Commit graph

6822 commits

Author SHA1 Message Date
eugenijm
3ab59a6f3c Mastodon API: fix the public timeline returning an error when the reply_visibility parameter is set to self for an unauthenticated user 2020-09-15 13:00:56 +03:00
Haelwenn
5c4ff5c73c Merge branch 'fix/mrf-simple-welcome-chats' into 'develop'
Ensure we only apply media_nsfw simple policy on parsable objects

Closes #2133

See merge request pleroma/pleroma!2992
2020-09-15 08:25:10 +00:00
Mark Felder
709723182d Ensure SimplePolicy's tags in string representation don't trip up the object validator 2020-09-14 17:06:42 -05:00
rinpatch
bb407edce4 RichMedia: fix a compilation error due to nonexistent variable
No idea why this passed Gitlab CI
2020-09-14 15:46:00 +03:00
rinpatch
f70335002d RichMedia: Do a HEAD request to check content type/length
This shouldn't be too expensive, since the connections are pooled,
but it should save us some bandwidth since we won't fetch non-html
files and files that are too large for us to process (especially
since you can't cancel a request without closing the connection
with HTTP1).
2020-09-14 14:45:58 +03:00
rinpatch
f66a15c4a5 RichMedia parser: do not set a cache TTL for unchanging errors 2020-09-14 14:44:25 +03:00
Mark Felder
c0b36621f1 Ensure we only apply NSFW Simple policy on parsable objects 2020-09-11 23:22:14 -05:00
rinpatch
89a7efab69 ConnectionPool: Log possible HTTP1 blocks 2020-09-11 15:37:39 +03:00
Haelwenn (lanodan) Monnier
dbc013f24c
instance: Handle not getting a favicon 2020-09-11 11:37:46 +02:00
Alexander Strizhakov
15aece7238 remove validate_expires_at from enqueue method 2020-09-10 21:52:31 +03:00
Alexander Strizhakov
2c2094d4b2 configurable lifetime for ephemeral activities 2020-09-10 21:51:59 +03:00
Alexander Strizhakov
f24828a3e8 oban warning 2020-09-10 21:51:30 +03:00
Alexander Strizhakov
eb5ff715f7 pin/unpin for activities with expires_at option 2020-09-10 21:50:41 +03:00
Alexander Strizhakov
b3485a6dbf little clean up 2020-09-10 21:50:41 +03:00
Alexander Strizhakov
357d971a10 expiration for new pipeline 2020-09-10 21:50:41 +03:00
Alexander Strizhakov
93e1c8df9d reject activity creation
if passed expires_at option and expiring activities are not configured
2020-09-10 21:50:41 +03:00
Alexander Strizhakov
4981b5a1a3 copyright header 2020-09-10 21:50:41 +03:00
Alexander Strizhakov
629a8de9cb deprecation warning
changed namespace for activity expiration configuration
2020-09-10 21:50:41 +03:00
Alexander Strizhakov
de4c935071 don't expire pinned posts 2020-09-10 21:50:41 +03:00
Alexander Strizhakov
9bf1065a06 schedule activity expiration in Oban 2020-09-10 21:50:40 +03:00
rinpatch
0254696e30 Merge branch 'feature/1790-oban-overuse-clear-oauth-token' into 'develop'
Feature/1790 removing expired tokens through Oban scheduled jobs

See merge request pleroma/pleroma!2957
2020-09-10 18:45:04 +00:00
rinpatch
541a3eede2 Merge branch 'chores/remove-ostatus-fixtures' into 'develop'
Remove OStatus in testsuite

See merge request pleroma/pleroma!2968
2020-09-10 18:41:00 +00:00
rinpatch
53cf7fef6e Merge branch 'fix/streaming-termination-errors' into 'develop'
Fix two pseudo-errors in websocket handler

Closes #2131

See merge request pleroma/pleroma!2982
2020-09-10 18:40:54 +00:00
rinpatch
45c299e5b5 Merge branch '2130-mfa-users-oauth-login-fix' into 'develop'
[#2130] Fixed OAuth OOB authentication for users with enabled MFA

Closes #2130

See merge request pleroma/pleroma!2979
2020-09-10 18:38:48 +00:00
rinpatch
01fa68fe45 Websocket handler: fix never matching code on failed auth
`:cowboy_req.reply` does not return tuples since 2.0, see
https://ninenines.eu/docs/en/cowboy/2.4/manual/cowboy_req.reply/
2020-09-10 21:26:52 +03:00
rinpatch
e16e8f9816 Websocket handler: do not raise if handler is terminated before switching protocols
Closes #2131
2020-09-10 21:14:23 +03:00
rinpatch
cb06e98da2 websocket handler: Do not log client ping frames as errors 2020-09-10 21:14:23 +03:00
Alexander Strizhakov
e8bfb50fa3
pass options without adapter key 2020-09-10 20:09:44 +03:00
Alexander Strizhakov
8af1fd3223
oban warning 2020-09-10 16:01:20 +03:00
Alexander Strizhakov
7dd986a563
expire mfa tokens through Oban 2020-09-10 16:01:19 +03:00
Alexander Strizhakov
3ce658b930
schedule expired oauth tokens deletion with Oban 2020-09-10 16:01:19 +03:00
Ivan Tashkinov
cad69669fc [#2130] Fixed OAuth OOB authentication for users with enabled MFA. 2020-09-09 22:44:38 +03:00
rinpatch
0d2814ec8e Metadata: Move restriction check from Feed provider to activated_providers 2020-09-08 20:21:34 +03:00
Mark Felder
2011142ed9 Use :restrict_unauthenticated testing for more granular control 2020-09-08 20:21:34 +03:00
Mark Felder
a85ed6defb Do not serve RSS/Atom feeds when instance is private 2020-09-08 20:21:34 +03:00
Mark Felder
14d07081fd Feed provider only generates a redirect, so always activate it.
Making this configurable is misleading.
2020-09-08 20:21:34 +03:00
Mark Felder
ff07014b26 Disable providers of user and status metadata when instance is private 2020-09-08 20:21:34 +03:00
Mark Felder
630444ee08 Do not make RelMe metadata provider optional.
There's really no sound reason to turn this off anyway.
2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier
947ee55ae2 user: harden get_friends_query(), get_followers_query() and their wrappers 2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier
16c451f8f1 search: Apply following filter only when user is usable 2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier
10ef532c63 AP C2S: Restrict character limit on Note 2020-09-08 20:21:34 +03:00
Egor Kislitsyn
a781ac6ca5 Fix atom leak in AdminAPIController 2020-09-08 20:21:34 +03:00
Haelwenn (lanodan) Monnier
921f926e96
Remove OStatus in testsuite 2020-09-08 18:43:57 +02:00
Haelwenn (lanodan) Monnier
ee0e05f930
Drop unused "inReplyToAtomUri" in objects 2020-09-08 18:43:57 +02:00
Alexander Strizhakov
87d2805791
combo fixes 2020-09-08 17:40:23 +02:00
Mark Felder
21efda2edb Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into unlisted 2020-09-08 09:31:26 -05:00
rinpatch
0a05670b44 Merge branch 'fix/upload-filter-exiftool-webp' into 'develop'
Skip processing webp image files because we can't strip EXIF

Closes #2080

See merge request pleroma/pleroma!2924
2020-09-08 12:21:33 +00:00
Mark Felder
4ea07f74e9 Revert/simplify.
We only need to check the content-type. There's no chance a webp file
will get mismatched as another image type.
2020-09-08 12:29:38 +03:00
Mark Felder
216c84a8f4 Bypass the filter based on content-type as well in case a webp image is uploaded with the wrong file extension. 2020-09-08 12:29:38 +03:00
Mark Felder
2165a24974 Improve upload filter return values so we can identify when filters make no changes to the input 2020-09-08 12:29:38 +03:00