]> cat aescling's git repositories - mastodon.git/commitdiff
Ensure request.body isn't emptied out before signature verification (#10432)
authorThibG <thib@sitedethib.com>
Sun, 31 Mar 2019 15:27:24 +0000 (17:27 +0200)
committerEugen Rochko <eugen@zeonfederated.com>
Sun, 31 Mar 2019 15:27:24 +0000 (17:27 +0200)
Fixes #10429

app/controllers/activitypub/inboxes_controller.rb

index 1501b914ec30fdd814f73151a3b0ace578588af9..a0b7532c2e0ccedd25ba86504d635eea4ec519ea 100644 (file)
@@ -32,7 +32,10 @@ class ActivityPub::InboxesController < Api::BaseController
   end
 
   def body
-    @body ||= request.body.read.force_encoding('UTF-8')
+    return @body if defined?(@body)
+    @body = request.body.read.force_encoding('UTF-8')
+    request.body.rewind if request.body.respond_to?(:rewind)
+    @body
   end
 
   def upgrade_account