Commit graph

997 commits

Author SHA1 Message Date
7e45343f81 Resolve information disclosure vulnerability through emoji pack archive download endpoint 2023-08-04 11:34:19 +01:00
b65aafe1e3 Fix tests breaking on config changes 2023-08-02 12:05:30 +01:00
c38f1aefb1 Add unit tests for Utils.user_name_string 2023-07-28 07:35:00 -07:00
1377ec33fe Add a unit test for custom WebFinger domain 2023-07-27 09:01:46 -07:00
Weblate
eba3cce77b Update translation files
Updated by "Squash Git commits" hook in Weblate.

Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/
2023-07-27 13:14:05 +00:00
6db8ab7c94 Merge pull request 'Varied selection of Pleroma cherry-picks' (#567) from XxXCertifiedForkliftDriverXxX/akkoma:cherry-picks into develop
Reviewed-on: AkkomaGang/akkoma#567
2023-07-27 12:53:56 +00:00
c63ae73bc0 Add embed controller tests 2023-07-17 19:18:21 +01:00
8fe29bf5d2 Exclude deactivated users from emoji reaction lists 2023-07-17 17:53:03 +01:00
5144d6f4ba Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
XxXCertifiedForkliftDriverXxX
07b478dc49 Implement blocklists for MediaProxy 2023-06-26 15:18:31 +02:00
tusooa
c0a01e73cf Enforce unauth restrictions for public streaming endpoints 2023-06-14 22:45:19 +00:00
tusooa
fee6e2aac4 Fix deleting banned users' statuses 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
8669a0abcb UploadedMedia: Increase readability via ~s sigil 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
37b0d774fa UploadedMedia: Add missing disposition_type to Content-Disposition
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.

Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
tusooa
1def80c2e7 Fix existing tests 2023-06-14 22:45:19 +00:00
tusooa
3095251e6c Dedupe poll options 2023-06-14 22:45:19 +00:00
tusooa
79a18f761b Allow with_relationships param for blocks 2023-06-14 22:45:19 +00:00
kPherox
8fb235e71b fix: append field values to bio before parsing 2023-06-14 19:44:07 +00:00
kPherox
d6271e7613 feat: build rel me tags with profile fields 2023-06-14 19:44:07 +00:00
5adce547d0 Require related object for notifications to filter on content 2023-06-14 19:41:48 +00:00
tusooa
05e80d1879 Fix block_from_stranger setting 2023-06-14 19:41:44 +00:00
tusooa
651979217a Fix failure when registering a user with no email when approval required 2023-06-14 19:33:58 +00:00
997551bac9 Fix TwitterCard meta tags
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".

Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.

> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]

[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Tusooa Zhu
2a290cb331 Lint 2023-06-14 17:20:55 +00:00
Tusooa Zhu
dfd6c96808 Fix SideEffectsTest 2023-06-14 17:20:55 +00:00
Tusooa Zhu
fd38756e92 Do not stream out Announces to public timelines 2023-06-14 17:20:55 +00:00
Tusooa Zhu
5ef7c15d92 Make local-only posts stream in local timeline 2023-06-14 17:18:26 +00:00
3227ebf1e1 CommonFixes: more predictable context generation
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2023-06-14 16:22:26 +00:00
XxXCertifiedForkliftDriverXxX
1b560d547a Stop exposing if a user blocks you over the API. 2023-05-28 23:42:27 +02:00
Haelwenn (lanodan) Monnier
70b0f93865 Apply oembed patch 2023-05-26 20:45:57 +01:00
8c208f751d Fix filtering out incorrect addresses 2023-05-23 13:46:25 +01:00
037f881187 Fix create processing in direct message disabled 2023-05-23 13:16:20 +01:00
ab34680554 switch to using an enum system for DM acceptance 2023-05-23 10:29:08 +01:00
d310f99d6a Add MRFs for direct message manipulation 2023-05-22 23:53:44 +01:00
f72d773cc3 Merge pull request 'Make UserNote comment default to the empty string.' (#530) from provable_ascent/akkoma:provable_ascent-patch-1 into develop
Reviewed-on: AkkomaGang/akkoma#530
2023-05-22 21:33:01 +00:00
9c4203632d Add user_note_test.exs. 2023-05-12 02:18:24 +00:00
f1e66b39c7 Return empty string in the event of no detected language 2023-05-08 18:52:19 -04:00
b86b3a9e29 Support public key URIs that incomprehensibly have GET args
Fixes #528
2023-04-25 13:30:20 +01:00
f2b4e7f86b Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop 2023-04-14 17:56:56 +01:00
522221f7fb Mix format 2023-04-14 17:56:34 +01:00
Atsuko Karagi
1fa3c0b485 Remove support for outdated Create format 2023-04-14 17:46:22 +01:00
Atsuko Karagi
d2b0d86471 HTTP signatures respect allowlist federation 2023-04-14 17:46:06 +01:00
8c86a06ed1 Merge pull request 'Remove "default" image description' (#493) from ilja/akkoma:remove_default_image_description into develop
Reviewed-on: AkkomaGang/akkoma#493
2023-04-14 16:27:41 +00:00
4c9c959bb3 Merge branch 'develop' into frontend-switcher-9000 2023-04-14 16:56:10 +01:00
1b2c24a19e fix tests 2023-04-14 15:20:55 +01:00
dd44387f1a Add timeline visibility options 2023-03-17 15:33:28 +00:00
2c9e02429a mix format 2023-03-15 22:19:52 +00:00
9464d50562 Add publicTimelineVisibility to nodeinfo 2023-03-15 22:13:18 +00:00
377d1483b6 Merge pull request 'Apply security patch from pleroma to prevent nested file names being uploaded to the server.' (#507) from foxing/akkoma:foxing-patch-2 into develop
Reviewed-on: AkkomaGang/akkoma#507
2023-03-13 00:29:51 +00:00
3f76de76da Apply Patch 2023-03-12 19:13:56 +00:00