Some AP software allows for user names or summaries to be very long. Misskey can not handle this and the profile page can not be opened and no activities from such users can be seen. Instead, the user name and summary are cut off after the maximum length so misskey can still process the activities of the profile. Co-authored-by: Toast * fix code style Co-authored-by: Toast Co-authored-by: syuilo --- src/remote/activitypub/models/person.ts | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/src/remote/activitypub/models/person.ts b/src/remote/activitypub/models/person.ts index 829b4878f8..2270e05e3b 100644 --- a/src/remote/activitypub/models/person.ts +++ b/src/remote/activitypub/models/person.ts @@ -31,6 +31,9 @@ import { normalizeForSearch } from '@/misc/normalize-for-search'; const logger = apLogger; +const nameLength = 128; +const summaryLength = 2048; + /** * Validate and convert to actor object * @param x Fetched object @@ -52,11 +55,23 @@ function validateActor(x: IObject, uri: string): IActor { if (e) throw new Error(`invalid Actor: ${name} ${e.message}`); }; + const truncate = (input: string | undefined, size: number) => { + if (!input || input.length <= size) { + return input; + } else { + return input.substring(0, size); + } + }; + validate('id', x.id, $.str.min(1)); validate('inbox', x.inbox, $.str.min(1)); validate('preferredUsername', x.preferredUsername, $.str.min(1).max(128).match(/^\w([\w-.]*\w)?$/)); - validate('name', x.name, $.optional.nullable.str.max(128)); - validate('summary', x.summary, $.optional.nullable.str.max(2048)); + + // These fields are only informational, and some AP software allows these + // fields to be very long. If they are too long, we cut them off. This way + // we can at least see these users and their activities. + validate('name', truncate(x.name, nameLength), $.optional.nullable.str); + validate('summary', truncate(x.summary, summaryLength), $.optional.nullable.str); const idHost = toPuny(new URL(x.id!).hostname); if (idHost !== expectHost) {