catstodon/app/controllers/authorize_follow_controller.rb
Eugen 17c591ffba Punycode URI normalization (#2370)
* Fix #2119 - Whenever about to send a HTTP request, normalize the URI

* Add test for IDN request in FetchLinkCardService

* Perform IDN normalization on domains before they are stored in the DB
2017-04-25 02:47:31 +02:00

45 lines
954 B
Ruby

# frozen_string_literal: true
class AuthorizeFollowController < ApplicationController
layout 'public'
before_action :authenticate_user!
def new
uri = Addressable::URI.parse(acct_param).normalize
if uri.path && %w(http https).include?(uri.scheme)
set_account_from_url
else
set_account_from_acct
end
render :error if @account.nil?
end
def create
@account = FollowService.new.call(current_account, acct_param).try(:target_account)
if @account.nil?
render :error
else
redirect_to web_url("accounts/#{@account.id}")
end
rescue ActiveRecord::RecordNotFound, Mastodon::NotPermittedError
render :error
end
private
def set_account_from_url
@account = FetchRemoteAccountService.new.call(acct_param)
end
def set_account_from_acct
@account = FollowRemoteAccountService.new.call(acct_param)
end
def acct_param
params[:acct].gsub(/\Aacct:/, '')
end
end