William Pitcock
784b3a615d
utils: fix another possible leak with private S3 backends using mediaproxy
...
same rationale as the other mediaproxy changes
2018-10-29 17:26:15 +00:00
William Pitcock
181f3bb56a
mastodon api: enforce upload limits for avatars and banners
2018-10-29 16:43:05 +00:00
William Pitcock
e12489e2fe
twitter api: enforce upload limits for avatars, banners and backgrounds
2018-10-29 16:43:05 +00:00
William Pitcock
167d3789a5
activitypub: upload: pass through an upload limit if one is provided
2018-10-29 16:43:05 +00:00
William Pitcock
5c6ec2d9fc
twitter/mastodon api: always use mediaproxy URLs in attachments
...
if using local media, the mediaproxy will not replace the URL anyway.
2018-10-29 15:19:32 +00:00
William Pitcock
72ea54de6e
activitypub: fix possible false positives with broken thread filtering
2018-10-28 05:45:33 +00:00
William Pitcock
26eb11c172
activitypub: add support for filtering broken threads out of timelines
2018-10-26 06:16:51 +00:00
William Pitcock
f6cb963df2
activitypub utils: fix recipient check when the message is unaddressed (mastodon)
2018-10-26 01:24:22 +00:00
Haelwenn (lanodan) Monnier
7906dfe5a0
[Pleroma.Web.Nodeinfo.NodeinfoController]: Simplify features strings
2018-10-26 01:06:34 +02:00
Haelwenn (lanodan) Monnier
57330dd91b
[Pleroma.Web.Nodeinfo.NodeinfoController]: Have a list of supported features
2018-10-26 01:06:19 +02:00
William Pitcock
ce70eb8c00
activitypub utils: fix user splicing
2018-10-25 05:24:01 +00:00
William Pitcock
2f1f1a4f30
activitypub: splice users into recipient lists when they receive messages at their personal inbox
...
closes #343
2018-10-25 05:02:21 +00:00
kaniini
9e9b1bd5ea
Merge branch 'bugfix/ap-uri-user-search' into 'develop'
...
transmogrifier: do not try to contain origin of something which doesn't have one
Closes #340
See merge request pleroma/pleroma!389
2018-10-25 04:38:46 +00:00
Haelwenn
79b1e4465f
Merge branch 'bugfix/233-handle-missing-StatusView' into 'develop'
...
[Pleroma.Web.MastodonAPI.StatusView]: Add fallback on missing handler for status.json
Closes #233
See merge request pleroma/pleroma!257
2018-10-25 04:35:29 +00:00
William Pitcock
5383887bd4
transmogrifier: do not try to contain origin of something which doesn't have one
2018-10-25 04:27:33 +00:00
Haelwenn (lanodan) Monnier
b386888a0e
[Pleroma.Web.MastodonAPI.MastodonAPIController]: fallback for try_render/4
...
Better be sure than sorry
2018-10-25 06:21:11 +02:00
William Pitcock
1ed25c963a
twitterapi: activity view: add the other in_reply_to fields
2018-10-25 04:04:04 +00:00
Haelwenn (lanodan) Monnier
b112112c11
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Wrap around render/4
2018-10-25 05:52:45 +02:00
Haelwenn (lanodan) Monnier
b0a940d5a2
[Pleroma.Web.MastodonAPI.StatusView]: Remove unused arguments
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
2da0ffeb28
lib/pleroma/web/mastodon_api/mastodon_api_controller.ex: Output an error when render(status.json) gives a nil
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
0c10be8731
[Pleroma.Web.MastodonAPI.StatusView]: Remove nils from lists.json
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
3b0e9287a5
[Pleroma.Web.MastodonAPI.StatusView]: Return nil as fallback for missing views
2018-10-25 05:24:01 +02:00
William Pitcock
fee43ae5e7
twitterapi: activity view: implement in_reply_to_screen_name using the new graph walking helper
2018-10-25 02:59:04 +00:00
scarlett
a253c1466e
New frontend options
2018-10-21 12:52:52 +01:00
AkiraFukushima
e8c698af41
Add an endpoint /api/v1/accounts/:id/lists to get lists to which account belongs
2018-10-19 01:46:26 +09:00
scarlett
7562912f6a
Use maybe_direct_follow for follow imports
2018-10-17 04:16:11 +01:00
William Pitcock
30efa86c05
common api: enable tag linking in markdown mode
2018-10-14 20:36:11 +00:00
Haelwenn (lanodan) Monnier
eacab0fb05
Delete Tokens and Authorizations on password change
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/320
2018-10-14 02:14:54 +02:00
William Pitcock
111841ad34
common api: take the combination of the subject and content for length limit enforcement
...
closes #315
2018-10-10 07:53:44 +00:00
William Pitcock
08d5ad71b6
nodeinfo: allow opting out of MRF transparency
2018-10-07 01:23:38 +00:00
William Pitcock
7b3fff9af8
{mastodon api, twitter api}: make the follow handshake timeout configurable
2018-10-07 01:05:59 +00:00
William Pitcock
7f530f6f80
mastodon api: relationship view: better handle no pre-existing follow activity
2018-10-05 23:50:13 +00:00
William Pitcock
e69faf550c
user: add wait_and_refresh() for async three-way handshake case
2018-10-05 23:40:49 +00:00
William Pitcock
3e751496e3
mastodon api: account view: fetch follow state and use it to populate requested
field
2018-10-05 23:31:49 +00:00
William Pitcock
a71b822013
activitypub: always track following state for async reasons
2018-10-05 23:31:00 +00:00
William Pitcock
8ce217776d
activitypub transmogrifier: better manage follow state
2018-10-05 23:30:34 +00:00
William Pitcock
bd76d9cee6
nodeinfo: add accepted post formats to metadata
2018-10-05 21:05:37 +00:00
William Pitcock
285ac80c36
config: allow for accepted post formats to be configured
2018-10-05 21:02:17 +00:00
William Pitcock
16307da311
twitterapi: frontend config: add formattingOptionsEnabled
2018-10-05 20:49:34 +00:00
William Pitcock
b1be9415ef
Revert "Merge branch 'revert-a26d5e6b' into 'develop'"
...
This reverts commit d31bbb1cfe
, reversing
changes made to 340ab3cb90
.
2018-10-05 20:49:34 +00:00
Haelwenn (lanodan) Monnier
f2efc8dcfb
nodeinfo_controller: Fix JSON rendering
...
This is the last noedinfo difference from my own branch
2018-10-05 22:32:53 +02:00
Haelwenn (lanodan) Monnier
28651df478
MRF Transparency
2018-10-05 20:09:08 +02:00
Haelwenn (lanodan) Monnier
56d31db130
Pleroma.Web.Nodeinfo.NodeinfoController: Further transparency, breaks API of previous one
2018-10-05 20:08:55 +02:00
Haelwenn (lanodan) Monnier
8226953f1d
[Pleroma.Web.Nodeinfo.NodeinfoController]: Transparency on MRF Simple
2018-10-05 20:02:13 +02:00
kaniini
4f03bb2299
Merge branch 'bugfix/fix-mrf-reject-match' into 'develop'
...
activitypub: fix error condition match
See merge request pleroma/pleroma!365
2018-09-30 05:32:56 +00:00
William Pitcock
4db1bc2c0e
activitypub: fix error condition match
2018-09-30 05:26:13 +00:00
Haelwenn
34b6d444d6
Merge branch 'feature/twitter_api/fields' into 'develop'
...
[Pleroma.Web.TwitterAPI.UserView]: Add mastodon-fields in "fields"
See merge request pleroma/pleroma!360
2018-09-28 09:25:27 +00:00
Haelwenn (lanodan) Monnier
82b57ebad1
[Pleroma.Web.TwitterAPI.UserView]: Add mastodon-fields in "fields"
2018-09-28 10:44:45 +02:00
William Pitcock
707077edde
activitypub: don't fall back to OStatus fetching when MRF rejects an object
2018-09-28 00:45:10 +00:00
William Pitcock
5c312ad677
activitypub inbox: only accept unsigned/invalid-signature relayed creates, nothing else
...
although the previous handling assumed any unsigned/invalid signature message was a Create,
lets make it more explicit
2018-09-28 00:03:59 +00:00
Haelwenn (lanodan) Monnier
c739737998
transmogrifier: get_actor called without casting attributedTo in actor and actor is nil
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
9446b02bdf
transmogrifier: Just make attachement maps into a list and reroll
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
e53da692fb
transmogrifier: Use the correct variable and prefer inspect in case of a bad type being passed on
2018-09-27 20:00:48 +02:00
William Pitcock
d830a243a3
transmogrifier: more robustly handle dereferencing pointer URIs
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
4c3a80de96
transmogrifier: Use oneliners when applicable
2018-09-27 20:00:47 +02:00
William Pitcock
ed8dfa3029
transmogrifier: reformat cond
block by hand
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
eebe33e86a
transmogrifier: Add support for array-less hashtags, add broken announce, harden get_actor
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
f3291acc91
transmogrifier: pro-actively add support for Hashtag without array in tag
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
22927f3a34
transmogrifier: Use a cond, add proactive support for arrays
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
0aac72f1d3
[Pleroma.Web.ActivityPub.Transmogrifier]: quick fix when tag is a Map
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
28e8a8ab36
[Pleroma.Web.ActivityPub.Transmogrifier]: fix emoji in tag when it’s not in a array [kroeg]
...
Also simplified the code for name trimming.
And not copying the Map.merge part as it looks buggy.
See: https://queer.hacktivis.me/objects/a9f21ebc-9a12-4a6c-89d5-3d46955c6ee8
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
f8a0cb9c0b
[Pleroma.Web.ActivityPub.Transmogrifier]: fix when attachment contain is just a Map [kroeg]
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
a4abb124ea
[Pleroma.Web.ActivityPub.Transmogrifier]: Fix when inReplyTo is a inlined post [kroeg]
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
523757be52
[Pleroma.Web.ActivityPub.ActivityPub]: Harden getting endpoints [kroeg]
2018-09-27 20:00:45 +02:00
William Pitcock
56577d8b48
twitter api: add no_rich_text option to userview for account prefs
2018-09-22 03:24:40 +00:00
William Pitcock
df00a364fb
mastodon api: formatting
2018-09-22 02:53:04 +00:00
William Pitcock
c2b69798dd
twitter api: add support for disabling rich text
2018-09-22 02:53:02 +00:00
William Pitcock
958e085acb
mastodon api: add support for user-supplied html policy
2018-09-22 02:53:02 +00:00
William Pitcock
2f5b026548
twitter api: add support for user-specified html policy
2018-09-22 02:53:01 +00:00
kaniini
0fe165165f
Merge branch 'task-204-on-options-request' into 'develop'
...
Return 204 response on options request
See merge request pleroma/pleroma!347
2018-09-20 23:54:51 +00:00
Haelwenn (lanodan) Monnier
40c51f118f
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.5.0
2018-09-20 16:48:12 +02:00
Haelwenn (lanodan) Monnier
f74725df41
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Remove unused variables
2018-09-20 16:37:18 +02:00
Haelwenn (lanodan) Monnier
33a1e92584
[Pleroma.Web.Router]: Fake /api/v1/endorsements
2018-09-20 16:25:07 +02:00
Haelwenn (lanodan) Monnier
a8eaecadee
[Pleroma.Web.MastodonAPI.AccountView]: relationship.json: fake endorsed value (false)
2018-09-20 16:24:29 +02:00
Haelwenn (lanodan) Monnier
43d0b7bf7a
[Pleroma.Web.MastodonAPI.StatusView] add replies_count
2018-09-20 16:10:46 +02:00
William Pitcock
c9585ec007
twitter api: fix mimetype fallback when attachments use a URI instead of a URL object
2018-09-19 04:59:26 +00:00
William Pitcock
0cac493fdc
mastodon api: default attachment type to image if one is not present
2018-09-19 04:59:25 +00:00
Martin Kühl
f4fcea5258
Revert "Mastodon API: Fake support for loading filters"
...
This reverts commit c1d07da4e1
.
The fake support was superseded by 6e030129fb
which actually implements the faked filters API.
This change removes the fake support and ensures that the actual implementation is used.
2018-09-18 11:59:10 +02:00
Dominique Feyer
9b0f2d572b
Return 204 response on options request
2018-09-17 12:21:01 +02:00
William Pitcock
342ed84446
MRF: add policy for normalizing HTML markup (local and remote) to a specific policy
2018-09-16 01:25:36 +00:00
kaniini
c2650f0ffb
Merge branch 'feature/html-scrub-policy' into 'develop'
...
html scrub policy
See merge request pleroma/pleroma!339
2018-09-16 01:05:09 +00:00
39aed5348a
Add visible_in_picker to status emojis
2018-09-10 23:32:19 +00:00
William Pitcock
d3248e13e3
activitypub: transmogrifier: allow profile updates from bots
2018-09-10 01:57:03 +00:00
William Pitcock
e0b8c0ccba
MRF: reject non-public: use pattern match to remove unnecessary if block
2018-09-10 01:16:03 +00:00
William Pitcock
88094c266d
MRF: simple policy: refactor module to use guards and pattern matching
2018-09-10 01:16:02 +00:00
William Pitcock
97253df3ee
MRF: simple policy: contain media removal/nsfw ops to create activities only
2018-09-10 01:16:01 +00:00
William Pitcock
e82ce2a4b3
formatting
2018-09-10 00:28:40 +00:00
William Pitcock
ac486fc59b
everywhere: use Pleroma.HTML module instead of HtmlSanitizeEx directly
2018-09-10 00:14:47 +00:00
Dominique Feyer
801d645c6b
TASK: Fix formatting
2018-09-09 23:42:28 +02:00
Dominique Feyer
b79c126ee0
Add missing URL encoding in create authorization redirect
2018-09-09 23:31:47 +02:00
Hakaba Hitoyo
4e1bb7bccb
make limit for /api/v1/suggestions
2018-09-09 13:57:23 +09:00
lambda
045953225e
Merge branch 'moonman/pleroma-sha512-crypt' into 'develop'
...
auth overhaul and legacy GS auth
See merge request pleroma/pleroma!331
2018-09-08 09:20:34 +00:00
kaniini
530561a091
Merge branch 'add-secure-and-samesite-cookie-flags' into 'develop'
...
Add Secure and SameSite cookie flags
See merge request pleroma/pleroma!302
2018-09-07 23:55:42 +00:00
Martin Kühl
c1d07da4e1
Mastodon API: Fake support for loading filters
2018-09-07 16:12:44 +02:00
Martin Kühl
619f67768a
Mastodon API: Add unsupported attributes to relationship responses
...
These attributes are documented as required by the Mastodon API.
Since we don’t support them (I think?), respond with default values.
2018-09-07 16:12:44 +02:00
lain
70163aec9b
Add LegacyAuthenticationPlug to router.
2018-09-05 22:31:57 +02:00
lain
3aba585e7a
Add Plugs to router.
2018-09-05 21:57:56 +02:00
Haelwenn
4a3dbd9d4e
Merge branch 'fix/sign-in-with-toot' into 'develop'
...
Fix sign-in and sign-out with Toot!
See merge request pleroma/pleroma!306
2018-09-05 18:20:26 +00:00
lain
636ad3e155
Add new plugs to router.
2018-09-05 19:13:53 +02:00
kaniini
76c67a41c1
Merge branch 'develop' into 'feature/staff-discovery-api'
...
# Conflicts:
# lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
2018-09-03 14:55:42 +00:00
William Pitcock
9a21ff5f61
nodeinfo: add staffAccounts field to metadata
2018-09-03 14:48:31 +00:00
kaniini
1c9e539b47
Merge branch 'feature/mastodon_api_2.4.x' into 'develop'
...
Add/Fix Mastodon endpoints for 2.4.3 compatibility
See merge request pleroma/pleroma!266
2018-09-03 12:33:36 +00:00
Hakaba Hitoyo
b1124f1605
report chat and gopher support at /nodeinfo/2.0.json
2018-09-03 21:13:30 +09:00
35515cfa66
Update mastodon_api_controller.ex
2018-09-03 01:58:55 +00:00
26f8697400
Update mastodon_api_controller.ex
2018-09-03 01:52:02 +00:00
2b2bd0e047
Render notification IDs as strings, not numbers
2018-09-03 01:40:05 +00:00
kaniini
b7923aa304
Merge branch 'hotfix_broken_likes' into 'develop'
...
hotfix for broken like completely breaking the notifications API
See merge request pleroma/pleroma!284
2018-09-02 12:37:00 +00:00
kaniini
3c7280934e
Merge branch 'security/activitypub-spoofing' into 'develop'
...
security: activitypub spoofing
See merge request pleroma/pleroma!321
2018-09-01 23:48:55 +00:00
William Pitcock
03e92977cb
transmogrifier: fix peertube/plume actor handling
2018-09-01 23:44:19 +00:00
William Pitcock
0b2c051a04
activitypub: fix possibility of spoofing by containing remote objects to the same domain as their actor
2018-09-01 23:20:02 +00:00
William Pitcock
e2ce0e9e05
run mix format
.
2018-09-01 21:12:42 +00:00
Martin Kühl
84d84e4ca4
OAuth: Support /revoke endpoint for revoking tokens
...
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
Martin Kühl
ad2a7972e7
OAuth: Set created_at
in token exchange response
...
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
Martin Kühl
b60d232719
AccountView: sensitive
is supposed to be a boolean, not a string
2018-09-01 23:10:48 +02:00
William Pitcock
c921d99898
config: add ability to disable Pleroma FE config management ( closes #276 )
2018-09-01 21:05:32 +00:00
kaniini
2e2f458705
Merge branch 'lanodan/code-dup_in_mastoapi_search' into 'develop'
...
Clean code duplication in MastoAPI search(v1/v2)
See merge request pleroma/pleroma!316
2018-09-01 09:12:59 +00:00
Will Pearson
0c2a0e3551
Specify default scope in verify_credentials
...
Certain Mastodon/Pleroma front ends call verify_credentials to get the
default scope of a new toot.
Currently, Pleroma hardcodes this value to "public".
This patch changes it to the user's default_scope value.
2018-08-31 21:04:46 -07:00
Haelwenn (lanodan) Monnier
8885d16e1b
[Pleroma.Web.MastodonAPI.MastodonAPIController].search(2)?: Remove code duplication
2018-09-01 03:11:58 +02:00
lambda
58539e1357
Revert "Merge branch 'feature/rich-text' into 'develop'"
...
This reverts merge request !309
2018-08-31 09:51:20 +00:00
William Pitcock
856b5e1ca4
config: chase pleroma-fe updates from MR pleroma-fe!324.
2018-08-31 04:01:21 +00:00
kaniini
a26d5e6b2a
Merge branch 'feature/rich-text' into 'develop'
...
rich text support
See merge request pleroma/pleroma!309
2018-08-31 03:41:00 +00:00
William Pitcock
6aa65b68b8
common api: add support for formatting messages outside of twitter-style plain text
2018-08-31 03:13:59 +00:00
kaniini
e838969495
Merge branch 'use-media-proxy-in-suggestions-api' into 'develop'
...
use media proxy for the suggestions api
See merge request pleroma/pleroma!305
2018-08-30 23:06:30 +00:00
kaniini
65e8d47cfb
Merge branch 'backendhack' into 'develop'
...
Flexible Storage Backends
See merge request pleroma/pleroma!304
2018-08-30 23:05:01 +00:00
William Pitcock
29b5e30c46
activity: drop recipients_to/recipients_cc fields
2018-08-29 18:41:02 +00:00
William Pitcock
de9acebbf3
activitypub: use jsonb query for containment instead of recipients_to/recipients_cc.
2018-08-29 18:41:02 +00:00
href
ddc6f32b75
Fix Mastodon API when actor's nickname is null
2018-08-29 16:32:50 +02:00
William Pitcock
cce9d008f9
streamer: contain list updates in the same way as we do with the database query
2018-08-29 09:23:05 +00:00
William Pitcock
ded9091206
mastodon api: use bounded AP object graph query to enforce containment of private statuses
2018-08-29 08:51:51 +00:00
William Pitcock
643fae6e36
activitypub: allow querying the activity/object graph bounded to a specific to/cc set
2018-08-29 08:51:23 +00:00
William Pitcock
81673b8136
activity: add recipients_to and recipients_cc fields
2018-08-29 08:42:33 +00:00
shibayashi
18ad8aaecf
Explicitly set 'http_only' to true
2018-08-28 22:34:31 +02:00
shibayashi
4656a07e9e
Set SameSite flag to 'Strict'
2018-08-28 14:03:29 +02:00
Hakaba Hitoyo
6cbfb5ab5d
use media proxy for suggestions api
2018-08-28 17:01:17 +09:00
Thurloat
0df558a6a5
cleaning up a bit.
2018-08-27 22:45:53 -03:00
shibayashi
0c4493f144
Fix formatting
2018-08-28 00:47:34 +02:00
shibayashi
b9a642da1e
Add Secure and SameSite cookie flags
2018-08-28 00:40:58 +02:00
Henry Jameson
0f1c629d65
better solution, added test.
2018-08-27 17:07:26 +03:00
Haelwenn (lanodan) Monnier
6973b77e94
[Pleroma.Web.MastodonAPI.FilterView] fix expires_at being a unsafe variable
2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier
9bddb39ff0
[Pleroma.Web.MastodonAPI.FilterView]: expires_at should be null when N/A
2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier
d571a571fe
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.4.3
2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier
6e030129fb
[MastodonAPI] Add filters
2018-08-27 15:09:05 +02:00
Haelwenn (lanodan) Monnier
a5adb251ab
[Pleroma.Web.MastodonAPI.AccountView]: Add fields support
2018-08-27 15:09:05 +02:00
Haelwenn (lanodan) Monnier
d008f2d69c
[Pleroma.Web.MastodonAPI.AccountView]: Add bot field
2018-08-27 15:09:04 +02:00
Haelwenn (lanodan) Monnier
97e20d2932
[MastodonAPI] the tag field isn’t fixed to a static type in pleroma
2018-08-27 15:08:25 +02:00
Haelwenn (lanodan) Monnier
83efaa3af6
[MastodonAPI] Add streaming of hashtags
2018-08-27 15:08:25 +02:00
lambda
46c7c2380c
Merge branch 'feature/relay' into 'develop'
...
message relay
Closes #144
See merge request pleroma/pleroma!264
2018-08-27 08:29:25 +00:00
lambda
440b459cd1
Merge branch 'bugfix/announce-timeline-flooding' into 'develop'
...
activitypub: filter destination list for announce activities differently than normal (closes #164 )
Closes #164
See merge request pleroma/pleroma!227
2018-08-27 08:25:27 +00:00
kaniini
63094cfd3e
Merge branch 'feature/emoji-in-local-users' into 'develop'
...
Add emoji to local user profiles.
Closes #202
See merge request pleroma/pleroma!271
2018-08-26 23:24:41 +00:00
William Pitcock
bc3c30430e
fix formatting
2018-08-26 22:46:25 +00:00