AkkomaGang/akkoma
AkkomaGang/akkoma
13
63
Fork 84
Code Issues 163 Pull requests 15 Packages Projects 2 Releases 14 Wiki Activity
8305 commits 26 branches 107 tags 317 MiB
Commit graph

5255 commits

Author SHA1 Message Date
Haelwenn (lanodan) Monnier 1257331291
MastodonAPI.StatusView: Do not use site_name 
site_name allow to spoof the origin of the domain and so hacks like:

<!-- served on https://hacktivis.me/tmp/joinmastodon.org.html -->
<meta property="og:image" content="https://hacktivis.me/datalove/img/meme/pleroma/mastodon%2C%20forbidden%20amuse%20yourself.jpeg" />
<meta property="og:title" content="Mastodon: Forbidden Amuse Yourself" />
<meta property="og:site_name" content="joinmastodon.org" />
<meta http-equiv="refresh" content="0; url=http://joinmastodon.org/">
 2020-02-15 00:36:09 +01:00
rinpatch 9906c6fb6f Merge branch 'fix/mrf-transparency-disabling-federation-status' into 'develop' 
NodeInfo: Fix federating status not being reported when MRF transparency is disabled

Closes #1568

See merge request pleroma/pleroma!2206
 2020-02-13 18:08:43 +00:00
rinpatch 23049a077e NodeInfo: Fix federating status not being reported when MRF 
transparency is disabled

Closes #1568
 2020-02-13 19:53:39 +03:00
feld b312c36b8e Merge branch 'develop' into 'fix/rename-no_attachment_links-setting' 
# Conflicts:
#   config/description.exs
 2020-02-13 14:37:55 +00:00
Egor Kislitsyn 19516af74e
Fix status.expires_in validation 2020-02-12 20:20:44 +04:00
Mark Felder ff9fd4ca89 Fix the confusingly named and inverted logic of "no_attachment_links" 
The setting is now simply "attachment_links" and the boolean value does
what you expect. A double negative is never possible and describing the
functionality is no longer a philospher's worst nightmare.
 2020-02-11 15:39:19 -06:00
feld 237b2068f9 Revert "Merge branch 'feat/floki-fasthtml' into 'develop'" 
This reverts merge request !2194
 2020-02-11 16:55:18 +00:00
rinpatch ea1631d7e6 Make Floki use fast_html 2020-02-11 16:17:21 +03:00
lain 24c526a0b1 Merge remote-tracking branch 'origin/develop' into uguu-uwu-notices-bulge 2020-02-11 13:58:36 +01:00
rinpatch 94e5ca1105 Merge branch 'issue/1383' into 'develop' 
[#1383] Switch periodic jobs from quantum to oban

See merge request pleroma/pleroma!2015
 2020-02-11 00:04:06 +00:00
Maksim Pechnikov 6813c0302c Merge branch 'develop' into issue/1383 2020-02-10 20:49:20 +03:00
rinpatch c55301e760 Fix a compilation error under certain circumstances 
I've noticed that sometimes when switching from develop to stable and back,
develop fails to compile and rm -r ing the _build and deps dirs doesn't
help at all.

This is due to Admin API controller needing to generate JSON description
of the config at compile time.  Evaluating `config/description.exs`
calls `Generator.list_modules_in_dir/2`, which in turn predicts the
module names of files in the directory and tries to convert the
predicted name to *existing* atoms. Sometimes the compiler will
call that function before compiling the modules in the said directory,
so the conversion will of course fail.

This fixes it by removing the requirement of the atoms being existent.
The function is not subjected to any untrusted user input so this should
be safe. An ideal fix would be to block the compilation of docs before
all modules are compiled and then get a list of compiled elixir modules
under the namespace we want instead of directory hacks, but I have not
been able to figure out how to do that.
 2020-02-10 18:41:02 +03:00
rinpatch 8fda6303ba Fix email mix task on OTP releases 
Closes pleroma#1548
 2020-02-09 03:27:29 +03:00
lain 964b4d82a0 Merge branch 'fix/upload-limit-otp' into 'develop' 
Actually fix upload limit on OTP releases

Closes #1109

See merge request pleroma/pleroma!2185
 2020-02-08 14:02:36 +00:00
rinpatch 15ea75cd2a Actually fix upload limit on OTP releases 
Closes #1109
 2020-02-07 20:14:06 +03:00
Haelwenn 1262357ddb Merge branch 'cancel-follow-request' into 'develop' 
Add support for cancellation of a follow request

Closes #1522

See merge request pleroma/pleroma!2175
 2020-02-07 16:10:43 +00:00
Lain Soykaf d85bcc8627 Questions: Add timezone to closed property 2020-02-07 16:57:46 +01:00
Lain Soykaf 4538a1ee01 EmojiReactions: Remove old API endpoints 2020-02-07 15:01:45 +01:00
Lain Soykaf f875b9650a EmojiReactions: Add Mastodon-aligned reaction endpoints, change response 2020-02-07 14:52:13 +01:00
Egor Kislitsyn bc2e98b200
Add User.get_follow_state/2 2020-02-07 16:17:34 +04:00
Lain Soykaf 8a79f20c21 EmojiReactions: Rename to EmojiReacts 2020-02-06 18:09:57 +01:00
feld df0b00b32d Merge branch 'mastoapi-non-html-strings' into 'develop' 
mastodon API: do not sanitize html in non-html fields

See merge request pleroma/pleroma!2167
 2020-02-06 16:08:23 +00:00
Egor Kislitsyn 8b9742ecf5 Cancellation of a follow request for a remote user 2020-02-06 18:02:33 +04:00
Alexander Strizhakov c85aa6e87f
removing confusing error 2020-02-06 12:50:36 +03:00
rinpatch 15cb1f6804 Merge branch 'fix/unpinnable-polls' into 'develop' 
fix not being able to pin polls

See merge request pleroma/pleroma!2172
 2020-02-05 21:04:16 +00:00
rinpatch 72d767998c Merge branch 'removing-admin-api-endpoint' into 'develop' 
Removing migrate_from_db endpoint from admin api

See merge request pleroma/pleroma!2177
 2020-02-05 21:03:56 +00:00
feld b21e59da5f Merge branch 'remove-linker-scheme-option' into 'develop' 
Remove AutoLinker `scheme` option from the config

See merge request pleroma/pleroma!2176
 2020-02-05 20:32:45 +00:00
Alexander Strizhakov 5db6ac8ee4
removing migrate_from_db endpoint from admin api 2020-02-05 20:36:21 +03:00
Egor Kislitsyn 3909b5b7b3
Remove AutoLinker scheme option from the config 2020-02-05 21:13:56 +04:00
rinpatch 49e80a1537 Merge branch 'feature/restart-pleroma-from-outside-application' into 'develop' 
Restarting pleroma from outside application

See merge request pleroma/pleroma!2144
 2020-02-05 16:59:21 +00:00
Egor Kislitsyn 8c71f7e11a Add support for cancellation of a follow request 2020-02-05 20:22:15 +04:00
Maksim Pechnikov 2c40c8b4a2 Merge branch 'develop' into issue/1383 2020-02-03 21:42:36 +03:00
rinpatch 50f5a92021 fix not being able to pin polls 2020-02-02 14:55:06 +03:00
rinpatch 983a87175e mastodon API: do not sanitize html in non-html fields 2020-02-02 14:46:32 +03:00
Roman Chvanikov 8057157ee3 Make attachments cleanup optional 2020-01-31 01:20:37 +03:00
rinpatch c27d1d65bf Merge branch 'fix/disable-rate-limiter-for-socket-localhost' into 'develop' 
Disable rate limiter for socket/localhost

Closes #1380

See merge request pleroma/pleroma!2064
 2020-01-30 19:24:04 +00:00
rinpatch 5b62acf6e9 Merge branch 'develop' into fix/disable-rate-limiter-for-socket-localhost 2020-01-30 22:16:55 +03:00
lain 774cba84f5 Merge branch 'reenable-rate-limit-and-remote-ip' into 'develop' 
Re-enable rate limiter and enable remote ip

See merge request pleroma/pleroma!2164
 2020-01-30 18:47:44 +00:00
lain a0d9d42eaa Emoji Reactions: Actually use the validation. 2020-01-30 16:07:37 +01:00
feld e2f2602fdc Merge branch 'emoji-api-errors' into 'develop' 
Emoji api error if emoji dir is not writable

Closes admin-fe#62

See merge request pleroma/pleroma!2161
 2020-01-30 14:13:40 +00:00
feld df200ea7a4 Merge branch 'http-security-warning' into 'develop' 
Warn if HTTPSecurityPlug is disabled

Closes #1528

See merge request pleroma/pleroma!2155
 2020-01-30 14:11:29 +00:00
feld b3e9c87724 Update emoji_api_controller.ex 2020-01-30 14:09:41 +00:00
feld 36becd5573 Update http_security_plug.ex 2020-01-30 14:07:41 +00:00
rinpatch 263abe3ba5 Merge branch 'emoji-reactions-reacted' into 'develop' 
Emoji reactions: Add `reacted` field

See merge request pleroma/pleroma!2160
 2020-01-30 13:16:04 +00:00
rinpatch 889965141a RemoteIp: only trust X-Forwarded-For 
Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the
client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway.
 2020-01-30 00:06:58 +03:00
Haelwenn 946de2299c Merge branch 'fix-streaming-reblog' into 'develop' 
Streamer: Correctly handle reblog mutes

Closes #1129 and #1438

See merge request pleroma/pleroma!2156
 2020-01-29 20:21:32 +00:00
Egor Kislitsyn e07e7888d7
Fix credo warning 2020-01-29 18:53:43 +04:00
Egor Kislitsyn 2bd4d6289b
Make the warning more scarier 2020-01-29 18:43:23 +04:00
Alexander Strizhakov e7fee0d6fa
emoji api error on not writable dir 2020-01-29 15:31:34 +03:00
lain b3a877d6c9 Emoji Reactions: Correctly handle deleted users 2020-01-29 11:43:36 +01:00