kaniini
945ce9910d
Merge branch 'bugfix/html-scrub-comments' into 'develop'
...
html: ensure comments are correctly scrubbed
See merge request pleroma/pleroma!384
2018-10-23 00:56:09 +00:00
William Pitcock
8613db0e3b
html: ensure comments are correctly scrubbed
2018-10-23 00:48:49 +00:00
scarlett
a253c1466e
New frontend options
2018-10-21 12:52:52 +01:00
AkiraFukushima
a249cbf187
Add a test for List.get_lists_account_belongs
2018-10-19 21:24:15 +09:00
AkiraFukushima
e8c698af41
Add an endpoint /api/v1/accounts/:id/lists to get lists to which account belongs
2018-10-19 01:46:26 +09:00
kaniini
ad3181895c
Merge branch 'bugfix/html-scrub-schemes' into 'develop'
...
lib/pleroma/html.ex: Fix scheme lists
See merge request pleroma/pleroma!377
2018-10-18 14:36:40 +00:00
William Pitcock
595d855f0e
html scrubbing policies: restrict img tags to http/https only for mediaproxy compatibility
2018-10-18 14:29:31 +00:00
Haelwenn (lanodan) Monnier
2154c5dcd8
lib/pleroma/html.ex: Use macros for valid_schemes, change config for schemes
2018-10-18 07:58:15 +02:00
William Pitcock
582dbe5c8d
formatter: fix matching osada users
2018-10-17 19:15:20 +00:00
scarlett
7562912f6a
Use maybe_direct_follow for follow imports
2018-10-17 04:16:11 +01:00
Haelwenn (lanodan) Monnier
d7654c77de
lib/pleroma/html.ex: Use a function as a variable (broken for some reason)
2018-10-16 03:34:33 +02:00
Haelwenn (lanodan) Monnier
50e0a9ae56
lib/pleroma/html.ex: Fix scheme lists
...
Gosh please don’t break ourselves…
Also this is copy-paste of the list in lib/pleroma/formatter.ex,
I think this should be put in a common variable, but where?
2018-10-16 03:00:37 +02:00
William Pitcock
30efa86c05
common api: enable tag linking in markdown mode
2018-10-14 20:36:11 +00:00
Haelwenn (lanodan) Monnier
eacab0fb05
Delete Tokens and Authorizations on password change
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/320
2018-10-14 02:14:54 +02:00
William Pitcock
51eaece3ea
user: break out local cases for maybe_direct_follow
2018-10-11 10:49:54 +00:00
William Pitcock
2c29329d39
user: local users are always AP-enabled ( closes #316 )
2018-10-11 10:35:11 +00:00
William Pitcock
111841ad34
common api: take the combination of the subject and content for length limit enforcement
...
closes #315
2018-10-10 07:53:44 +00:00
William Pitcock
08d5ad71b6
nodeinfo: allow opting out of MRF transparency
2018-10-07 01:23:38 +00:00
William Pitcock
7b3fff9af8
{mastodon api, twitter api}: make the follow handshake timeout configurable
2018-10-07 01:05:59 +00:00
William Pitcock
7f530f6f80
mastodon api: relationship view: better handle no pre-existing follow activity
2018-10-05 23:50:13 +00:00
William Pitcock
e69faf550c
user: add wait_and_refresh() for async three-way handshake case
2018-10-05 23:40:49 +00:00
William Pitcock
3e751496e3
mastodon api: account view: fetch follow state and use it to populate requested
field
2018-10-05 23:31:49 +00:00
William Pitcock
a71b822013
activitypub: always track following state for async reasons
2018-10-05 23:31:00 +00:00
William Pitcock
8ce217776d
activitypub transmogrifier: better manage follow state
2018-10-05 23:30:34 +00:00
William Pitcock
4f7a468659
user: only pre-create follow relationships on OStatus
...
closes #306
2018-10-05 22:58:03 +00:00
William Pitcock
bd76d9cee6
nodeinfo: add accepted post formats to metadata
2018-10-05 21:05:37 +00:00
William Pitcock
285ac80c36
config: allow for accepted post formats to be configured
2018-10-05 21:02:17 +00:00
William Pitcock
52b05137c5
formatter: use Pleroma.HTML module instead of HtmlSanitizeEx directly
2018-10-05 20:49:34 +00:00
William Pitcock
16307da311
twitterapi: frontend config: add formattingOptionsEnabled
2018-10-05 20:49:34 +00:00
William Pitcock
b1be9415ef
Revert "Merge branch 'revert-a26d5e6b' into 'develop'"
...
This reverts commit d31bbb1cfe
, reversing
changes made to 340ab3cb90
.
2018-10-05 20:49:34 +00:00
Haelwenn (lanodan) Monnier
f2efc8dcfb
nodeinfo_controller: Fix JSON rendering
...
This is the last noedinfo difference from my own branch
2018-10-05 22:32:53 +02:00
Haelwenn (lanodan) Monnier
28651df478
MRF Transparency
2018-10-05 20:09:08 +02:00
Haelwenn (lanodan) Monnier
56d31db130
Pleroma.Web.Nodeinfo.NodeinfoController: Further transparency, breaks API of previous one
2018-10-05 20:08:55 +02:00
Haelwenn (lanodan) Monnier
8226953f1d
[Pleroma.Web.Nodeinfo.NodeinfoController]: Transparency on MRF Simple
2018-10-05 20:02:13 +02:00
kaniini
4f03bb2299
Merge branch 'bugfix/fix-mrf-reject-match' into 'develop'
...
activitypub: fix error condition match
See merge request pleroma/pleroma!365
2018-09-30 05:32:56 +00:00
William Pitcock
4db1bc2c0e
activitypub: fix error condition match
2018-09-30 05:26:13 +00:00
Haelwenn (lanodan) Monnier
a3cffd3566
formatter: Stop using phoenix HTML and format it ourselves
...
* Pheonix has an extra scheme whitelist conflicting with ours
* Pheonix doesn’t seems to do URL encoding, just HTML encoding
Closes: https://git.pleroma.social/pleroma/pleroma/issues/307
2018-09-28 17:32:27 +02:00
Haelwenn
34b6d444d6
Merge branch 'feature/twitter_api/fields' into 'develop'
...
[Pleroma.Web.TwitterAPI.UserView]: Add mastodon-fields in "fields"
See merge request pleroma/pleroma!360
2018-09-28 09:25:27 +00:00
Haelwenn (lanodan) Monnier
82b57ebad1
[Pleroma.Web.TwitterAPI.UserView]: Add mastodon-fields in "fields"
2018-09-28 10:44:45 +02:00
William Pitcock
707077edde
activitypub: don't fall back to OStatus fetching when MRF rejects an object
2018-09-28 00:45:10 +00:00
William Pitcock
5c312ad677
activitypub inbox: only accept unsigned/invalid-signature relayed creates, nothing else
...
although the previous handling assumed any unsigned/invalid signature message was a Create,
lets make it more explicit
2018-09-28 00:03:59 +00:00
Haelwenn (lanodan) Monnier
c739737998
transmogrifier: get_actor called without casting attributedTo in actor and actor is nil
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
9446b02bdf
transmogrifier: Just make attachement maps into a list and reroll
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
e53da692fb
transmogrifier: Use the correct variable and prefer inspect in case of a bad type being passed on
2018-09-27 20:00:48 +02:00
William Pitcock
d830a243a3
transmogrifier: more robustly handle dereferencing pointer URIs
2018-09-27 20:00:48 +02:00
Haelwenn (lanodan) Monnier
4c3a80de96
transmogrifier: Use oneliners when applicable
2018-09-27 20:00:47 +02:00
William Pitcock
ed8dfa3029
transmogrifier: reformat cond
block by hand
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
eebe33e86a
transmogrifier: Add support for array-less hashtags, add broken announce, harden get_actor
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
f3291acc91
transmogrifier: pro-actively add support for Hashtag without array in tag
2018-09-27 20:00:47 +02:00
Haelwenn (lanodan) Monnier
22927f3a34
transmogrifier: Use a cond, add proactive support for arrays
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
0aac72f1d3
[Pleroma.Web.ActivityPub.Transmogrifier]: quick fix when tag is a Map
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
28e8a8ab36
[Pleroma.Web.ActivityPub.Transmogrifier]: fix emoji in tag when it’s not in a array [kroeg]
...
Also simplified the code for name trimming.
And not copying the Map.merge part as it looks buggy.
See: https://queer.hacktivis.me/objects/a9f21ebc-9a12-4a6c-89d5-3d46955c6ee8
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
f8a0cb9c0b
[Pleroma.Web.ActivityPub.Transmogrifier]: fix when attachment contain is just a Map [kroeg]
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
a4abb124ea
[Pleroma.Web.ActivityPub.Transmogrifier]: Fix when inReplyTo is a inlined post [kroeg]
2018-09-27 20:00:46 +02:00
Haelwenn (lanodan) Monnier
523757be52
[Pleroma.Web.ActivityPub.ActivityPub]: Harden getting endpoints [kroeg]
2018-09-27 20:00:45 +02:00
Martin Kühl
f77ec96707
Uploaders.S3: Replace unsafe characters in object key
...
According to [the S3 docs][s3], the characters safe for use in object keys are:
* 0-9
* a-z
* A-Z
* !
* -
* _
* .
* *
* '
* (
* )
(The / character is not listed but mentioned being safe outside of the list.)
Several characters that are valid in filenames can cause problems, for example
spaces are not valid in URLs and need to be escaped,
sequences of spaces can become squeezed by S3,
some characters like \ are documented to require “significant special handling”.
To avoid these problems, this change encodes the filename
before using it as part of the S3 object name
by replacing all characters except those documented as “safe” with dashes.
[s3]: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html
2018-09-24 15:38:32 +02:00
William Pitcock
7f0e291483
html: twittertext: add missing catchall scrub function
2018-09-22 03:45:35 +00:00
William Pitcock
56577d8b48
twitter api: add no_rich_text option to userview for account prefs
2018-09-22 03:24:40 +00:00
William Pitcock
df00a364fb
mastodon api: formatting
2018-09-22 02:53:04 +00:00
William Pitcock
c2b69798dd
twitter api: add support for disabling rich text
2018-09-22 02:53:02 +00:00
William Pitcock
958e085acb
mastodon api: add support for user-supplied html policy
2018-09-22 02:53:02 +00:00
William Pitcock
2f5b026548
twitter api: add support for user-specified html policy
2018-09-22 02:53:01 +00:00
William Pitcock
735cdfb848
user: add User.html_filter_policy()
2018-09-22 02:53:00 +00:00
William Pitcock
8ae9424edb
html: default to using normal scrub policy if provided scrub policy is nil
2018-09-22 02:52:59 +00:00
kaniini
4cb6331843
Merge branch 'feature/dynamic-user-refresh' into 'develop'
...
user: implement dynamic refresh of profiles
See merge request pleroma/pleroma!350
2018-09-21 00:00:28 +00:00
kaniini
0fe165165f
Merge branch 'task-204-on-options-request' into 'develop'
...
Return 204 response on options request
See merge request pleroma/pleroma!347
2018-09-20 23:54:51 +00:00
William Pitcock
8e28e8a18f
mix: remove fix_ap_users task, now obsolete
2018-09-20 23:50:56 +00:00
William Pitcock
c9f6eb9a41
user: implement dynamic refresh of profiles (gets rid of need for fix_ap_users task)
2018-09-20 23:50:56 +00:00
Haelwenn (lanodan) Monnier
40c51f118f
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.5.0
2018-09-20 16:48:12 +02:00
Haelwenn (lanodan) Monnier
f74725df41
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Remove unused variables
2018-09-20 16:37:18 +02:00
Haelwenn (lanodan) Monnier
33a1e92584
[Pleroma.Web.Router]: Fake /api/v1/endorsements
2018-09-20 16:25:07 +02:00
Haelwenn (lanodan) Monnier
a8eaecadee
[Pleroma.Web.MastodonAPI.AccountView]: relationship.json: fake endorsed value (false)
2018-09-20 16:24:29 +02:00
Haelwenn (lanodan) Monnier
43d0b7bf7a
[Pleroma.Web.MastodonAPI.StatusView] add replies_count
2018-09-20 16:10:46 +02:00
William Pitcock
c9585ec007
twitter api: fix mimetype fallback when attachments use a URI instead of a URL object
2018-09-19 04:59:26 +00:00
William Pitcock
0cac493fdc
mastodon api: default attachment type to image if one is not present
2018-09-19 04:59:25 +00:00
Martin Kühl
f4fcea5258
Revert "Mastodon API: Fake support for loading filters"
...
This reverts commit c1d07da4e1
.
The fake support was superseded by 6e030129fb
which actually implements the faked filters API.
This change removes the fake support and ensures that the actual implementation is used.
2018-09-18 11:59:10 +02:00
Dominique Feyer
9b0f2d572b
Return 204 response on options request
2018-09-17 12:21:01 +02:00
William Pitcock
a7d0ecdc7c
html: add policy which transforms inline images to pass through the media proxy
2018-09-16 02:16:16 +00:00
William Pitcock
cd13fa17fd
html: allow scrubbing policies to be stackable
2018-09-16 02:16:14 +00:00
William Pitcock
342ed84446
MRF: add policy for normalizing HTML markup (local and remote) to a specific policy
2018-09-16 01:25:36 +00:00
William Pitcock
95376ac1fe
html: add the ability to override the default scrub policy
2018-09-16 01:25:35 +00:00
kaniini
c2650f0ffb
Merge branch 'feature/html-scrub-policy' into 'develop'
...
html scrub policy
See merge request pleroma/pleroma!339
2018-09-16 01:05:09 +00:00
39aed5348a
Add visible_in_picker to status emojis
2018-09-10 23:32:19 +00:00
William Pitcock
d3248e13e3
activitypub: transmogrifier: allow profile updates from bots
2018-09-10 01:57:03 +00:00
William Pitcock
e0b8c0ccba
MRF: reject non-public: use pattern match to remove unnecessary if block
2018-09-10 01:16:03 +00:00
William Pitcock
88094c266d
MRF: simple policy: refactor module to use guards and pattern matching
2018-09-10 01:16:02 +00:00
William Pitcock
97253df3ee
MRF: simple policy: contain media removal/nsfw ops to create activities only
2018-09-10 01:16:01 +00:00
William Pitcock
e82ce2a4b3
formatting
2018-09-10 00:28:40 +00:00
William Pitcock
358f88e10a
html: allow inline images by default (because of custom emoji)
2018-09-10 00:24:19 +00:00
William Pitcock
40e2f6e500
html: add default scrubbing profile and configuration knobs
2018-09-10 00:14:57 +00:00
William Pitcock
ac486fc59b
everywhere: use Pleroma.HTML module instead of HtmlSanitizeEx directly
2018-09-10 00:14:47 +00:00
William Pitcock
255f46d7ab
html: new module providing a configurable markup scrubbing policy
2018-09-10 00:13:57 +00:00
Dominique Feyer
801d645c6b
TASK: Fix formatting
2018-09-09 23:42:28 +02:00
Dominique Feyer
b79c126ee0
Add missing URL encoding in create authorization redirect
2018-09-09 23:31:47 +02:00
Hakaba Hitoyo
4e1bb7bccb
make limit for /api/v1/suggestions
2018-09-09 13:57:23 +09:00
lambda
045953225e
Merge branch 'moonman/pleroma-sha512-crypt' into 'develop'
...
auth overhaul and legacy GS auth
See merge request pleroma/pleroma!331
2018-09-08 09:20:34 +00:00
kaniini
530561a091
Merge branch 'add-secure-and-samesite-cookie-flags' into 'develop'
...
Add Secure and SameSite cookie flags
See merge request pleroma/pleroma!302
2018-09-07 23:55:42 +00:00
kaniini
3e4f39116b
Merge branch 'feature/custom_media_url' into 'develop'
...
[Pleroma.Uploaders.Local]: Add configuration for custom url path
See merge request pleroma/pleroma!318
2018-09-07 23:49:36 +00:00
Martin Kühl
c1d07da4e1
Mastodon API: Fake support for loading filters
2018-09-07 16:12:44 +02:00
Martin Kühl
619f67768a
Mastodon API: Add unsupported attributes to relationship responses
...
These attributes are documented as required by the Mastodon API.
Since we don’t support them (I think?), respond with default values.
2018-09-07 16:12:44 +02:00