Haelwenn (lanodan) Monnier
0ac6e29654
static_fe: Sanitize HTML in posts
...
Note: Seems to have different sanitization with TwitterCard generator giving
the following:
<meta content=\"“alert('xss')”\" property=\"twitter:description\">
2020-03-15 20:44:04 +01:00
Ivan Tashkinov
5b696a8ac1
[ #1560 ] Enforced authentication for non-federating instances in StaticFEController.
2020-03-11 14:05:56 +03:00
Mark Felder
05da5f5cca
Update Copyrights
2020-03-03 16:44:49 -06:00
Phil Hagelberg
3c60adbc1f
Support redirecting by activity UUID in static FE as well.
2019-11-13 08:22:11 -08:00
Phil Hagelberg
0867cb083e
Support redirecting by object ID in static FE.
...
This matches the behavior of pleroma-fe better.
Fixes #1412 .
2019-11-13 08:02:02 -08:00
Phil Hagelberg
62f3a93049
For remote notices, redirect to the original instead of 404.
...
We shouldn't treat these like local statuses, but I don't think a 404
is the right choice either here, because within pleroma-fe, these are
valid URLs. So with remote notices you have the awkward situation
where clicking a link will behave differently depending on whether you
open it in a new tab or not; the new tab will 404 if it hits static-fe.
This new redirecting behavior should improve that situation.
2019-11-12 09:40:29 -08:00
Phil Hagelberg
3cc49cdb78
Formatter moved to new module.
2019-11-09 18:30:23 -08:00
Phil Hagelberg
ef7c3bdc7a
Add some further test cases.
...
Including like ... private visibility, cos that's super important.
2019-11-09 18:08:45 -08:00
Phil Hagelberg
4729027f91
Prevent non-local notices from rendering.
2019-11-09 18:08:45 -08:00
Phil Hagelberg
b0080fa730
Render errors in HTML, not with JS.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
e27c61218d
Expand subject content automatically when config is set.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
bfd5d79826
Include metadata in static FE conversations and profiles.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
828259fb65
Catch 404s.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
df2f59be91
Pagination for user profiles.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
8969c5522d
Make many of the improvements suggested in review.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
dc3b87d153
Move static FE routing into its own plug.
...
Previously it was piggybacking on FallbackRedirectController for users
and OStatusController for notices; now it's all in one place.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
c6c706161e
Make sure notice link is remote if the post is remote.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
274cc18e8a
Visually separate header.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
2ac1ece652
Fix a bug where reblogs were displayed under the wrong user.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
5d7c44266b
Change date formatting.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
e4b9784c39
Show counts for replies, likes, and announces for selected notice.
...
Using text instead of an icon, for now.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
93e9c0cedf
Format dates using CommonAPI utils.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
918e1353f6
Add header to profile/notice pages linking to pleroma-fe.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
33a26b61c3
Remove activity/user representer; move logic to controller.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
41fde63def
Get rid of @data in views and use separate fields.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
e944a2213d
Use gettext for sensitive media warning.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
2d1897e8a7
Apply all suggested changes from reviewers.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
cc1b07132f
Notices should show entire thread from context.
2019-11-09 18:07:08 -08:00
Phil Hagelberg
748d800acb
Show images, video, and audio attachments to notices.
2019-11-09 18:07:08 -08:00
Phil Hagelberg
1d8950798c
Fix activity_representer to work with User.get_or_fetch returning tuple.
2019-11-09 18:06:51 -08:00
Phil Hagelberg
e79d8985ab
Don't show 404 in static-fe controller unless it's actually not found.
2019-11-09 18:06:51 -08:00
Phil Hagelberg
c1fc139986
Add permalinks to the static-fe notice rendering.
2019-11-09 18:06:51 -08:00
Phil Hagelberg
d1320160f4
Looks like source_data is on user directly now.
2019-11-09 18:06:51 -08:00
William Pitcock
ca5ef201ef
static fe: add remote follow button
2019-11-09 18:06:51 -08:00
William Pitcock
e2904b5777
static fe: reformat activity representer
2019-11-09 18:06:51 -08:00
William Pitcock
2b5bd5236d
static fe: add user profile rendering
2019-11-09 18:06:51 -08:00
William Pitcock
8f08da750a
static fe: use a generic activity representer to render activities
2019-11-09 18:06:51 -08:00
William Pitcock
ff8d0902f3
static fe: formatting
2019-11-09 18:06:51 -08:00
William Pitcock
a4d3a8ec03
static fe: proof of concept
2019-11-09 18:06:51 -08:00