evanp
commented
5 months ago This is an issue with user-uploaded data. Here are some ways to mitigate:
- As suggested, No JSON uploads.
- Remote clients should check the content-type for JSON types when GETting, and don't accept e.g.
text/plainas AP, maybeapplication/json. - Use a separate domain for uploaded artifacts. This will prevent naive checks that just accept the same origin as verification.
- Develop an attribution endpoint FEP to check attribution of objects. Possibly other types of endpoints for other verification, including a server-wide verification.
- Use digital signatures. Who the signature is from and what it entails is an open question. E.g. is it client side, server side, user owned, server owned, ...
I believe this solution requires at least these fixes:
- A Primer page on the topic.
- An Erratum for the security consideration in verification that covers the issue.
- Potentially pushing the editor's draft to the public document.
ap-socialhub
As a thought after Mastodon's GHSA-jhrq-qvrm-qr36 it might be a good idea to extend the security consideration B.2 with a bit of wording about what kind of user submitted content is meant, and what relevance the
Content-Typeand perhaps Content Type Negotiation has in that context.Especially when reading the 2nd paragraph the focus seems to me to be on ActivityPub Content, perhaps not taking into account that attached files/media may be hosted on the same host(-name).
In particular I'm thinking of wording like this:
And perhaps inserting another paragraph like this at the end of the section: