Commit graph

5847 commits

Author SHA1 Message Date
lain
d4d4b92f75 TimelineController: Only return Create in public timelines. 2020-06-01 13:17:56 +02:00
Haelwenn
e96765df6b Merge branch 'chore/bump-hackney' into 'develop'
mix.lock: update hackney to 1.16.0

Closes 

See merge request 
2020-05-30 15:51:19 +00:00
rinpatch
0cb7b0ea84 hackney adapter helper: support tlsv1.3 and remove custom opts
- partitial_chain is no longer exported, but it seems to be the default anyway.
- The bug that caused sni to not be sent automatically seems to be fixed -
https://github.com/benoitc/hackney/issues/612
2020-05-30 15:36:55 +03:00
lain
b004c427a0 Merge branch 'conversation-pagination' into 'develop'
Conversation pagination

See merge request 
2020-05-30 10:02:37 +00:00
Steven Fuchs
6d4b80822b Conversation pagination 2020-05-30 10:02:37 +00:00
rinpatch
d23b3701d8 Merge branch 'bugfix/csp-unproxied' into 'develop'
http_security_plug.ex: Fix non-proxied media

See merge request 
2020-05-29 21:23:49 +00:00
rinpatch
109af93227 Apply suggestion to lib/pleroma/plugs/http_security_plug.ex 2020-05-29 21:15:07 +00:00
rinpatch
660d49227b Merge branch 'connect-src' into 'develop'
Add blob: to connect-src CSP, fixes 

Closes 

See merge request 
2020-05-29 19:26:54 +00:00
Alex Gleason
d38f28870e
Add blob: to connect-src CSP 2020-05-29 11:08:17 -05:00
lain
219d2b3146 Merge branch 'fix-streaming' into 'develop'
Fix argument error in streamer

See merge request 
2020-05-29 15:42:43 +00:00
81db758e8e Merge branch 'mix/database-vacuum-options' into 'develop'
Database vacuum mix task

See merge request 
2020-05-29 15:33:35 +00:00
kPherox
de0e262839
Fix argument error in streamer
`Repo.exists` can't use `nil` as it is unsafe.
Use parent object instead of activity because currently Announce activity's context is null.
2020-05-30 00:31:18 +09:00
Haelwenn (lanodan) Monnier
da1e31fae3
http_security_plug.ex: Fix non-proxied media 2020-05-29 17:20:09 +02:00
lain
9848978109 Merge branch 'fix-relay-repeat-notification' into 'develop'
Fix relay repeat notification

See merge request 
2020-05-29 10:42:49 +00:00
kPherox
228ff3760e
Use User.is_internal_user? instead 2020-05-29 19:07:05 +09:00
kPherox
9df5b1e6ae
Don't make relay announce notification 2020-05-29 19:06:38 +09:00
rinpatch
396bc69aee Merge branch 'fix/mediaproxy-bypass-emoji' into 'develop'
Fix profile emojis bypassing mediaproxy and harden CSP

Closes 

See merge request 
2020-05-29 09:46:31 +00:00
rinpatch
27180611df HTTP Security plug: make starting csp string generation more readable 2020-05-29 12:32:48 +03:00
lain
f6ddf0cc50 Merge branch 'feature/1792-update-actor-type' into 'develop'
Validate actor type

See merge request 
2020-05-28 16:58:28 +00:00
Mark Felder
30f96b19c1 Abstract out the database maintenance. I'd like to use this from AdminFE too. 2020-05-27 16:40:51 -05:00
Mark Felder
95f6240889 Fix minor spelling error 2020-05-27 14:34:37 -05:00
rinpatch
29ff6d414b HTTP security plug: Harden img-src and media-src when MediaProxy is enabled 2020-05-27 21:41:19 +03:00
rinpatch
455a402c8a HTTP Security plug: rewrite &csp_string/0
- Directives are now separated with ";" instead of " ;",
according to https://www.w3.org/TR/CSP2/#policy-parsing
the space is optional
- Use an IO list, which at the end gets converted to a binary as
opposed to ++ing a bunch of arrays with binaries together and joining
them to a string. I doubt it gives any significant real world advantage,
but the code is cleaner and now I can sleep at night.
- The static part of csp is pre-joined to a single binary at compile time.
Same reasoning as the last point.
2020-05-27 21:31:47 +03:00
rinpatch
8f6d428880 AccountView: Use mediaproxy URLs for emojis
Also use atom keys in emoji maps instead of binaries

Closes 
2020-05-27 19:44:02 +03:00
kPherox
48fd9be65a
Exclude post actor from to of relay announce 2020-05-27 23:51:15 +09:00
rinpatch
d35be02e70 Merge branch 'refactor-add-mention-step-one' into 'develop'
Fix ObjectView calling into strange functions

Closes 

See merge request 
2020-05-27 14:17:12 +00:00
rinpatch
91f73a7592 Merge branch 'notification-fixes' into 'develop'
Notification performance fixes

See merge request 
2020-05-27 13:45:14 +00:00
Alexander Strizhakov
047a11c48f Apply suggestion to lib/pleroma/web/admin_api/controllers/admin_api_controller.ex 2020-05-27 10:55:42 +00:00
lain
b8e029b5ea Notification: Actually preload objects. 2020-05-27 12:41:06 +02:00
lain
b9e2678b9e Merge branch 'fav-speedup' into 'develop'
ActivityPub: Change ordering to `nulls last` in favorites query

See merge request 
2020-05-27 08:02:00 +00:00
lain
7e13200869 ActivityPub: Change ordering to nulls last in favorites query
This makes it use our existing index and speeds up the query.
2020-05-27 09:46:12 +02:00
Alexander Strizhakov
3249141588
validate actor type 2020-05-27 10:14:22 +03:00
rinpatch
cf139b06a3 Merge branch 'fav-speedup' into 'develop'
Fix favorites query performance

See merge request 
2020-05-26 16:33:13 +00:00
rinpatch
3601c0015c Merge branch '1808-pleroma-sucks' into 'develop'
Resolve "Don't fail message ingestions when we can't update a user"

Closes 

See merge request 
2020-05-26 15:57:01 +00:00
rinpatch
ed08da9135 Merge branch '1813-throttling' into 'develop'
Mastodon API Controllers: Use the correct params for rate limiting.

Closes 

See merge request 
2020-05-26 15:55:09 +00:00
lain
d8d99fd4cf Activity.Queries: Use correct actor restriction. 2020-05-26 17:46:16 +02:00
Egor Kislitsyn
2069ec5006
Fix Oban warnings 2020-05-26 16:11:42 +04:00
lain
51bc6674f6 Mastodon API Controllers: Use the correct params for rate limiting. 2020-05-26 13:45:54 +02:00
Ivan Tashkinov
d7a57004ef [] Made user feed contain public and unlisted activities. 2020-05-25 23:27:47 +03:00
lain
6bd7070b00 Transmogrifier: Use a simpler way to get mentions. 2020-05-25 15:08:43 +02:00
lain
5fef405208 User: Change signature of get_users_from_set 2020-05-25 15:06:35 +02:00
lain
f20dff451e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into 1808-pleroma-sucks 2020-05-25 14:01:16 +02:00
lain
ec470c4c77 Merge branch 'openapi/admin/status' into 'develop'
Add OpenAPI spec for AdminAPI.StatusController

See merge request 
2020-05-25 11:40:54 +00:00
lain
d0c26956da User: Don't error out if we want to refresh a user but can't 2020-05-25 12:46:14 +02:00
rinpatch
7bc2ec0aa2 Merge branch 'mastodon-migration-compat' into 'develop'
Add compatibility routes for converted mastodon instances

Closes 

See merge request 
2020-05-24 19:05:57 +00:00
lain
ddbbefeb2e Merge branch 'feature/configure-filename-truncate' into 'develop'
Configurable filename truncation threshold

Closes 

See merge request 
2020-05-22 16:05:35 +00:00
Roman Chvanikov
5d60b25e69 Apply suggestion to lib/pleroma/web/common_api/utils.ex 2020-05-22 15:44:10 +00:00
Roman Chvanikov
cc82229ba7 Add filename_display_max_length config 2020-05-22 18:19:25 +03:00
lain
91c8467582 OStatusController: Add Mastodon activity compat route. 2020-05-22 17:11:59 +02:00
lain
355aa3bdc7 ActivityPubController: Add Mastodon activity compat route. 2020-05-22 17:06:12 +02:00