Commit graph

9830 commits

Author SHA1 Message Date
rinpatch
396bc69aee Merge branch 'fix/mediaproxy-bypass-emoji' into 'develop'
Fix profile emojis bypassing mediaproxy and harden CSP

Closes 

See merge request 
2020-05-29 09:46:31 +00:00
rinpatch
27180611df HTTP Security plug: make starting csp string generation more readable 2020-05-29 12:32:48 +03:00
lain
1d30608e20 Merge branch 'fix/1557-gets-local-pack' into 'develop'
get-packs for local generated pack

Closes 

See merge request 
2020-05-28 17:08:30 +00:00
lain
f6ddf0cc50 Merge branch 'feature/1792-update-actor-type' into 'develop'
Validate actor type

See merge request 
2020-05-28 16:58:28 +00:00
lain
ddbf7084e2 Merge branch 'update-install-guides' into 'develop'
Update installation guides

See merge request 
2020-05-28 16:54:09 +00:00
Alexander Strizhakov
ae05792d2a
get-packs for local generated pack 2020-05-28 19:41:34 +03:00
Egor Kislitsyn
800e624058
Update installation guides 2020-05-28 19:32:56 +04:00
rinpatch
089d72d2e6 Merge branch 'chore/fix-spelling' into 'develop'
Fix minor spelling error

See merge request 
2020-05-28 11:38:35 +00:00
Mark Felder
95f6240889 Fix minor spelling error 2020-05-27 14:34:37 -05:00
rinpatch
a23df89b5d Merge branch 'bundle/adminfe-20200527' into 'develop'
Update AdminFE build, re-enables emoji packs

See merge request 
2020-05-27 19:22:53 +00:00
Mark Felder
d28b9708d2 Update AdminFE build, re-enables emoji packs 2020-05-27 13:50:24 -05:00
rinpatch
29ff6d414b HTTP security plug: Harden img-src and media-src when MediaProxy is enabled 2020-05-27 21:41:19 +03:00
rinpatch
455a402c8a HTTP Security plug: rewrite &csp_string/0
- Directives are now separated with ";" instead of " ;",
according to https://www.w3.org/TR/CSP2/#policy-parsing
the space is optional
- Use an IO list, which at the end gets converted to a binary as
opposed to ++ing a bunch of arrays with binaries together and joining
them to a string. I doubt it gives any significant real world advantage,
but the code is cleaner and now I can sleep at night.
- The static part of csp is pre-joined to a single binary at compile time.
Same reasoning as the last point.
2020-05-27 21:31:47 +03:00
rinpatch
8f6d428880 AccountView: Use mediaproxy URLs for emojis
Also use atom keys in emoji maps instead of binaries

Closes 
2020-05-27 19:44:02 +03:00
rinpatch
78c46fb7ba MediaProxy test: use config macros instead of directly putting values
They were not properly cleaned later and caused trouble for another tests
2020-05-27 19:34:56 +03:00
rinpatch
d35be02e70 Merge branch 'refactor-add-mention-step-one' into 'develop'
Fix ObjectView calling into strange functions

Closes 

See merge request 
2020-05-27 14:17:12 +00:00
rinpatch
91f73a7592 Merge branch 'notification-fixes' into 'develop'
Notification performance fixes

See merge request 
2020-05-27 13:45:14 +00:00
lain
73f222d76a Migrations: Make user_id index on notifications better for query. 2020-05-27 12:56:15 +02:00
Alexander Strizhakov
047a11c48f Apply suggestion to lib/pleroma/web/admin_api/controllers/admin_api_controller.ex 2020-05-27 10:55:42 +00:00
lain
b8e029b5ea Notification: Actually preload objects. 2020-05-27 12:41:06 +02:00
lain
b9e2678b9e Merge branch 'fav-speedup' into 'develop'
ActivityPub: Change ordering to `nulls last` in favorites query

See merge request 
2020-05-27 08:02:00 +00:00
lain
7e13200869 ActivityPub: Change ordering to nulls last in favorites query
This makes it use our existing index and speeds up the query.
2020-05-27 09:46:12 +02:00
Alexander Strizhakov
3249141588
validate actor type 2020-05-27 10:14:22 +03:00
rinpatch
cf139b06a3 Merge branch 'fav-speedup' into 'develop'
Fix favorites query performance

See merge request 
2020-05-26 16:33:13 +00:00
rinpatch
3601c0015c Merge branch '1808-pleroma-sucks' into 'develop'
Resolve "Don't fail message ingestions when we can't update a user"

Closes 

See merge request 
2020-05-26 15:57:01 +00:00
rinpatch
5ad28ff405 Merge branch 'apps-index' into 'develop'
Migrations: Add index on client_id and client_secret for apps.

See merge request 
2020-05-26 15:56:23 +00:00
rinpatch
ed08da9135 Merge branch '1813-throttling' into 'develop'
Mastodon API Controllers: Use the correct params for rate limiting.

Closes 

See merge request 
2020-05-26 15:55:09 +00:00
lain
d8d99fd4cf Activity.Queries: Use correct actor restriction. 2020-05-26 17:46:16 +02:00
lain
acba7043be Migrations: Add index on client_id and client_secret for apps.
Greatly speeds up app lookup.
2020-05-26 16:46:57 +02:00
lain
5083558ecd Merge branch 'restore-new-image' into 'develop'
Config: Restore old new background image

See merge request 
2020-05-26 14:17:54 +00:00
lain
337ca33e5e Config: Restore old new background image
Became lost in a settings restructure
2020-05-26 16:00:56 +02:00
lain
b233c8e55c Merge branch 'fix/oban-warnings' into 'develop'
Fix Oban warnings

See merge request 
2020-05-26 12:41:46 +00:00
Egor Kislitsyn
2069ec5006
Fix Oban warnings 2020-05-26 16:11:42 +04:00
lain
51bc6674f6 Mastodon API Controllers: Use the correct params for rate limiting. 2020-05-26 13:45:54 +02:00
lain
644195e31e Merge branch '1501-include-unlisted-posts-in-user-feed' into 'develop'
[] Made user feed contain public and unlisted activities

Closes 

See merge request 
2020-05-26 10:56:40 +00:00
lain
c8803965af Merge branch 'skip-crypt-test' into 'develop'
Skip failing `:crypt` test on mac

See merge request 
2020-05-26 08:32:13 +00:00
Ivan Tashkinov
d7a57004ef [] Made user feed contain public and unlisted activities. 2020-05-25 23:27:47 +03:00
Egor Kislitsyn
e32b7ae044
Skip failing :crypt test on mac 2020-05-25 23:01:37 +04:00
lain
09d8b9cb55 Merge branch '1471-tuning-advice' into 'develop'
Docs: Document reasonable Postgres settings.

See merge request 
2020-05-25 17:45:40 +00:00
lain
af3568a6d9 Docs: sql -> SQL 2020-05-25 19:26:07 +02:00
lain
f7cb3f4cfc Apply suggestion to docs/installation/otp_en.md 2020-05-25 17:11:35 +00:00
lain
6a85fe1f9d Docs: Document reasonable Postgres settings. 2020-05-25 15:53:14 +02:00
lain
6bd7070b00 Transmogrifier: Use a simpler way to get mentions. 2020-05-25 15:08:43 +02:00
lain
5fef405208 User: Change signature of get_users_from_set 2020-05-25 15:06:35 +02:00
lain
f20dff451e Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into 1808-pleroma-sucks 2020-05-25 14:01:16 +02:00
lain
6783d544b2 Merge branch 'flaky-tests' into 'develop'
Flaky tests

See merge request 
2020-05-25 12:00:53 +00:00
lain
5d5db7e5b7 StealEmojiPolicyTest: Clean up. 2020-05-25 14:00:18 +02:00
lain
2dff376041 StealEmojiPolicyTest: Fix flaky test. 2020-05-25 13:58:14 +02:00
lain
aeb0875025 StealEmojiPolicyTest: Fix flaky test. 2020-05-25 13:48:47 +02:00
lain
ec470c4c77 Merge branch 'openapi/admin/status' into 'develop'
Add OpenAPI spec for AdminAPI.StatusController

See merge request 
2020-05-25 11:40:54 +00:00