mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-25 23:13:33 +00:00
Fix Accept headers when fetching AP objects to match spec
ActivityPub spec section 3.2 reads > The client MUST specify an Accept header with the > `application/ld+json; profile="https://www.w3.org/ns/activitystreams"` > media type in order to retrieve the activity. Currently Mastodon omits the profile in its dereferences (but not the fetch service) and only lists application/ld+json as one of several possible types. This breaks spec and allows spec-compliant implementations to refuse any such fetch requests. Resolve this by adding the required profile and while at it, make the only spec-compliant type the first listed choice in all relevant places. While unlikely to be a problem due to other parts already including a profile, also keep a profile-less JSON-LD type where it existed before to ensure this doesn't break federation with a hypothetical buggy implemenetation relying on this current Mastodon quirk. Section 7 also specifies the same media type MUST be used in the Content-Type header of for POST requests, but here we can't specify alternatives, so for now keep the current type. Fixes a part of https://github.com/mastodon/mastodon/issues/22720
This commit is contained in:
parent
2da2a1dae9
commit
70be92c897
|
@ -44,7 +44,7 @@ class ActivityPub::Dereferencer
|
|||
|
||||
req = Request.new(:get, uri)
|
||||
|
||||
req.add_headers('Accept' => 'application/activity+json, application/ld+json')
|
||||
req.add_headers('Accept' => 'application/ld+json; profile="https://www.w3.org/ns/activitystreams", application/activity+json, application/ld+json')
|
||||
req.add_headers(headers) if headers
|
||||
req.on_behalf_of(@signature_actor) if @signature_actor
|
||||
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
class FetchResourceService < BaseService
|
||||
include JsonLdHelper
|
||||
|
||||
ACCEPT_HEADER = 'application/activity+json, application/ld+json; profile="https://www.w3.org/ns/activitystreams", text/html;q=0.1'
|
||||
ACCEPT_HEADER = 'application/ld+json; profile="https://www.w3.org/ns/activitystreams", application/activity+json, text/html;q=0.1'
|
||||
ACTIVITY_STREAM_LINK_TYPES = ['application/activity+json', 'application/ld+json; profile="https://www.w3.org/ns/activitystreams"'].freeze
|
||||
|
||||
attr_reader :response_code
|
||||
|
|
Loading…
Reference in a new issue