From 37c4ef56d70c94c27c87d3bfb3c3ae6196184697 Mon Sep 17 00:00:00 2001
From: Natty <natty.sh.git@gmail.com>
Date: Wed, 16 Aug 2023 01:18:42 +0200
Subject: [PATCH] URL parsing check to prevent delivery crashes

---
 .../src/remote/activitypub/deliver-manager.ts | 24 ++++++++++++++-----
 1 file changed, 18 insertions(+), 6 deletions(-)

diff --git a/packages/backend/src/remote/activitypub/deliver-manager.ts b/packages/backend/src/remote/activitypub/deliver-manager.ts
index 400e04777..6e266d9bc 100644
--- a/packages/backend/src/remote/activitypub/deliver-manager.ts
+++ b/packages/backend/src/remote/activitypub/deliver-manager.ts
@@ -1,8 +1,9 @@
-import { IsNull, Not } from "typeorm";
-import { Users, Followings } from "@/models/index.js";
-import type { ILocalUser, IRemoteUser, User } from "@/models/entities/user.js";
-import { deliver } from "@/queue/index.js";
-import { skippedInstances } from "@/misc/skipped-instances.js";
+import {IsNull, Not} from "typeorm";
+import {Followings, Users} from "@/models/index.js";
+import type {ILocalUser, IRemoteUser, User} from "@/models/entities/user.js";
+import {deliver} from "@/queue/index.js";
+import {skippedInstances} from "@/misc/skipped-instances.js";
+import {apLogger} from "@/remote/activitypub/logger";
 
 //#region types
 interface IRecipe {
@@ -132,7 +133,18 @@ export default class DeliverManager {
 		// deliver
 		for (const inbox of inboxes) {
 			// skip instances as indicated
-			if (instancesToSkip.includes(new URL(inbox).host)) continue;
+
+			try {
+				const host = new URL(inbox).host;
+				if (instancesToSkip.includes(host))
+					continue;
+
+			} catch (e) {
+				// skip invalid URLs
+				apLogger.error(`Invalid inbox URL: ${inbox}`);
+				continue;
+			}
+
 
 			deliver(this.actor, this.activity, inbox);
 		}