Merge branch 'feature/hellthread-mitigation' into 'develop'

implement hellthread mitigation Closes #474 See merge request !588

Merge branch 'feature/hellthread-mitigation' into 'develop'
093d39b6 · kaniini · 61a88a67 · a7f07bb6 · 093d39b6 · 093d39b6
Commit 093d39b6 authored 6 years ago by kaniini
--- a/config/config.exs
+++ b/config/config.exs
@@ -163,6 +163,8 @@ config :pleroma, :mrf_rejectnonpublic,
  allow_followersonly: false,
  allow_direct: false

+config :pleroma, :mrf_hellthread, threshold: 10
+
 config :pleroma, :mrf_simple,
  media_removal: [],
  media_nsfw: [],

--- a/docs/config.md
+++ b/docs/config.md
@@ -121,6 +121,9 @@ This section is used to configure Pleroma-FE, unless ``:managed_config`` in ``:i
 * `allow_followersonly`: whether to allow followers-only posts
 * `allow_direct`: whether to allow direct messages

+## :mrf_hellthread
+* `threshold`: Number of mentioned users after which the message gets discarded as spam
+
 ## :media_proxy
 * `enabled`: Enables proxying of remote media to the instance’s proxy
 * `base_url`: The base URL to access a user-uploaded file. Useful when you want to proxy the media files via another host/CDN fronts.

--- a/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/hellthread_policy.ex
+defmodule Pleroma.Web.ActivityPub.MRF.HellthreadPolicy do
+  @behaviour Pleroma.Web.ActivityPub.MRF
+
+  @impl true
+  def filter(%{"type" => "Create"} = object) do
+    threshold = Pleroma.Config.get([:mrf_hellthread, :threshold])
+    recipients = (object["to"] || []) ++ (object["cc"] || [])
+
+    if length(recipients) > threshold do
+      {:reject, nil}
+    else
+      {:ok, object}
+    end
+  end
+
+  @impl true
+  def filter(object), do: {:ok, object}
+end