William Pitcock
ee5932a504
http security: allow referrer-policy to be configured
2018-11-12 15:14:46 +00:00
William Pitcock
fe67665e19
rename CSPPlug to HTTPSecurityPlug.
2018-11-12 15:08:02 +00:00
KokaKiwi
1592fa2bea
Mastodon API: Fix list streaming
2018-11-11 14:18:15 +01:00
William Pitcock
df72978dce
csp plug: add support for certificate transparency
2018-11-11 06:55:44 +00:00
William Pitcock
331cf6ada1
csp plug: add sts support
2018-11-11 06:50:28 +00:00
William Pitcock
a2bf5426cb
sample config: document how to make CSPPlug send STS headers (off by default to allow for SSL debugging)
2018-11-11 06:42:14 +00:00
William Pitcock
f516e317ea
plugs: add CSPPlug
2018-11-11 06:10:21 +00:00
William Pitcock
419ed3a0ca
oauth: fix token decode regression
2018-11-11 05:26:39 +00:00
lambda
f745e823f0
Merge branch 'bugfix/json-ld-object-sanitization' into 'develop'
...
JSON-LD: object sanitization
See merge request pleroma/pleroma!438
2018-11-10 12:37:18 +00:00
William Pitcock
97e50f3191
activitypub: transmogrifier: sanitize internal representation details from outgoing objects
...
this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data. accordingly, it seems better to just remove
it.
2018-11-10 12:24:20 +00:00
Haelwenn (lanodan) Monnier
5ecb5629f6
lib/mix/tasks: s/@doc/@moduledoc/
2018-11-10 13:09:39 +01:00
Haelwenn (lanodan) Monnier
5e3207045e
lib/mix/tasks/unsubscribe_user.ex: Fix syntax from bad line copy
2018-11-10 13:09:39 +01:00
Haelwenn (lanodan) Monnier
64c0289893
lib/mix/tasks: Add remaining documentation for mix tasks
2018-11-10 13:09:38 +01:00
Haelwenn (lanodan) Monnier
8b2541e4e7
Document the mix tasks in ex_doc instead
2018-11-10 13:09:37 +01:00
Haelwenn (lanodan) Monnier
e1814bb322
Document mix tasks
2018-11-10 13:09:37 +01:00
William Pitcock
f8310114a6
activitypub: object view: sanitize both the activity and the object when an activity is given for rendering
2018-11-10 12:04:09 +00:00
kaniini
c9c1f9dee2
Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'
...
ostatus: only federate activities concerning note objects
See merge request pleroma/pleroma!437
2018-11-10 11:50:02 +00:00
kaniini
7daa102fa4
Merge branch 'bugfix/local-jsonld-context' into 'develop'
...
Host LitePub JSON-LD context locally
See merge request pleroma/pleroma!435
2018-11-10 11:37:44 +00:00
William Pitcock
4f87b8362b
endpoint: move CORSPlug in front of Plug.Static
2018-11-10 11:23:50 +00:00
William Pitcock
03a9990baf
endpoint: fix formatting
2018-11-10 11:18:25 +00:00
William Pitcock
e6d246882d
federator: don't federate anything other than Note objects to OStatus
2018-11-10 10:06:10 +00:00
William Pitcock
e4971553c7
activitypub: utils: use same object type list for mention extraction as insertion
2018-11-09 13:40:39 +00:00
William Pitcock
b3c360ce2c
notification: add fallback get_notified_from_activity()
2018-11-09 09:07:40 +00:00
William Pitcock
b9871e7e5a
activitypub: utils: wrap Note objects in a Create when extracting mentions
2018-11-09 09:01:40 +00:00
William Pitcock
8c805ada32
user: remove obsolete User.get_notified_from_activity().
2018-11-09 09:01:40 +00:00
William Pitcock
6cadfcb21e
activitypub: utils: switch to using new Notification.get_notified_from_activity().
2018-11-09 09:01:40 +00:00
William Pitcock
cdfdd77e30
notification: implement new Notification.get_notified_from_activity()
2018-11-09 09:01:36 +00:00
William Pitcock
d26cd6c1bf
user: factor out user set fetching from User.get_notified_from_activity()
2018-11-09 08:23:45 +00:00
William Pitcock
81d6ca1783
user: implement AS2 mention extraction + unify Announce handling
2018-11-08 20:19:56 +00:00
William Pitcock
6b4064fa5d
activitypub: transmogrifier: unify mention extraction
2018-11-08 19:41:36 +00:00
William Pitcock
0a2c1a3419
user: add optional local_only param to get_notified_from_activity()
2018-11-08 19:30:55 +00:00
Haelwenn (lanodan) Monnier
2fab32ab61
Pleroma.Web.Endpoint: Whitelist schemas directory
2018-11-08 20:22:12 +01:00
Haelwenn (lanodan) Monnier
934125695d
Move /litepub-1.0.jsonld to /schemas/litepub-0.1.jsonld
2018-11-08 20:21:45 +01:00
William Pitcock
4e93d6ae14
common api: utils: flip to/cc for mentions
2018-11-08 19:17:01 +00:00
William Pitcock
3e33479c05
activitypub: transmogrifier: only consider to
users as mention targets
2018-11-08 18:58:27 +00:00
William Pitcock
144dc048b8
user: only consider to
recipients as mention targets
2018-11-08 18:58:24 +00:00
Haelwenn (lanodan) Monnier
abcacec97d
Pleroma.Web.ActivityPub.Utils: Use locally-served JSON-LD Litepub context instead of Github-hosted one
2018-11-08 19:38:38 +01:00
William Pitcock
da16ada424
utils: use litepub @context instead of that huge mess
2018-11-08 16:52:14 +00:00
William Pitcock
f733470037
user view: unify a @context entry that was missed
2018-11-08 16:51:48 +00:00
lambda
59cf7cf235
Merge branch 'small-jsonld-refactor' into 'develop'
...
Small jsonld refactor
See merge request pleroma/pleroma!433
2018-11-08 16:23:58 +00:00
lain
34bd411781
Unify json ld header handling.
2018-11-08 16:39:38 +01:00
lain
3b02fd9fb7
Small refactor.
2018-11-08 16:05:28 +01:00
kaniini
4d627a5117
Merge branch 'feature/qvitter-notifications-dismiss' into 'develop'
...
qvitter notifications: add new "read notifications" API
See merge request pleroma/pleroma!431
2018-11-07 22:33:06 +00:00
kaniini
b451a92d78
Merge branch 'runtime-config' into 'develop'
...
Runtime configuration
See merge request pleroma/pleroma!430
2018-11-07 22:32:34 +00:00
href
e42f2efae4
/api/v1/accounts/relationships Return an empty array if no id in params
...
This copies Mastodon API behaviour & fixes Mastalab app.
2018-11-07 16:32:57 +01:00
href
9070588493
Runtime config: MRF changes
2018-11-07 10:40:24 +01:00
William Pitcock
b2105a3131
twitterapi: add notification read endpoint
2018-11-06 23:25:07 +00:00
William Pitcock
f16c2e0b1b
notification: add Notification.set_read_up_to()
2018-11-06 22:50:43 +00:00
href
5bb88fd174
Runtime configuration
...
Related to #85
Everything should now be configured at runtime, with the exception of
the `Pleroma.HTML` scrubbers (the scrubbers used can be
changed at runtime, but their configuration is compile-time) because
it's building a module with a macro.
2018-11-06 19:41:15 +01:00
kaniini
a68c18f0ad
Merge branch 'unify-mastodon-oauth' into 'develop'
...
Unify Mastodon Login with OAuth login.
See merge request pleroma/pleroma!429
2018-11-06 16:18:12 +00:00
kaniini
0f3e78addb
Merge branch 'runtime-router' into 'develop'
...
Runtime configured router
See merge request pleroma/pleroma!426
2018-11-06 15:35:19 +00:00
lain
a8f1e30cb8
Formatting.
2018-11-06 16:05:58 +01:00
href
7d328c658d
Small wrapper module around Application.get_env/put_env
...
Same API as the old Pleroma.Config
2018-11-06 16:00:48 +01:00
lain
4f640c43ed
Unify Mastodon Login with OAuth login.
...
This removes duplication in the login code.
2018-11-06 15:19:11 +01:00
href
2bc924ba45
Get rid of Pleroma.Config in favor of Application
...
Discussed in https://git.pleroma.social/pleroma/pleroma/merge_requests/426#note_7232
2018-11-06 15:12:53 +01:00
href
013f7ba8c1
Add federating plug & public tests
2018-11-06 14:45:04 +01:00
href
83911b1443
Fix wrong return when finmoji is disabled
2018-11-05 21:17:47 +01:00
href
fd0e7d18d9
handle_continue is OTP21+
2018-11-05 18:04:43 +01:00
href
6fe23c5458
Runtime configured router
2018-11-05 15:19:03 +01:00
href
d096bc17bf
revert endpoint position in supervision tree
2018-11-05 14:05:04 +01:00
href
763fc7b44f
Runtime configured emojis
...
The changes are a bit heavy since the emojis were loaded into module
attributes from filesystem.
This introduces a GenServer using an ETS table to cache in memory the
emojis, and allows a runtime-reload with `Pleroma.Emoji.reload()`.
2018-11-05 13:24:00 +01:00
kaniini
007f1c73b1
Merge branch 'feature/cors-again' into 'develop'
...
Add CORSPlug to make web-based OAuth easier.
See merge request pleroma/pleroma!420
2018-11-03 15:36:23 +00:00
Haelwenn (lanodan) Monnier
3e50bb667f
Pleroma.Web.MastodonAPI.StatusView: Content isn’t nullable
2018-11-03 14:42:47 +01:00
lain
e954cfcc2c
Add CORSPlug to make web-based OAuth easier.
2018-11-03 13:38:01 +01:00
lambda
4bcdbb12a4
Merge branch 'fix_hashtag_search' into 'develop'
...
Fix hashtag search
See merge request pleroma/pleroma!418
2018-11-02 20:05:56 +00:00
Mark Felder
0cca7edbe0
Fix hashtag search
...
When we lowercase the search it will succesfully do a case insenstive
match. Now #Linux will match #linux and #LINUX whereas previously it
would only match the exact case.
2018-11-02 19:38:57 +00:00
lain
45ebc8dd9a
Check for empty string in_reply_to ids.
2018-11-02 17:33:51 +01:00
Haelwenn (lanodan) Monnier
3c7d4ff271
Pleroma.Web.TwitterAPI.ActivityView: Harden TwitterAPI against remnant of prismo
2018-11-01 15:07:27 +01:00
William Pitcock
24ba08de13
twitter api: add support for rendering Page objects
2018-11-01 10:01:35 +00:00
William Pitcock
4d8f076125
mastodon api: add support for rendering Page objects
2018-11-01 10:00:16 +00:00
William Pitcock
9f03b5c4f7
activitypub: transmogrifier: add support for Page objects
2018-11-01 09:59:43 +00:00
Lee Starnes
585b29337c
Ensure filters have a filter_id
2018-11-01 09:17:02 +00:00
kaniini
eba9a62024
Merge branch 'feature/relay-tests' into 'develop'
...
relay tests
See merge request pleroma/pleroma!411
2018-11-01 09:10:51 +00:00
Haelwenn
40676d7683
Merge branch 'bugfix/prismo.news_article_url' into 'develop'
...
Bugfix/prismo.news article url
Closes #352
See merge request pleroma/pleroma!410
2018-11-01 09:05:16 +00:00
lain
1e9ced5af4
Test Relay, switch to runtime configuration.
2018-11-01 09:01:43 +00:00
lain
e6ec01afb6
Start configuration manager.
2018-11-01 09:01:24 +00:00
lain
9b77030d3c
Add basic configuration management module.
2018-11-01 09:01:03 +00:00
Haelwenn (lanodan) Monnier
b2da5262ea
Pleroma.Web.ActivityPub.Transmogrifier: fix_url when not a string/empty
...
Thanks prismo.news, I hate it
2018-11-01 09:56:37 +01:00
Haelwenn (lanodan) Monnier
755f166406
Pleroma.Web.MastodonAPI.StatusView: Do not fail when URL isn’t a string
2018-11-01 09:55:38 +01:00
William Pitcock
2b3a40d038
object: split object_cache from user_cache
2018-11-01 08:41:46 +00:00
William Pitcock
f584a603f9
user: make User.delete() return data consistent with Object.delete()
2018-11-01 07:56:21 +00:00
William Pitcock
2c3bfd7f76
user: delete user_info data in User.invalidate_cache()
2018-11-01 07:52:58 +00:00
William Pitcock
10f3958468
object: return the deleted object as well
2018-11-01 07:47:50 +00:00
William Pitcock
2bf358d7b4
activitypub: use Object.delete() instead of mutating the database and cache directly
2018-11-01 07:29:12 +00:00
William Pitcock
c4e43da63e
object: add safe object deletion function
2018-11-01 07:28:48 +00:00
Haelwenn (lanodan) Monnier
558e6a84d6
[Pleroma.Web.CommonAPI]: Delete post cache entry when it’s deleted
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/346
2018-11-01 06:52:01 +01:00
William Pitcock
47f76bf4b1
common api: allow self-liking objects
...
mastodon allows this, for whatever reason.
closes #347 .
2018-10-31 22:29:49 +00:00
kaniini
5fea3d9eca
Merge branch 'allow-abbr' into 'develop'
...
Allow use of the `abbr` HTML tag.
See merge request pleroma/pleroma!405
2018-10-30 23:22:48 +00:00
scarlett
795634c90f
Allow use of the abbr
HTML tag.
2018-10-30 21:40:06 +00:00
scarlett
b92e38d2d4
Add user reactivation task.
2018-10-29 23:13:15 +00:00
kaniini
a880e0a527
Merge branch 'feature/upload-limits' into 'develop'
...
configurable media upload limits
Closes #118
See merge request pleroma/pleroma!401
2018-10-29 20:14:10 +00:00
William Pitcock
676c97b8c7
nodeinfo: expose configured upload limits
2018-10-29 20:07:52 +00:00
William Pitcock
36825932eb
s3 uploader: add new feature to force public attachment URIs to go through media proxy
2018-10-29 18:00:59 +00:00
William Pitcock
f407831120
common api: prefer formatting attachments using the attachment's name instead of URI
2018-10-29 17:59:24 +00:00
William Pitcock
784b3a615d
utils: fix another possible leak with private S3 backends using mediaproxy
...
same rationale as the other mediaproxy changes
2018-10-29 17:26:15 +00:00
William Pitcock
181f3bb56a
mastodon api: enforce upload limits for avatars and banners
2018-10-29 16:43:05 +00:00
William Pitcock
e12489e2fe
twitter api: enforce upload limits for avatars, banners and backgrounds
2018-10-29 16:43:05 +00:00
William Pitcock
167d3789a5
activitypub: upload: pass through an upload limit if one is provided
2018-10-29 16:43:05 +00:00
William Pitcock
fa483cd7c2
upload: add new optional argument designating an upload size limit
2018-10-29 16:43:00 +00:00
William Pitcock
5c6ec2d9fc
twitter/mastodon api: always use mediaproxy URLs in attachments
...
if using local media, the mediaproxy will not replace the URL anyway.
2018-10-29 15:19:32 +00:00
William Pitcock
69192f36ff
mix tasks: add new task to unsubscribe all users from, and then ban a remote user (e.g. followbots)
2018-10-28 19:47:56 +00:00
kaniini
39103a91be
Merge branch 'bugfix/broken-thread-filtering-false-positive' into 'develop'
...
activitypub: fix possible false positives with broken thread filtering
See merge request pleroma/pleroma!398
2018-10-28 05:52:51 +00:00
William Pitcock
72ea54de6e
activitypub: fix possible false positives with broken thread filtering
2018-10-28 05:45:33 +00:00
Greizgh
a494508320
Cleanup postgresql setup script
...
Drop unused CREATEDB privilege.
Do not try to handle multiple run.
2018-10-27 14:31:51 +02:00
kaniini
44762daf51
Merge branch 'feature/broken-thread-filtering' into 'develop'
...
broken thread filtering, part 1
See merge request pleroma/pleroma!394
2018-10-26 06:45:38 +00:00
William Pitcock
c302c619b9
http: fix mediaproxy
2018-10-26 06:38:08 +00:00
William Pitcock
26eb11c172
activitypub: add support for filtering broken threads out of timelines
2018-10-26 06:16:51 +00:00
William Pitcock
7338368ad9
http: enable keepalive / connection pooling ( closes #336 )
2018-10-26 03:06:42 +00:00
William Pitcock
f6cb963df2
activitypub utils: fix recipient check when the message is unaddressed (mastodon)
2018-10-26 01:24:22 +00:00
Haelwenn (lanodan) Monnier
7906dfe5a0
[Pleroma.Web.Nodeinfo.NodeinfoController]: Simplify features strings
2018-10-26 01:06:34 +02:00
Haelwenn (lanodan) Monnier
57330dd91b
[Pleroma.Web.Nodeinfo.NodeinfoController]: Have a list of supported features
2018-10-26 01:06:19 +02:00
kaniini
9fe9c09883
Merge branch 'finmoji-optional' into 'develop'
...
Make finmoji optional
See merge request pleroma/pleroma!391
2018-10-25 18:24:07 +00:00
scarlett
ae5beb7b64
Make finmoji optional
2018-10-25 17:58:46 +01:00
William Pitcock
ce70eb8c00
activitypub utils: fix user splicing
2018-10-25 05:24:01 +00:00
William Pitcock
2f1f1a4f30
activitypub: splice users into recipient lists when they receive messages at their personal inbox
...
closes #343
2018-10-25 05:02:21 +00:00
kaniini
9e9b1bd5ea
Merge branch 'bugfix/ap-uri-user-search' into 'develop'
...
transmogrifier: do not try to contain origin of something which doesn't have one
Closes #340
See merge request pleroma/pleroma!389
2018-10-25 04:38:46 +00:00
Haelwenn
79b1e4465f
Merge branch 'bugfix/233-handle-missing-StatusView' into 'develop'
...
[Pleroma.Web.MastodonAPI.StatusView]: Add fallback on missing handler for status.json
Closes #233
See merge request pleroma/pleroma!257
2018-10-25 04:35:29 +00:00
William Pitcock
5383887bd4
transmogrifier: do not try to contain origin of something which doesn't have one
2018-10-25 04:27:33 +00:00
Haelwenn (lanodan) Monnier
b386888a0e
[Pleroma.Web.MastodonAPI.MastodonAPIController]: fallback for try_render/4
...
Better be sure than sorry
2018-10-25 06:21:11 +02:00
William Pitcock
1ed25c963a
twitterapi: activity view: add the other in_reply_to fields
2018-10-25 04:04:04 +00:00
William Pitcock
1b480e3514
user: add helper for fetching profile url (which may be different than ap id)
2018-10-25 04:01:59 +00:00
Haelwenn (lanodan) Monnier
b112112c11
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Wrap around render/4
2018-10-25 05:52:45 +02:00
Haelwenn (lanodan) Monnier
b0a940d5a2
[Pleroma.Web.MastodonAPI.StatusView]: Remove unused arguments
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
2da0ffeb28
lib/pleroma/web/mastodon_api/mastodon_api_controller.ex: Output an error when render(status.json) gives a nil
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
0c10be8731
[Pleroma.Web.MastodonAPI.StatusView]: Remove nils from lists.json
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
3b0e9287a5
[Pleroma.Web.MastodonAPI.StatusView]: Return nil as fallback for missing views
2018-10-25 05:24:01 +02:00
William Pitcock
fee43ae5e7
twitterapi: activity view: implement in_reply_to_screen_name using the new graph walking helper
2018-10-25 02:59:04 +00:00
William Pitcock
f3f736afc4
activity: add helper to fetch an activity's parent
2018-10-25 02:47:55 +00:00
kaniini
945ce9910d
Merge branch 'bugfix/html-scrub-comments' into 'develop'
...
html: ensure comments are correctly scrubbed
See merge request pleroma/pleroma!384
2018-10-23 00:56:09 +00:00
William Pitcock
8613db0e3b
html: ensure comments are correctly scrubbed
2018-10-23 00:48:49 +00:00
scarlett
a253c1466e
New frontend options
2018-10-21 12:52:52 +01:00
AkiraFukushima
a249cbf187
Add a test for List.get_lists_account_belongs
2018-10-19 21:24:15 +09:00
AkiraFukushima
e8c698af41
Add an endpoint /api/v1/accounts/:id/lists to get lists to which account belongs
2018-10-19 01:46:26 +09:00
kaniini
ad3181895c
Merge branch 'bugfix/html-scrub-schemes' into 'develop'
...
lib/pleroma/html.ex: Fix scheme lists
See merge request pleroma/pleroma!377
2018-10-18 14:36:40 +00:00
William Pitcock
595d855f0e
html scrubbing policies: restrict img tags to http/https only for mediaproxy compatibility
2018-10-18 14:29:31 +00:00
Haelwenn (lanodan) Monnier
2154c5dcd8
lib/pleroma/html.ex: Use macros for valid_schemes, change config for schemes
2018-10-18 07:58:15 +02:00
William Pitcock
582dbe5c8d
formatter: fix matching osada users
2018-10-17 19:15:20 +00:00
scarlett
7562912f6a
Use maybe_direct_follow for follow imports
2018-10-17 04:16:11 +01:00
Haelwenn (lanodan) Monnier
d7654c77de
lib/pleroma/html.ex: Use a function as a variable (broken for some reason)
2018-10-16 03:34:33 +02:00
Haelwenn (lanodan) Monnier
50e0a9ae56
lib/pleroma/html.ex: Fix scheme lists
...
Gosh please don’t break ourselves…
Also this is copy-paste of the list in lib/pleroma/formatter.ex,
I think this should be put in a common variable, but where?
2018-10-16 03:00:37 +02:00
William Pitcock
30efa86c05
common api: enable tag linking in markdown mode
2018-10-14 20:36:11 +00:00
Haelwenn (lanodan) Monnier
eacab0fb05
Delete Tokens and Authorizations on password change
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/320
2018-10-14 02:14:54 +02:00
William Pitcock
51eaece3ea
user: break out local cases for maybe_direct_follow
2018-10-11 10:49:54 +00:00
William Pitcock
2c29329d39
user: local users are always AP-enabled ( closes #316 )
2018-10-11 10:35:11 +00:00
William Pitcock
111841ad34
common api: take the combination of the subject and content for length limit enforcement
...
closes #315
2018-10-10 07:53:44 +00:00
William Pitcock
08d5ad71b6
nodeinfo: allow opting out of MRF transparency
2018-10-07 01:23:38 +00:00
William Pitcock
7b3fff9af8
{mastodon api, twitter api}: make the follow handshake timeout configurable
2018-10-07 01:05:59 +00:00
William Pitcock
7f530f6f80
mastodon api: relationship view: better handle no pre-existing follow activity
2018-10-05 23:50:13 +00:00
William Pitcock
e69faf550c
user: add wait_and_refresh() for async three-way handshake case
2018-10-05 23:40:49 +00:00
William Pitcock
3e751496e3
mastodon api: account view: fetch follow state and use it to populate requested
field
2018-10-05 23:31:49 +00:00
William Pitcock
a71b822013
activitypub: always track following state for async reasons
2018-10-05 23:31:00 +00:00
William Pitcock
8ce217776d
activitypub transmogrifier: better manage follow state
2018-10-05 23:30:34 +00:00
William Pitcock
4f7a468659
user: only pre-create follow relationships on OStatus
...
closes #306
2018-10-05 22:58:03 +00:00
William Pitcock
bd76d9cee6
nodeinfo: add accepted post formats to metadata
2018-10-05 21:05:37 +00:00
William Pitcock
285ac80c36
config: allow for accepted post formats to be configured
2018-10-05 21:02:17 +00:00
William Pitcock
52b05137c5
formatter: use Pleroma.HTML module instead of HtmlSanitizeEx directly
2018-10-05 20:49:34 +00:00
William Pitcock
16307da311
twitterapi: frontend config: add formattingOptionsEnabled
2018-10-05 20:49:34 +00:00
William Pitcock
b1be9415ef
Revert "Merge branch 'revert-a26d5e6b' into 'develop'"
...
This reverts commit d31bbb1cfe
, reversing
changes made to 340ab3cb90
.
2018-10-05 20:49:34 +00:00
Haelwenn (lanodan) Monnier
f2efc8dcfb
nodeinfo_controller: Fix JSON rendering
...
This is the last noedinfo difference from my own branch
2018-10-05 22:32:53 +02:00
Haelwenn (lanodan) Monnier
28651df478
MRF Transparency
2018-10-05 20:09:08 +02:00
Haelwenn (lanodan) Monnier
56d31db130
Pleroma.Web.Nodeinfo.NodeinfoController: Further transparency, breaks API of previous one
2018-10-05 20:08:55 +02:00
Haelwenn (lanodan) Monnier
8226953f1d
[Pleroma.Web.Nodeinfo.NodeinfoController]: Transparency on MRF Simple
2018-10-05 20:02:13 +02:00
kaniini
4f03bb2299
Merge branch 'bugfix/fix-mrf-reject-match' into 'develop'
...
activitypub: fix error condition match
See merge request pleroma/pleroma!365
2018-09-30 05:32:56 +00:00
William Pitcock
4db1bc2c0e
activitypub: fix error condition match
2018-09-30 05:26:13 +00:00
Haelwenn (lanodan) Monnier
a3cffd3566
formatter: Stop using phoenix HTML and format it ourselves
...
* Pheonix has an extra scheme whitelist conflicting with ours
* Pheonix doesn’t seems to do URL encoding, just HTML encoding
Closes: https://git.pleroma.social/pleroma/pleroma/issues/307
2018-09-28 17:32:27 +02:00
Haelwenn
34b6d444d6
Merge branch 'feature/twitter_api/fields' into 'develop'
...
[Pleroma.Web.TwitterAPI.UserView]: Add mastodon-fields in "fields"
See merge request pleroma/pleroma!360
2018-09-28 09:25:27 +00:00
Haelwenn (lanodan) Monnier
82b57ebad1
[Pleroma.Web.TwitterAPI.UserView]: Add mastodon-fields in "fields"
2018-09-28 10:44:45 +02:00
William Pitcock
707077edde
activitypub: don't fall back to OStatus fetching when MRF rejects an object
2018-09-28 00:45:10 +00:00
William Pitcock
5c312ad677
activitypub inbox: only accept unsigned/invalid-signature relayed creates, nothing else
...
although the previous handling assumed any unsigned/invalid signature message was a Create,
lets make it more explicit
2018-09-28 00:03:59 +00:00
Haelwenn (lanodan) Monnier
c739737998
transmogrifier: get_actor called without casting attributedTo in actor and actor is nil
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
9446b02bdf
transmogrifier: Just make attachement maps into a list and reroll
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
e53da692fb
transmogrifier: Use the correct variable and prefer inspect in case of a bad type being passed on
2018-09-27 20:00:48 +02:00
William Pitcock
d830a243a3
transmogrifier: more robustly handle dereferencing pointer URIs
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
4c3a80de96
transmogrifier: Use oneliners when applicable
2018-09-27 20:00:47 +02:00
William Pitcock
ed8dfa3029
transmogrifier: reformat cond
block by hand
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
eebe33e86a
transmogrifier: Add support for array-less hashtags, add broken announce, harden get_actor
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
f3291acc91
transmogrifier: pro-actively add support for Hashtag without array in tag
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
22927f3a34
transmogrifier: Use a cond, add proactive support for arrays
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
0aac72f1d3
[Pleroma.Web.ActivityPub.Transmogrifier]: quick fix when tag is a Map
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
28e8a8ab36
[Pleroma.Web.ActivityPub.Transmogrifier]: fix emoji in tag when it’s not in a array [kroeg]
...
Also simplified the code for name trimming.
And not copying the Map.merge part as it looks buggy.
See: https://queer.hacktivis.me/objects/a9f21ebc-9a12-4a6c-89d5-3d46955c6ee8
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
f8a0cb9c0b
[Pleroma.Web.ActivityPub.Transmogrifier]: fix when attachment contain is just a Map [kroeg]
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
a4abb124ea
[Pleroma.Web.ActivityPub.Transmogrifier]: Fix when inReplyTo is a inlined post [kroeg]
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
523757be52
[Pleroma.Web.ActivityPub.ActivityPub]: Harden getting endpoints [kroeg]
2018-09-27 20:00:45 +02:00
Martin Kühl
f77ec96707
Uploaders.S3: Replace unsafe characters in object key
...
According to [the S3 docs][s3], the characters safe for use in object keys are:
* 0-9
* a-z
* A-Z
* !
* -
* _
* .
* *
* '
* (
* )
(The / character is not listed but mentioned being safe outside of the list.)
Several characters that are valid in filenames can cause problems, for example
spaces are not valid in URLs and need to be escaped,
sequences of spaces can become squeezed by S3,
some characters like \ are documented to require “significant special handling”.
To avoid these problems, this change encodes the filename
before using it as part of the S3 object name
by replacing all characters except those documented as “safe” with dashes.
[s3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
2018-09-24 15:38:32 +02:00
Martin Kühl
d94ee5cd50
Mastodon API: Support push subscription CRUD
2018-09-22 07:04:01 +02:00
Martin Kühl
c2d592c9c5
Assign token to connection
2018-09-22 07:04:01 +02:00
William Pitcock
7f0e291483
html: twittertext: add missing catchall scrub function
2018-09-22 03:45:35 +00:00
William Pitcock
56577d8b48
twitter api: add no_rich_text option to userview for account prefs
2018-09-22 03:24:40 +00:00
William Pitcock
df00a364fb
mastodon api: formatting
2018-09-22 02:53:04 +00:00
William Pitcock
c2b69798dd
twitter api: add support for disabling rich text
2018-09-22 02:53:02 +00:00
William Pitcock
958e085acb
mastodon api: add support for user-supplied html policy
2018-09-22 02:53:02 +00:00
William Pitcock
2f5b026548
twitter api: add support for user-specified html policy
2018-09-22 02:53:01 +00:00
William Pitcock
735cdfb848
user: add User.html_filter_policy()
2018-09-22 02:53:00 +00:00
William Pitcock
8ae9424edb
html: default to using normal scrub policy if provided scrub policy is nil
2018-09-22 02:52:59 +00:00
kaniini
4cb6331843
Merge branch 'feature/dynamic-user-refresh' into 'develop'
...
user: implement dynamic refresh of profiles
See merge request pleroma/pleroma!350
2018-09-21 00:00:28 +00:00
kaniini
0fe165165f
Merge branch 'task-204-on-options-request' into 'develop'
...
Return 204 response on options request
See merge request pleroma/pleroma!347
2018-09-20 23:54:51 +00:00
William Pitcock
8e28e8a18f
mix: remove fix_ap_users task, now obsolete
2018-09-20 23:50:56 +00:00
William Pitcock
c9f6eb9a41
user: implement dynamic refresh of profiles (gets rid of need for fix_ap_users task)
2018-09-20 23:50:56 +00:00
Haelwenn (lanodan) Monnier
40c51f118f
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.5.0
2018-09-20 16:48:12 +02:00
Haelwenn (lanodan) Monnier
f74725df41
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Remove unused variables
2018-09-20 16:37:18 +02:00
Haelwenn (lanodan) Monnier
33a1e92584
[Pleroma.Web.Router]: Fake /api/v1/endorsements
2018-09-20 16:25:07 +02:00
Haelwenn (lanodan) Monnier
a8eaecadee
[Pleroma.Web.MastodonAPI.AccountView]: relationship.json: fake endorsed value (false)
2018-09-20 16:24:29 +02:00
Haelwenn (lanodan) Monnier
43d0b7bf7a
[Pleroma.Web.MastodonAPI.StatusView] add replies_count
2018-09-20 16:10:46 +02:00
William Pitcock
c9585ec007
twitter api: fix mimetype fallback when attachments use a URI instead of a URL object
2018-09-19 04:59:26 +00:00
William Pitcock
0cac493fdc
mastodon api: default attachment type to image if one is not present
2018-09-19 04:59:25 +00:00
Martin Kühl
f4fcea5258
Revert "Mastodon API: Fake support for loading filters"
...
This reverts commit c1d07da4e1
.
The fake support was superseded by 6e030129fb
which actually implements the faked filters API.
This change removes the fake support and ensures that the actual implementation is used.
2018-09-18 11:59:10 +02:00
Dominique Feyer
9b0f2d572b
Return 204 response on options request
2018-09-17 12:21:01 +02:00
William Pitcock
a7d0ecdc7c
html: add policy which transforms inline images to pass through the media proxy
2018-09-16 02:16:16 +00:00
William Pitcock
cd13fa17fd
html: allow scrubbing policies to be stackable
2018-09-16 02:16:14 +00:00
William Pitcock
342ed84446
MRF: add policy for normalizing HTML markup (local and remote) to a specific policy
2018-09-16 01:25:36 +00:00
William Pitcock
95376ac1fe
html: add the ability to override the default scrub policy
2018-09-16 01:25:35 +00:00
kaniini
c2650f0ffb
Merge branch 'feature/html-scrub-policy' into 'develop'
...
html scrub policy
See merge request pleroma/pleroma!339
2018-09-16 01:05:09 +00:00
39aed5348a
Add visible_in_picker to status emojis
2018-09-10 23:32:19 +00:00
William Pitcock
d3248e13e3
activitypub: transmogrifier: allow profile updates from bots
2018-09-10 01:57:03 +00:00
William Pitcock
e0b8c0ccba
MRF: reject non-public: use pattern match to remove unnecessary if block
2018-09-10 01:16:03 +00:00
William Pitcock
88094c266d
MRF: simple policy: refactor module to use guards and pattern matching
2018-09-10 01:16:02 +00:00
William Pitcock
97253df3ee
MRF: simple policy: contain media removal/nsfw ops to create activities only
2018-09-10 01:16:01 +00:00
William Pitcock
e82ce2a4b3
formatting
2018-09-10 00:28:40 +00:00
William Pitcock
358f88e10a
html: allow inline images by default (because of custom emoji)
2018-09-10 00:24:19 +00:00
William Pitcock
40e2f6e500
html: add default scrubbing profile and configuration knobs
2018-09-10 00:14:57 +00:00
William Pitcock
ac486fc59b
everywhere: use Pleroma.HTML module instead of HtmlSanitizeEx directly
2018-09-10 00:14:47 +00:00
William Pitcock
255f46d7ab
html: new module providing a configurable markup scrubbing policy
2018-09-10 00:13:57 +00:00
Dominique Feyer
801d645c6b
TASK: Fix formatting
2018-09-09 23:42:28 +02:00
Dominique Feyer
b79c126ee0
Add missing URL encoding in create authorization redirect
2018-09-09 23:31:47 +02:00
Hakaba Hitoyo
4e1bb7bccb
make limit for /api/v1/suggestions
2018-09-09 13:57:23 +09:00
lambda
045953225e
Merge branch 'moonman/pleroma-sha512-crypt' into 'develop'
...
auth overhaul and legacy GS auth
See merge request pleroma/pleroma!331
2018-09-08 09:20:34 +00:00
kaniini
530561a091
Merge branch 'add-secure-and-samesite-cookie-flags' into 'develop'
...
Add Secure and SameSite cookie flags
See merge request pleroma/pleroma!302
2018-09-07 23:55:42 +00:00
kaniini
3e4f39116b
Merge branch 'feature/custom_media_url' into 'develop'
...
[Pleroma.Uploaders.Local]: Add configuration for custom url path
See merge request pleroma/pleroma!318
2018-09-07 23:49:36 +00:00
Martin Kühl
c1d07da4e1
Mastodon API: Fake support for loading filters
2018-09-07 16:12:44 +02:00
Martin Kühl
619f67768a
Mastodon API: Add unsupported attributes to relationship responses
...
These attributes are documented as required by the Mastodon API.
Since we don’t support them (I think?), respond with default values.
2018-09-07 16:12:44 +02:00
lain
70163aec9b
Add LegacyAuthenticationPlug to router.
2018-09-05 22:31:57 +02:00
lain
44b094908c
Update legacy passwords automatically.
2018-09-05 22:30:14 +02:00
lain
3aba585e7a
Add Plugs to router.
2018-09-05 21:57:56 +02:00
lain
e601165426
Add UserEnabledPlug.
2018-09-05 21:53:53 +02:00
lain
5ce1ebb179
Add SetUserSessionIdPlug.
2018-09-05 21:42:42 +02:00
Haelwenn
4a3dbd9d4e
Merge branch 'fix/sign-in-with-toot' into 'develop'
...
Fix sign-in and sign-out with Toot!
See merge request pleroma/pleroma!306
2018-09-05 18:20:26 +00:00
lain
636ad3e155
Add new plugs to router.
2018-09-05 19:13:53 +02:00
lain
12bc73dd28
Add EnsureUserKeyPlug, smaller fixes
2018-09-05 19:06:28 +02:00
lain
32465b9939
Simplify AuthenticationPlug
2018-09-05 18:53:38 +02:00
lain
9a96c93be7
Add SessionAuthenticationPlug.
2018-09-05 18:37:02 +02:00
lain
a3f54fca4d
Add LegacyAuthenticationPlug
2018-09-05 18:17:33 +02:00
lain
3cf17dc402
Add EnsureAuthenticatedPlug
2018-09-05 17:59:19 +02:00
lain
faf5347748
Add UserFetcherPlug.
2018-09-05 17:44:38 +02:00
lain
42bd985e66
Add BasicAuthDecoderPlug
2018-09-05 17:30:05 +02:00
Moon Man
8b020e03a6
change cond to if else
2018-09-05 01:37:48 -04:00
Moon Man
1a8bc26e52
auth against sha512-crypt password hashes, upgrade to pbkdf2
2018-09-05 00:21:44 -04:00
kaniini
76c67a41c1
Merge branch 'develop' into 'feature/staff-discovery-api'
...
# Conflicts:
# lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
2018-09-03 14:55:42 +00:00
William Pitcock
9a21ff5f61
nodeinfo: add staffAccounts field to metadata
2018-09-03 14:48:31 +00:00
kaniini
1c9e539b47
Merge branch 'feature/mastodon_api_2.4.x' into 'develop'
...
Add/Fix Mastodon endpoints for 2.4.3 compatibility
See merge request pleroma/pleroma!266
2018-09-03 12:33:36 +00:00
Hakaba Hitoyo
b1124f1605
report chat and gopher support at /nodeinfo/2.0.json
2018-09-03 21:13:30 +09:00
William Pitcock
b61430163b
user: add moderator_user_query()
2018-09-03 12:03:23 +00:00
kaniini
7ca2a2ddea
Merge branch 'nil-bio-emojis' into 'develop'
...
add nil clause for Formatter.get_emoji/1 to return an empty result
Closes #274
See merge request pleroma/pleroma!315
2018-09-03 05:54:11 +00:00
35515cfa66
Update mastodon_api_controller.ex
2018-09-03 01:58:55 +00:00
26f8697400
Update mastodon_api_controller.ex
2018-09-03 01:52:02 +00:00
2b2bd0e047
Render notification IDs as strings, not numbers
2018-09-03 01:40:05 +00:00
Thurloat
4257f784bc
sloop around get_emoji/1 to check is_binary and have a fallthrough
...
default that returns empty
2018-09-02 20:44:37 -03:00
Haelwenn (lanodan) Monnier
754deb26dd
[Pleroma.Uploaders.Local]: Add configuration for custom url path
...
One use-case being an external caching proxy
2018-09-02 19:00:16 +02:00
kaniini
b7923aa304
Merge branch 'hotfix_broken_likes' into 'develop'
...
hotfix for broken like completely breaking the notifications API
See merge request pleroma/pleroma!284
2018-09-02 12:37:00 +00:00
William Pitcock
834515fb51
formatter: don't add XSS emoji
2018-09-02 00:04:09 +00:00
kaniini
3c7280934e
Merge branch 'security/activitypub-spoofing' into 'develop'
...
security: activitypub spoofing
See merge request pleroma/pleroma!321
2018-09-01 23:48:55 +00:00
William Pitcock
03e92977cb
transmogrifier: fix peertube/plume actor handling
2018-09-01 23:44:19 +00:00
William Pitcock
0b2c051a04
activitypub: fix possibility of spoofing by containing remote objects to the same domain as their actor
2018-09-01 23:20:02 +00:00
William Pitcock
e2ce0e9e05
run mix format
.
2018-09-01 21:12:42 +00:00
Martin Kühl
84d84e4ca4
OAuth: Support /revoke endpoint for revoking tokens
...
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
Martin Kühl
ad2a7972e7
OAuth: Set created_at
in token exchange response
...
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
Martin Kühl
b60d232719
AccountView: sensitive
is supposed to be a boolean, not a string
2018-09-01 23:10:48 +02:00
William Pitcock
c921d99898
config: add ability to disable Pleroma FE config management ( closes #276 )
2018-09-01 21:05:32 +00:00
kaniini
2e2f458705
Merge branch 'lanodan/code-dup_in_mastoapi_search' into 'develop'
...
Clean code duplication in MastoAPI search(v1/v2)
See merge request pleroma/pleroma!316
2018-09-01 09:12:59 +00:00
Will Pearson
0c2a0e3551
Specify default scope in verify_credentials
...
Certain Mastodon/Pleroma front ends call verify_credentials to get the
default scope of a new toot.
Currently, Pleroma hardcodes this value to "public".
This patch changes it to the user's default_scope value.
2018-08-31 21:04:46 -07:00
Haelwenn (lanodan) Monnier
8885d16e1b
[Pleroma.Web.MastodonAPI.MastodonAPIController].search(2)?: Remove code duplication
2018-09-01 03:11:58 +02:00
Thurloat
a9c0f395cb
add nil clause for Formatter.get_emoji/1 to return an empty result
2018-08-31 14:29:23 -03:00
lambda
58539e1357
Revert "Merge branch 'feature/rich-text' into 'develop'"
...
This reverts merge request !309
2018-08-31 09:51:20 +00:00
William Pitcock
856b5e1ca4
config: chase pleroma-fe updates from MR pleroma-fe!324.
2018-08-31 04:01:21 +00:00
kaniini
a26d5e6b2a
Merge branch 'feature/rich-text' into 'develop'
...
rich text support
See merge request pleroma/pleroma!309
2018-08-31 03:41:00 +00:00
William Pitcock
6aa65b68b8
common api: add support for formatting messages outside of twitter-style plain text
2018-08-31 03:13:59 +00:00
kaniini
e838969495
Merge branch 'use-media-proxy-in-suggestions-api' into 'develop'
...
use media proxy for the suggestions api
See merge request pleroma/pleroma!305
2018-08-30 23:06:30 +00:00
kaniini
65e8d47cfb
Merge branch 'backendhack' into 'develop'
...
Flexible Storage Backends
See merge request pleroma/pleroma!304
2018-08-30 23:05:01 +00:00
Thurloat
adffad5502
increase uploader behaviour documentation accuracy.
2018-08-30 09:20:29 -03:00
Thurloat
af01f0196a
Add backend failure handling with :ok | :error so the uploader can handle it.
...
defaulting to :ok, since that's the currently level of error handling.
2018-08-29 22:07:28 -03:00
William Pitcock
29b5e30c46
activity: drop recipients_to/recipients_cc fields
2018-08-29 18:41:02 +00:00
William Pitcock
de9acebbf3
activitypub: use jsonb query for containment instead of recipients_to/recipients_cc.
2018-08-29 18:41:02 +00:00
href
ddc6f32b75
Fix Mastodon API when actor's nickname is null
2018-08-29 16:32:50 +02:00
William Pitcock
cce9d008f9
streamer: contain list updates in the same way as we do with the database query
2018-08-29 09:23:05 +00:00
William Pitcock
ded9091206
mastodon api: use bounded AP object graph query to enforce containment of private statuses
2018-08-29 08:51:51 +00:00
William Pitcock
643fae6e36
activitypub: allow querying the activity/object graph bounded to a specific to/cc set
2018-08-29 08:51:23 +00:00
William Pitcock
81673b8136
activity: add recipients_to and recipients_cc fields
2018-08-29 08:42:33 +00:00
Thurloat
d424e9fa5f
fix S3 ref in sample config to generate proper path.
2018-08-28 23:49:23 -03:00
Thurloat
ab9e5d64d6
add a sample swift config
2018-08-28 22:39:33 -03:00
Thurloat
2ff25ac0ce
A hobbldey-working swift client.
...
apparently, all elixir openstack libraries are trash
luckily, the APIs are stupid easy.
2018-08-28 22:32:24 -03:00
Thurloat
9fc20ed572
works now, tested with profile photo upload on local backend.
2018-08-28 20:04:26 -03:00
Thurloat
dad39b24a1
add the behaviour, work on actually making it work.
2018-08-28 19:48:03 -03:00
shibayashi
18ad8aaecf
Explicitly set 'http_only' to true
2018-08-28 22:34:31 +02:00
Thurloat
8d2d7a8859
Implement uploader behaviour
...
run formatter <#
2018-08-28 09:57:41 -03:00
shibayashi
4656a07e9e
Set SameSite flag to 'Strict'
2018-08-28 14:03:29 +02:00
Hakaba Hitoyo
6cbfb5ab5d
use media proxy for suggestions api
2018-08-28 17:01:17 +09:00
Thurloat
0df558a6a5
cleaning up a bit.
2018-08-27 22:45:53 -03:00
Thurloat
709816a0f8
example of flexible storage backends
2018-08-27 22:20:54 -03:00
William Pitcock
d22f66655b
upload: formatting
2018-08-28 00:25:30 +00:00
William Pitcock
1596185ac6
upload: add the S3 support itself
2018-08-28 00:18:44 +00:00
William Pitcock
03c35e579b
sample config: add S3 public endpoint option
2018-08-28 00:18:24 +00:00