From 4015bdba744ce13ff827d96c2b9b21956c64c94d Mon Sep 17 00:00:00 2001 From: Jan-Lukas Else Date: Wed, 8 Dec 2021 11:08:33 +0100 Subject: [PATCH] Reject webmentions where target equals source --- webmention.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/webmention.go b/webmention.go index 3af4d65..da0324d 100644 --- a/webmention.go +++ b/webmention.go @@ -62,6 +62,11 @@ func (a *goBlog) handleWebmention(w http.ResponseWriter, r *http.Request) { a.serveError(w, r, "target not allowed", http.StatusBadRequest) return } + if m.Target == m.Source { + a.debug("Webmention target and source are the same:", m.Target) + a.serveError(w, r, "target and source are the same", http.StatusBadRequest) + return + } if err = a.queueMention(m); err != nil { a.debug("Failed to queue webmention", err.Error()) a.serveError(w, r, err.Error(), http.StatusInternalServerError)