example.org), separated by line breaks.",
"server.filter-allow-list": "Use this as an Allow List instead"
}
\ No newline at end of file
diff --git a/src/activitypub/index.js b/src/activitypub/index.js
index db987e8432..21aa47a492 100644
--- a/src/activitypub/index.js
+++ b/src/activitypub/index.js
@@ -41,6 +41,7 @@ ActivityPub.inbox = require('./inbox');
ActivityPub.mocks = require('./mocks');
ActivityPub.notes = require('./notes');
ActivityPub.actors = require('./actors');
+ActivityPub.instances = require('./instances');
ActivityPub.startJobs = () => {
// winston.verbose('[activitypub/jobs] Registering jobs.');
diff --git a/src/activitypub/instances.js b/src/activitypub/instances.js
new file mode 100644
index 0000000000..548343d1bb
--- /dev/null
+++ b/src/activitypub/instances.js
@@ -0,0 +1,19 @@
+'use strict';
+
+const meta = require('../meta');
+const db = require('../database');
+
+const Instances = module.exports;
+
+Instances.log = async (domain) => {
+ await db.sortedSetAdd('instances:lastSeen', Date.now(), domain);
+};
+
+Instances.getCount = async () => db.sortedSetCard('instances:lastSeen');
+
+Instances.isAllowed = async (domain) => {
+ let { activitypubFilter: type, activitypubFilterList: list } = meta.config;
+ list = new Set(list.split('\n'));
+ // eslint-disable-next-line no-bitwise
+ return list.has(domain) ^ !type;
+};
diff --git a/src/controllers/admin/settings.js b/src/controllers/admin/settings.js
index 61e8a6fb2d..efd854a598 100644
--- a/src/controllers/admin/settings.js
+++ b/src/controllers/admin/settings.js
@@ -9,6 +9,7 @@ const groups = require('../../groups');
const languages = require('../../languages');
const navigationAdmin = require('../../navigation/admin');
const social = require('../../social');
+const activitypub = require('../../activitypub');
const api = require('../../api');
const pagination = require('../../pagination');
const helpers = require('../helpers');
@@ -123,3 +124,12 @@ settingsController.api = async (req, res) => {
pagination: pagination.create(page, pageCount, req.query),
});
};
+
+settingsController.activitypub = async (req, res) => {
+ const instanceCount = await activitypub.instances.getCount();
+
+ res.render('admin/settings/activitypub', {
+ title: `[[admin/menu:settings/activitypub]]`,
+ instanceCount,
+ });
+};
diff --git a/src/middleware/activitypub.js b/src/middleware/activitypub.js
index 586d31c517..2873ab6aec 100644
--- a/src/middleware/activitypub.js
+++ b/src/middleware/activitypub.js
@@ -70,6 +70,11 @@ middleware.validate = async function (req, res, next) {
// Domain check
const { hostname } = new URL(actor);
+ const allowed = await activitypub.instances.isAllowed(hostname);
+ if (!allowed) {
+ // winston.verbose(`[middleware/activitypub] Blocked incoming activity from ${hostname}.`);
+ return res.sendStatus(403);
+ }
await db.sortedSetAdd('instances:lastSeen', Date.now(), hostname);
// Origin checking
diff --git a/src/routes/admin.js b/src/routes/admin.js
index 2f18846151..38e3a472be 100644
--- a/src/routes/admin.js
+++ b/src/routes/admin.js
@@ -38,6 +38,7 @@ module.exports = function (app, name, middleware, controllers) {
helpers.setupAdminPageRoute(app, `/${name}/settings/advanced`, middlewares, controllers.admin.settings.advanced);
helpers.setupAdminPageRoute(app, `/${name}/settings/navigation`, middlewares, controllers.admin.settings.navigation);
helpers.setupAdminPageRoute(app, `/${name}/settings/api`, middlewares, controllers.admin.settings.api);
+ helpers.setupAdminPageRoute(app, `/${name}/settings/activitypub`, middlewares, controllers.admin.settings.activitypub);
helpers.setupAdminPageRoute(app, `/${name}/settings/:term?`, middlewares, controllers.admin.settings.get);
helpers.setupAdminPageRoute(app, `/${name}/appearance/:term?`, middlewares, controllers.admin.appearance.get);
diff --git a/src/views/admin/settings/activitypub.tpl b/src/views/admin/settings/activitypub.tpl
index 4e117896cb..9dd74206df 100644
--- a/src/views/admin/settings/activitypub.tpl
+++ b/src/views/admin/settings/activitypub.tpl
@@ -52,14 +52,14 @@