Commit graph

6591 commits

Author SHA1 Message Date
Thibaut Girka
7fb76999af Use Sec-WebSocket-Protocol instead of query string to pass WebSocket token
Inspired by https://github.com/kubevirt/kubevirt/issues/1242
2019-05-24 16:08:09 +02:00
Thibaut Girka
652147a3f4 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- streaming/index.js
2019-05-24 15:23:52 +02:00
ThibG
d63c3c0cef Improve streaming server security (#10818)
* Check OAuth token scopes in the streaming API

* Use Sec-WebSocket-Protocol instead of query string to pass WebSocket token

Inspired by https://github.com/kubevirt/kubevirt/issues/1242
2019-05-24 15:21:42 +02:00
ThibG
72bf354e97
Merge pull request #1067 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2019-05-23 22:01:34 +02:00
Thibaut Girka
d6a7d62dc6 Do not share a single Redcarpet::Markdown object across threads
There are apparently thread-safety issues: https://github.com/vmg/redcarpet/pull/672
2019-05-23 21:19:44 +02:00
Thibaut Girka
bf988123ba Merge branch 'master' into glitch-soc/merge-upstream 2019-05-23 21:18:27 +02:00
Eugen Rochko
84dc21d55d
Various improvements to single column layout (#10809)
- Add potential side panels to single column layout
- Hide FAB on large screens
2019-05-23 20:01:10 +02:00
ThibG
9a5561a5b8 Fix possible race condition when processing statuses (#10815) 2019-05-23 20:00:39 +02:00
nzws
a1143a19c0 [Glitch] Fix stacking order of emoji picker
Port 8a378d4c3d to glitch-soc

Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2019-05-23 19:16:42 +02:00
Thibaut Girka
c0dc247bce Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/models/account.rb
- app/views/settings/profiles/show.html.haml
- spec/controllers/api/v1/accounts/credentials_controller_spec.rb

Conflicts were due to an increase in account bio length upstream, which
is already covered in glitch-soc through `MAX_BIO_CHARS`.
2019-05-23 19:01:30 +02:00
ThibG
89d600bedb Move signature verification stoplight to the requests themselves (#10813)
* Move signature verification stoplight to the requests themselves

This avoids blocking messages from known keys for 5 minutes when only one fails…

* Put the stoplight on the actual client IP, not a potential reverse proxy
2019-05-23 15:22:39 +02:00
ThibG
9efcca3c54 Retry ActivityPub inbox delivery on HTTP 401 and 408 errors (#10812)
HTTP 401 responses returned by Mastodon's inbox controller may
be temporary if, for instance, the requesting user's actor/key json
could not be retrieved in a timely fashion. This changes allow retries
instead of dropping the message entirely.

Also added HTTP 408 as that error is by nature temporary.
2019-05-23 15:00:30 +02:00
Thibaut Girka
0744d6e571 Make headers font size proportional 2019-05-23 12:41:38 +02:00
Thibaut Girka
7c609bdab9 Allow rel=tag in status text
Fixes tag links in local Markdown or HTML-authored statuses
2019-05-23 12:28:33 +02:00
Eugen Rochko
9ddeb30f90
Add forceSingleColumn prop to <UI /> (#10807)
* Move TabsBar rendering logic from CSS to the ColumnsArea component

* Add forceSingleColumn mode

* Add unread notifications counter to tabs bar

* Add toggle to control `forceSingleColumn`

* Increase paddings in mobile layout responsively at large sizes
2019-05-23 01:35:22 +02:00
nzws
8a378d4c3d Fix stacking order of emoji picker (#10801) 2019-05-22 18:00:34 +02:00
dxwc
ee0e68e97a i18n: Complete frontend Bengali translation (#10800)
* i18n: Complete frontend Bengali translation

* run yarn manage:translations
2019-05-22 10:00:58 +09:00
Thibaut Girka
2332b3f146 Fix local text/html toots not being sanitized 2019-05-21 23:12:43 +02:00
Paul Woolcock
0c933c1b8c Add account_id param to GET /api/v1/notifications (#10796)
* Add `from_account` to notifications API

this adds the ability to filter notifications by the account they
originated from

* passing a non-existent user should cause none to be returned

* Fix codeclimate warnings

* fix more codeclimate warnings

* make requested changes:

* use account id instead of user@domain
* name the param `account_id` instead of `from_account`

* Don't use `return` in a lambda
2019-05-21 13:28:49 +02:00
Thibaut Girka
4fbce23992 Refactor contentType selection in glitch composer 2019-05-20 10:27:31 +02:00
Thibaut Girka
2cd7bfac23 Use glitch-soc's poll component instead of upstream's 2019-05-19 23:24:53 +02:00
a6caf919e2 Change bio limit from 160 to 500 (#10790)
* Change note_length validator from 160 to 500

* Change input maxlength from 160 to 500

* update bio test from 160 to 500

* Multiply a string 30 times instead of 10
2019-05-19 22:51:44 +02:00
Thibaut Girka
08a2af27c3 Merge branch 'master' into glitch-soc/merge-upstream 2019-05-19 21:53:44 +02:00
ThibG
ae18386558 Fix “invited by” not showing up for invited accounts in admin interface (#10791) 2019-05-19 21:40:36 +02:00
Hinaloe
bb9d7fad9f fix isSubmitting prop case (#10785) 2019-05-19 18:41:41 +02:00
Thibaut Girka
f509815379 Merge branch 'master' into glitch-soc/merge-upstream 2019-05-19 17:46:31 +02:00
Ben Lubar
2f3e4a64be add og:image:alt for media attachments in embeds (#10779) 2019-05-18 20:57:45 +02:00
Eugen Rochko
6fe474837c
Change poll options to alphabetic letters when status text is hidden (#10685)
Fix #10569
2019-05-18 14:41:16 +02:00
Thibaut Girka
6e227ecb04 Merge branch 'master' into glitch-soc/merge-upstream 2019-05-18 10:04:32 +02:00
ThibG
a1519a8ef5 Prevent from publicly boosting one's own private toots (#10775) 2019-05-18 00:28:51 +02:00
Thibaut Girka
9ca21e93cc Minor optimization 2019-05-17 23:51:14 +02:00
Thibaut Girka
56245a2a72 Export fallback content type and use it as default in WebUI 2019-05-17 23:51:14 +02:00
Thibaut Girka
dd5bf40b97 Properly escape HTML in code blocks 2019-05-17 23:51:14 +02:00
Thibaut Girka
a6b7c23f6f Add option for default toot content-type 2019-05-17 23:51:14 +02:00
Thibaut Girka
0be93820f3 Fix autolinking, and newlines in code blocks
Autolinking is now performed *after* the Markdown pass, by replacing HTML
tags with zero-width spaces and running the twitter-text extractor as usual,
except it does not auto-link URLs to avoid links in links…
2019-05-17 23:51:14 +02:00
Thibaut Girka
9df1ef87c2 Hide content-type dropdown by default 2019-05-17 23:51:14 +02:00
Haelwenn (lanodan) Monnier
c2fa36bbae Content-Type Dropdown: use the selected option icon for the menu
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2019-05-17 23:51:14 +02:00
Thibaut Girka
93d98f62a8 Support proper content-type in Delete & Redraft 2019-05-17 23:51:14 +02:00
KokaKiwi
f34a402a94 Add status content type dropdown to compose box.
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2019-05-17 23:51:14 +02:00
Thibaut Girka
14d7ddcb1c Add API support for setting status content-type 2019-05-17 23:51:14 +02:00
Thibaut Girka
b3e68de4d2 Serialize content-type on Delete & Redraft 2019-05-17 23:51:14 +02:00
Thibaut Girka
d7520f8175 Add support for HTML-formatted toots 2019-05-17 23:51:14 +02:00
Thibaut Girka
94aef563b9 Add support for markdown-formatted toots 2019-05-17 23:51:14 +02:00
Thibaut Girka
bfc509f44a Add database row to hold status content type 2019-05-17 23:51:14 +02:00
ThibG
c1cf8c1636
Merge pull request #1049 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2019-05-15 18:44:21 +02:00
Thibaut Girka
6badf2d252 Merge branch 'master' into glitch-soc/merge-upstream 2019-05-15 17:11:40 +02:00
ThibG
c1c8c7b2c8 Minor performance improvements and cleanup in formatter (#10765) 2019-05-15 06:54:06 +02:00
Neil Moore
4ab094d35e Adds click-able div that expands status (#10733) (#10766)
The clickable div is positioned under the account avatar and covers
all empty space below it to the end of the status.
2019-05-15 06:53:23 +02:00
ThibG
14f6ce2885 Record account suspend/silence time and keep track of domain blocks (#10660)
* Record account suspend/silence time and keep track of domain blocks

* Also unblock users who were suspended/silenced before dates were recorded

* Add tests

* Keep track of suspending date for users suspended through the CLI

* Show accurate number of accounts that would be affected by unsuspending an instance

* Change migration to set silenced_at and suspended_at

* Revert "Also unblock users who were suspended/silenced before dates were recorded"

This reverts commit a015c65d2d1e28c7b7cfab8b3f8cd5fb48b8b71c.

* Switch from using suspended and silenced to suspended_at and silenced_at

* Add post-deployment migration script to remove `suspended` and `silenced` columns

* Use Account#silence! and Account#suspend! instead of updating the underlying property

* Add silenced_at and suspended_at migration to post-migration

* Change account fabricator to translate suspended and silenced attributes

* Minor fixes

* Make unblocking domains always retroactive
2019-05-14 19:05:02 +02:00
Thibaut Girka
4bab7d7640 Fix rich text style in reply indicator 2019-05-13 17:13:02 +02:00