fairpm/fair-plugin
1
0
Fork 0
mirror of https://ghproxy.net/https://github.com/fairpm/fair-plugin.git synced 2025-09-04 08:50:35 +08:00
Code Issues Projects Packages Wiki Activity Actions

Ensure the returned DID matches the one requested.

Browse source 
Signed-off-by: costdev <79332690+costdev@users.noreply.github.com>
This commit is contained in:
costdev 2025-07-28 05:31:15 +01:00
parent 9ce4b13d15
commit 53a9d260f4
1 changed files with 11 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

12
inc/packages/namespace.php
View file

@ -122,7 +122,17 @@ function fetch_package_metadata( string $id ) {
}
$repo_url = $service->serviceEndpoint;
return fetch_metadata_doc( $repo_url );
$metadata = fetch_metadata_doc( $repo_url );
if ( is_wp_error( $metadata ) ) {
return $metadata;
}
if ( $metadata->id !== $id ) {
return new WP_Error( 'fair.packages.fetch_metadata.mismatch', __( 'Fetched metadata does not match the requested DID.', 'fair' ) );
}
return $metadata;
}
/**