akkoma/lib/pleroma/web
Haelwenn (lanodan) Monnier 1257331291
MastodonAPI.StatusView: Do not use site_name
site_name allow to spoof the origin of the domain and so hacks like:

<!-- served on https://hacktivis.me/tmp/joinmastodon.org.html -->
<meta property="og:image" content="https://hacktivis.me/datalove/img/meme/pleroma/mastodon%2C%20forbidden%20amuse%20yourself.jpeg" />
<meta property="og:title" content="Mastodon: Forbidden Amuse Yourself" />
<meta property="og:site_name" content="joinmastodon.org" />
<meta http-equiv="refresh" content="0; url=http://joinmastodon.org/">
2020-02-15 00:36:09 +01:00
..
activity_pub Revert "Merge branch 'feat/floki-fasthtml' into 'develop'" 2020-02-11 16:55:18 +00:00
admin_api removing confusing error 2020-02-06 12:50:36 +03:00
auth constants: add as_public constant and use it everywhere 2019-07-29 02:43:19 +00:00
channels Use User.get_cached* everywhere 2019-04-22 07:20:43 +00:00
common_api Fix the confusingly named and inverted logic of "no_attachment_links" 2020-02-11 15:39:19 -06:00
federator Set log level to debug for not important messages 2019-12-11 17:47:19 +07:00
feed Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/tag_feed 2020-01-28 17:06:36 +01:00
mailer Fix Credo warnings 2019-04-20 19:57:43 +07:00
mastodon_api MastodonAPI.StatusView: Do not use site_name 2020-02-15 00:36:09 +01:00
media_proxy Fix/mediaproxy whitelist base url 2019-08-02 17:07:09 +00:00
metadata Revert "Merge branch 'feat/floki-fasthtml' into 'develop'" 2020-02-11 16:55:18 +00:00
mongooseim New rate limiter 2019-11-11 12:13:06 +00:00
nodeinfo NodeInfo: Fix federating status not being reported when MRF 2020-02-13 19:53:39 +03:00
oauth Merge branch 'develop' into issue/1383 2020-01-27 08:48:19 +03:00
ostatus OStatus controller: don't serve json at /notice/, redirect instead 2019-11-25 17:55:17 +03:00
pleroma_api/controllers EmojiReactions: Add Mastodon-aligned reaction endpoints, change response 2020-02-07 14:52:13 +01:00
push Merge branch 'develop' into issue/1342 2019-12-05 15:46:27 +03:00
rich_media Revert "Merge branch 'feat/floki-fasthtml' into 'develop'" 2020-02-11 16:55:18 +00:00
static_fe Support redirecting by activity UUID in static FE as well. 2019-11-13 08:22:11 -08:00
streamer Streamer: Correctly handle reblog mutes 2020-01-28 16:40:44 +01:00
templates added atom feed 2020-01-24 22:12:23 +03:00
twitter_api Merge branch 'develop' into issue/1354 2020-01-12 12:12:15 -06:00
views Merge remote-tracking branch 'remotes/upstream/develop' into 1304-user-info-deprecation 2019-10-20 20:43:18 +03:00
web_finger webfinger: stop pulling Salmon data out of WebFinger 2019-10-18 14:50:09 +00:00
xml
chat_channel.ex ChatChannel: Ignore messages that are too long. 2019-12-04 12:48:34 +01:00
controller_helper.ex add tag feeds 2019-12-18 09:19:37 +03:00
endpoint.ex Actually fix upload limit on OTP releases 2020-02-07 20:14:06 +03:00
fallback_redirect_controller.ex [#1097] added redirect: /pleroma/admin -> /pleroma/admin/ 2019-07-26 20:27:38 +00:00
gettext.ex
masto_fe_controller.ex [#2068] Introduced proper OAuth tokens usage to controller tests. 2019-12-19 17:23:27 +03:00
metadata.ex Use object instead of activity for metadata 2019-01-18 09:32:52 +03:00
oauth.ex Refactoring functions for dealing with oauth scopes. 2019-05-08 10:52:13 +00:00
rel_me.ex Revert "Merge branch 'feat/floki-fasthtml' into 'develop'" 2020-02-11 16:55:18 +00:00
router.ex EmojiReactions: Remove old API endpoints 2020-02-07 15:01:45 +01:00
translation_helpers.ex Discard identifier, if empty 2019-10-01 19:43:22 +03:00
uploader_controller.ex tests for Uploader with webhook 2019-07-18 12:30:18 +00:00
web.ex Revert "Parallelize template rendering" 2019-09-10 22:01:45 +03:00