federator: do origin containment when processing inbound messages

diff --git a/lib/pleroma/web/federator/federator.ex b/lib/pleroma/web/federator/federator.ex
index 962cacfa31640e7115e3d16c0ef2085ff20889ea..33e6db9b92070a8dbbd1ea686be2765636c3937c 100644 (file)
--- a/lib/pleroma/web/federator/federator.ex
+++ b/lib/pleroma/web/federator/federator.ex
@@ -101,8 +101,11 @@ defmodule Pleroma.Web.Federator do
 
     params = Utils.normalize_params(params)
 
+    # NOTE: we use the actor ID to do the containment, this is fine because an
+    # actor shouldn't be acting on objects outside their own AP server.
     with {:ok, _user} <- ap_enabled_actor(params["actor"]),
          nil <- Activity.normalize(params["id"]),
+         :ok <- Transmogrifier.contain_origin_from_id(params["actor"], params),
          {:ok, _activity} <- Transmogrifier.handle_incoming(params) do
     else
       %Activity{} ->