Add a comment about why we don't sign object fetches when refetching actor keys
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
parent
11bde88a02
commit
df8721670a
|
@ -95,6 +95,9 @@ defmodule Mobilizon.Federation.HTTPSignatures.Signature do
|
|||
actor_url = key_id_to_actor_url(kid)
|
||||
Logger.debug("Refetching public key for #{actor_url}")
|
||||
|
||||
# In this specific case we don't sign object fetches because
|
||||
# this would cause infinite recursion when servers both need
|
||||
# to fetch each other's keys
|
||||
with {:ok, %Actor{} = actor} <-
|
||||
ActivityPubActor.make_actor_from_url(actor_url, ignore_sign_object_fetches: true) do
|
||||
get_actor_public_key(actor)
|
||||
|
|
Loading…
Reference in a new issue