Merge branch 'feature/hellthread-mitigation' into 'develop'
implement hellthread mitigation Closes #474 See merge request pleroma/pleroma!588
This commit is contained in:
commit
093d39b634
3 changed files with 23 additions and 0 deletions
|
@ -163,6 +163,8 @@ config :pleroma, :mrf_rejectnonpublic,
|
|||
allow_followersonly: false,
|
||||
allow_direct: false
|
||||
|
||||
config :pleroma, :mrf_hellthread, threshold: 10
|
||||
|
||||
config :pleroma, :mrf_simple,
|
||||
media_removal: [],
|
||||
media_nsfw: [],
|
||||
|
|
|
@ -121,6 +121,9 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i
|
|||
* `allow_followersonly`: whether to allow followers-only posts
|
||||
* `allow_direct`: whether to allow direct messages
|
||||
|
||||
## :mrf_hellthread
|
||||
* `threshold`: Number of mentioned users after which the message gets discarded as spam
|
||||
|
||||
## :media_proxy
|
||||
* `enabled`: Enables proxying of remote media to the instance’s proxy
|
||||
* `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts.
|
||||
|
|
18
lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex
Normal file
18
lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex
Normal file
|
@ -0,0 +1,18 @@
|
|||
defmodule Pleroma.Web.ActivityPub.MRF.HellthreadPolicy do
|
||||
@behaviour Pleroma.Web.ActivityPub.MRF
|
||||
|
||||
@impl true
|
||||
def filter(%{"type" => "Create"} = object) do
|
||||
threshold = Pleroma.Config.get([:mrf_hellthread, :threshold])
|
||||
recipients = (object["to"] || []) ++ (object["cc"] || [])
|
||||
|
||||
if length(recipients) > threshold do
|
||||
{:reject, nil}
|
||||
else
|
||||
{:ok, object}
|
||||
end
|
||||
end
|
||||
|
||||
@impl true
|
||||
def filter(object), do: {:ok, object}
|
||||
end
|
Loading…
Reference in a new issue