From 531d4264cda5c1de52d4ebf2663a536f7671c386 Mon Sep 17 00:00:00 2001
From: Felix Ableitner <me@nutomic.com>
Date: Mon, 13 Jan 2025 15:28:39 +0100
Subject: [PATCH] Remove trailing . from domain

---
 examples/local_federation/main.rs |  2 +-
 src/config.rs                     | 11 ++++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/examples/local_federation/main.rs b/examples/local_federation/main.rs
index f0ea3c4..41a0cad 100644
--- a/examples/local_federation/main.rs
+++ b/examples/local_federation/main.rs
@@ -46,7 +46,7 @@ async fn main() -> Result<(), Error> {
     info!("Alpha user follows beta user via webfinger");
     alpha
         .local_user()
-        .follow("beta@localhost:8002", &alpha.to_request_data())
+        .follow("beta@localhost.:8002", &alpha.to_request_data())
         .await?;
     assert_eq!(
         beta.local_user().followers(),
diff --git a/src/config.rs b/src/config.rs
index bca7805..b28240f 100644
--- a/src/config.rs
+++ b/src/config.rs
@@ -206,7 +206,16 @@ impl<T: Clone> FederationConfig<T> {
             }
         }
 
-        self.url_verifier.verify(url).await?;
+        // It is valid but uncommon for domains to end with `.` char. Drop this so it cant be used
+        // to bypass domain blocklist. Avoid cloning url in common case.
+        if domain.ends_with(".") {
+            let mut url = url.clone();
+            let domain = &domain[0..domain.len() - 1];
+            url.set_host(Some(domain))?;
+            self.url_verifier.verify(&url).await?;
+        } else {
+            self.url_verifier.verify(url).await?;
+        }
 
         Ok(())
     }