Commit graph

6077 commits

Author SHA1 Message Date
rinpatch
29ff6d414b HTTP security plug: Harden img-src and media-src when MediaProxy is enabled 2020-05-27 21:41:19 +03:00
rinpatch
455a402c8a HTTP Security plug: rewrite &csp_string/0
- Directives are now separated with ";" instead of " ;",
according to https://www.w3.org/TR/CSP2/#policy-parsing
the space is optional
- Use an IO list, which at the end gets converted to a binary as
opposed to ++ing a bunch of arrays with binaries together and joining
them to a string. I doubt it gives any significant real world advantage,
but the code is cleaner and now I can sleep at night.
- The static part of csp is pre-joined to a single binary at compile time.
Same reasoning as the last point.
2020-05-27 21:31:47 +03:00
rinpatch
8f6d428880 AccountView: Use mediaproxy URLs for emojis
Also use atom keys in emoji maps instead of binaries

Closes #1810
2020-05-27 19:44:02 +03:00
rinpatch
d35be02e70 Merge branch 'refactor-add-mention-step-one' into 'develop'
Fix ObjectView calling into strange functions

Closes #1807

See merge request pleroma/pleroma!2580
2020-05-27 14:17:12 +00:00
rinpatch
91f73a7592 Merge branch 'notification-fixes' into 'develop'
Notification performance fixes

See merge request pleroma/pleroma!2595
2020-05-27 13:45:14 +00:00
lain
b8e029b5ea Notification: Actually preload objects. 2020-05-27 12:41:06 +02:00
lain
b9e2678b9e Merge branch 'fav-speedup' into 'develop'
ActivityPub: Change ordering to `nulls last` in favorites query

See merge request pleroma/pleroma!2594
2020-05-27 08:02:00 +00:00
lain
7e13200869 ActivityPub: Change ordering to nulls last in favorites query
This makes it use our existing index and speeds up the query.
2020-05-27 09:46:12 +02:00
rinpatch
cf139b06a3 Merge branch 'fav-speedup' into 'develop'
Fix favorites query performance

See merge request pleroma/pleroma!2591
2020-05-26 16:33:13 +00:00
rinpatch
3601c0015c Merge branch '1808-pleroma-sucks' into 'develop'
Resolve "Don't fail message ingestions when we can't update a user"

Closes #1808

See merge request pleroma/pleroma!2576
2020-05-26 15:57:01 +00:00
rinpatch
ed08da9135 Merge branch '1813-throttling' into 'develop'
Mastodon API Controllers: Use the correct params for rate limiting.

Closes #1813

See merge request pleroma/pleroma!2586
2020-05-26 15:55:09 +00:00
lain
d8d99fd4cf Activity.Queries: Use correct actor restriction. 2020-05-26 17:46:16 +02:00
Egor Kislitsyn
2069ec5006
Fix Oban warnings 2020-05-26 16:11:42 +04:00
lain
51bc6674f6 Mastodon API Controllers: Use the correct params for rate limiting. 2020-05-26 13:45:54 +02:00
Ivan Tashkinov
d7a57004ef [#1501] Made user feed contain public and unlisted activities. 2020-05-25 23:27:47 +03:00
lain
6bd7070b00 Transmogrifier: Use a simpler way to get mentions. 2020-05-25 15:08:43 +02:00
lain
5fef405208 User: Change signature of get_users_from_set 2020-05-25 15:06:35 +02:00
lain
f20dff451e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into 1808-pleroma-sucks 2020-05-25 14:01:16 +02:00
lain
ec470c4c77 Merge branch 'openapi/admin/status' into 'develop'
Add OpenAPI spec for AdminAPI.StatusController

See merge request pleroma/pleroma!2566
2020-05-25 11:40:54 +00:00
lain
d0c26956da User: Don't error out if we want to refresh a user but can't 2020-05-25 12:46:14 +02:00
rinpatch
7bc2ec0aa2 Merge branch 'mastodon-migration-compat' into 'develop'
Add compatibility routes for converted mastodon instances

Closes #1797

See merge request pleroma/pleroma!2572
2020-05-24 19:05:57 +00:00
lain
ddbbefeb2e Merge branch 'feature/configure-filename-truncate' into 'develop'
Configurable filename truncation threshold

Closes #1799

See merge request pleroma/pleroma!2573
2020-05-22 16:05:35 +00:00
Roman Chvanikov
5d60b25e69 Apply suggestion to lib/pleroma/web/common_api/utils.ex 2020-05-22 15:44:10 +00:00
Roman Chvanikov
cc82229ba7 Add filename_display_max_length config 2020-05-22 18:19:25 +03:00
lain
91c8467582 OStatusController: Add Mastodon activity compat route. 2020-05-22 17:11:59 +02:00
lain
355aa3bdc7 ActivityPubController: Add Mastodon activity compat route. 2020-05-22 17:06:12 +02:00
lain
8a4bd9e5d1 OStatusController: Add Mastodon compatibility route for objects. 2020-05-22 16:47:22 +02:00
rinpatch
1fa7aa9fc5 Merge branch 'emoji-react-better-errors' into 'develop'
EmojiReactionController: Return more appropriate error.

See merge request pleroma/pleroma!2569
2020-05-22 14:36:08 +00:00
Egor Kislitsyn
ba106aa9c8
Fix notifications mark as read API 2020-05-22 18:15:36 +04:00
lain
ca755f9a73 ActivityPubController: Add Mastodon compatibility route. 2020-05-22 16:15:29 +02:00
lain
bcb549531f EmojiReactionController: Return more appropriate error. 2020-05-22 14:38:28 +02:00
Haelwenn
7b02bfca51 Merge branch 'announce-validator' into 'develop'
Announce validator

See merge request pleroma/pleroma!2567
2020-05-22 05:47:53 +00:00
Haelwenn
a57e7f3503 Merge branch '1113-op-mentioning' into 'develop'
CommonAPI: Change public->private implicit addressing.

Closes #1113

See merge request pleroma/pleroma!2563
2020-05-22 05:22:07 +00:00
lain
e0d1a942a6 Merge branch 'issue/1707' into 'develop'
[#1707] fixed `mix pleroma.instance gen`

See merge request pleroma/pleroma!2565
2020-05-21 14:32:49 +00:00
lain
ab1154e13f Merge branch 'admin-logo-upload' into 'develop'
Ability to upload background, logo, default user avatar, instance thumbnail, and the NSFW hiding image

See merge request pleroma/pleroma!2388
2020-05-21 14:30:34 +00:00
lain
a42a0716ec Merge branch 'features/emoji_stealer' into 'develop'
MRF.StealEmojiPolicy: New Policy

See merge request pleroma/pleroma!2385
2020-05-21 13:31:49 +00:00
lain
f166316f50 Merge branch 'openapi/pleroma-api/pleroma' into 'develop'
Add OpenAPI spec for PleromaAPI.PleromaAPIController

See merge request pleroma/pleroma!2564
2020-05-21 13:30:09 +00:00
lain
283fb1e05b Merge branch 'issue/749' into 'develop'
[#749] unsubscribes of friends when user deactivated

See merge request pleroma/pleroma!2513
2020-05-21 13:27:44 +00:00
Egor Kislitsyn
45d2c4157f
Add OpenAPI spec for AdminAPI.StatusController 2020-05-21 17:23:12 +04:00
lain
cdc6ba8d7b AnnounceValidator: Check for announcability 2020-05-21 13:58:18 +02:00
lain
c76267afb9 Credo fixes. 2020-05-21 13:31:52 +02:00
lain
23e248694d Announcements: Fix all tests. 2020-05-21 13:16:21 +02:00
lain
d9d425708e SideEffects: Builed out Announce effects. 2020-05-21 12:43:09 +02:00
Egor Kislitsyn
9de9760aa6
Move status actions to AdminAPI.StatusController 2020-05-21 13:52:30 +04:00
Maksim Pechnikov
9bc5e18ade rename mix task: pleroma.user unsubscribe -> pleroma.user deactivate 2020-05-21 08:06:57 +03:00
eugenijm
b7fc61e17b Added the ability to upload background, logo, default user avatar, instance thumbnail, and the NSFW hiding image via AdminFE 2020-05-21 04:41:42 +03:00
Maksim Pechnikov
c96f425cb0 fixed mix pleroma.instance gen 2020-05-20 21:30:41 +03:00
lain
39031f4860 Pipeline: Don't federate if federation is disabled. 2020-05-20 16:36:55 +02:00
lain
e42bc5f557 Announcements: Handle through common pipeline. 2020-05-20 15:44:37 +02:00
lain
265746b21f Merge branch 'openapi/pleroma-api/emojis' into 'develop'
Add OpenAPI spec for EmojiPackController

See merge request pleroma/pleroma!2549
2020-05-20 12:08:28 +00:00