From 03e14e759db47633cce320285d93d8c1f3bde65c Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Fri, 24 Mar 2023 09:08:39 +0100
Subject: [PATCH 1/4] MRF: Add filtering against AP id

---
 changelog.d/mrf-id_filter.add              | 1 +
 lib/pleroma/web/activity_pub/mrf.ex        | 8 ++++++++
 lib/pleroma/web/activity_pub/mrf/policy.ex | 3 ++-
 3 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 changelog.d/mrf-id_filter.add

diff --git a/changelog.d/mrf-id_filter.add b/changelog.d/mrf-id_filter.add
new file mode 100644
index 000000000..f556f9bc4
--- /dev/null
+++ b/changelog.d/mrf-id_filter.add
@@ -0,0 +1 @@
+Add `id_filter` to MRF to filter URLs and their domain prior to fetching
\ No newline at end of file
diff --git a/lib/pleroma/web/activity_pub/mrf.ex b/lib/pleroma/web/activity_pub/mrf.ex
index bc418d908..51ab476b7 100644
--- a/lib/pleroma/web/activity_pub/mrf.ex
+++ b/lib/pleroma/web/activity_pub/mrf.ex
@@ -108,6 +108,14 @@ defmodule Pleroma.Web.ActivityPub.MRF do
 
   def filter(%{} = object), do: get_policies() |> filter(object)
 
+  def id_filter(policies, id) when is_binary(id) do
+    policies
+    |> Enum.filter(&function_exported?(&1, :id_filter, 1))
+    |> Enum.all?(& &1.id_filter(id))
+  end
+
+  def id_filter(id) when is_binary(id), do: get_policies() |> id_filter(id)
+
   @impl true
   def pipeline_filter(%{} = message, meta) do
     object = meta[:object_data]
diff --git a/lib/pleroma/web/activity_pub/mrf/policy.ex b/lib/pleroma/web/activity_pub/mrf/policy.ex
index 54ca4b735..08bcac08a 100644
--- a/lib/pleroma/web/activity_pub/mrf/policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/policy.ex
@@ -4,6 +4,7 @@
 
 defmodule Pleroma.Web.ActivityPub.MRF.Policy do
   @callback filter(Pleroma.Activity.t()) :: {:ok | :reject, Pleroma.Activity.t()}
+  @callback id_filter(String.t()) :: boolean()
   @callback describe() :: {:ok | :error, map()}
   @callback config_description() :: %{
               optional(:children) => [map()],
@@ -13,5 +14,5 @@ defmodule Pleroma.Web.ActivityPub.MRF.Policy do
               description: String.t()
             }
   @callback history_awareness() :: :auto | :manual
-  @optional_callbacks config_description: 0, history_awareness: 0
+  @optional_callbacks config_description: 0, history_awareness: 0, id_filter: 1
 end

From 3dd6f6585985a085c1c2f2243501323864dcac2d Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Fri, 24 Mar 2023 09:09:41 +0100
Subject: [PATCH 2/4] Object.Fetcher: Hook to MRF.id_filter

---
 lib/pleroma/object/fetcher.ex | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/pleroma/object/fetcher.ex b/lib/pleroma/object/fetcher.ex
index 69a5f3268..c85a8b09f 100644
--- a/lib/pleroma/object/fetcher.ex
+++ b/lib/pleroma/object/fetcher.ex
@@ -145,6 +145,7 @@ defmodule Pleroma.Object.Fetcher do
     Logger.debug("Fetching object #{id} via AP")
 
     with {:scheme, true} <- {:scheme, String.starts_with?(id, "http")},
+         {_, true} <- {:mrf, MRF.id_filter(id)},
          {:ok, body} <- get_object(id),
          {:ok, data} <- safe_json_decode(body),
          :ok <- Containment.contain_origin_from_id(id, data) do
@@ -160,6 +161,9 @@ defmodule Pleroma.Object.Fetcher do
       {:error, e} ->
         {:error, e}
 
+      {:mrf, false} ->
+        {:error, {:reject, "Filtered by id"}}
+
       e ->
         {:error, e}
     end

From 30063c5914d229753f3bacab98c38736f2a447e6 Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Fri, 24 Mar 2023 09:09:58 +0100
Subject: [PATCH 3/4] MRF.DropPolicy: Add id_filter/1

---
 lib/pleroma/web/activity_pub/mrf/drop_policy.ex | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/lib/pleroma/web/activity_pub/mrf/drop_policy.ex b/lib/pleroma/web/activity_pub/mrf/drop_policy.ex
index e4fcc9935..cf07db7f3 100644
--- a/lib/pleroma/web/activity_pub/mrf/drop_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/drop_policy.ex
@@ -13,6 +13,12 @@ defmodule Pleroma.Web.ActivityPub.MRF.DropPolicy do
     {:reject, activity}
   end
 
+  @impl true
+  def id_filter(id) do
+    Logger.debug("REJECTING #{id}")
+    false
+  end
+
   @impl true
   def describe, do: {:ok, %{}}
 end

From 0fa13c55357ca83ae00b39626a0fa4be3a936640 Mon Sep 17 00:00:00 2001
From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
Date: Fri, 24 Mar 2023 09:16:25 +0100
Subject: [PATCH 4/4] MRF.SimplePolicy: Add id_filter/1

---
 lib/pleroma/web/activity_pub/mrf/simple_policy.ex | 12 ++++++++++++
 .../web/activity_pub/mrf/simple_policy_test.exs   | 15 +++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
index ae7f18bfe..a97e8db7b 100644
--- a/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
+++ b/lib/pleroma/web/activity_pub/mrf/simple_policy.ex
@@ -191,6 +191,18 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
     |> MRF.instance_list_from_tuples()
   end
 
+  @impl true
+  def id_filter(id) do
+    host_info = URI.parse(id)
+
+    with {:ok, _} <- check_accept(host_info, %{}),
+         {:ok, _} <- check_reject(host_info, %{}) do
+      true
+    else
+      _ -> false
+    end
+  end
+
   @impl true
   def filter(%{"type" => "Delete", "actor" => actor} = activity) do
     %{host: actor_host} = URI.parse(actor)
diff --git a/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs b/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs
index 1a51b7d30..f49a7b8ff 100644
--- a/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs
+++ b/test/pleroma/web/activity_pub/mrf/simple_policy_test.exs
@@ -252,6 +252,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       remote_message = build_remote_message()
 
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
+      assert SimplePolicy.id_filter(remote_message["actor"])
     end
 
     test "activity has a matching host" do
@@ -260,6 +261,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       remote_message = build_remote_message()
 
       assert {:reject, _} = SimplePolicy.filter(remote_message)
+      refute SimplePolicy.id_filter(remote_message["actor"])
     end
 
     test "activity matches with wildcard domain" do
@@ -268,6 +270,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       remote_message = build_remote_message()
 
       assert {:reject, _} = SimplePolicy.filter(remote_message)
+      refute SimplePolicy.id_filter(remote_message["actor"])
     end
 
     test "actor has a matching host" do
@@ -276,6 +279,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       remote_user = build_remote_user()
 
       assert {:reject, _} = SimplePolicy.filter(remote_user)
+      refute SimplePolicy.id_filter(remote_user["id"])
     end
 
     test "reject Announce when object would be rejected" do
@@ -288,6 +292,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       }
 
       assert {:reject, _} = SimplePolicy.filter(announce)
+      # Note: Non-Applicable for id_filter/1
     end
 
     test "reject by URI object" do
@@ -300,6 +305,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       }
 
       assert {:reject, _} = SimplePolicy.filter(announce)
+      # Note: Non-Applicable for id_filter/1
     end
   end
 
@@ -370,6 +376,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
 
       assert SimplePolicy.filter(local_message) == {:ok, local_message}
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
+      assert SimplePolicy.id_filter(local_message["actor"])
+      assert SimplePolicy.id_filter(remote_message["actor"])
     end
 
     test "is not empty but activity doesn't have a matching host" do
@@ -380,6 +388,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
 
       assert SimplePolicy.filter(local_message) == {:ok, local_message}
       assert {:reject, _} = SimplePolicy.filter(remote_message)
+      assert SimplePolicy.id_filter(local_message["actor"])
+      refute SimplePolicy.id_filter(remote_message["actor"])
     end
 
     test "activity has a matching host" do
@@ -390,6 +400,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
 
       assert SimplePolicy.filter(local_message) == {:ok, local_message}
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
+      assert SimplePolicy.id_filter(local_message["actor"])
+      assert SimplePolicy.id_filter(remote_message["actor"])
     end
 
     test "activity matches with wildcard domain" do
@@ -400,6 +412,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
 
       assert SimplePolicy.filter(local_message) == {:ok, local_message}
       assert SimplePolicy.filter(remote_message) == {:ok, remote_message}
+      assert SimplePolicy.id_filter(local_message["actor"])
+      assert SimplePolicy.id_filter(remote_message["actor"])
     end
 
     test "actor has a matching host" do
@@ -408,6 +422,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
       remote_user = build_remote_user()
 
       assert SimplePolicy.filter(remote_user) == {:ok, remote_user}
+      assert SimplePolicy.id_filter(remote_user["id"])
     end
   end