77448de492
ugghhhh
2019-02-07 22:25:07 +01:00
Ivan Tashkinov
2c68cf7e9e
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
...
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
f4ff4ffba2
Migration and some boilerplate stuff
2019-02-07 17:36:14 +01:00
Mark Felder
74518d0b60
hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
...
This was a dirty regex replace which worked on my server
2019-02-06 22:34:44 +00:00
Haelwenn
1220a17146
Merge branch 'bugfix/rich-media-card' into 'develop'
...
rich media cards: bugfixes and regression tests
See merge request pleroma/pleroma!785
2019-02-06 18:39:13 +00:00
kaniini
18e783bcb2
Merge branch 'add-admin-and-moderator-fields' into 'develop'
...
Add admin and moderator badges to user view and make their visibility configurable
See merge request pleroma/pleroma!767
2019-02-06 18:19:47 +00:00
William Pitcock
65a4b9fbea
mastodon api: rich media: don't clobber %URI struct with a string
2019-02-06 18:02:15 +00:00
rinpatch
f7aedbcc55
Merge branch 'fix/activitypub-user-view-badmap' into 'develop'
...
Fix if clause in activity_pub user_view
See merge request pleroma/pleroma!783
2019-02-06 17:47:58 +00:00
href
f753043ce0
Fix if clause in activity_pub user_view
2019-02-06 18:42:19 +01:00
eugenijm
035eaeb9b8
Allow to configure visibility for admin and moderator badges
2019-02-06 06:18:05 +03:00
eugenijm
398c81f9c8
Add is_admin and is_moderator boolean fields to the user view
2019-02-06 02:10:06 +03:00
William Pitcock
d83dbd9070
rich media: parser: reject any data which cannot be explicitly encoded into JSON
2019-02-05 20:50:57 +00:00
kaniini
d120aa63f0
Merge branch 'fix-dm-index' into 'develop'
...
Massage index until it actually does the stuff we want.
See merge request pleroma/pleroma!772
2019-02-05 20:27:31 +00:00
kaniini
681ba1e52f
Merge branch 'feature/ap-c2s-whoami' into 'develop'
...
activitypub: c2s: add /api/ap/whoami endpoint for andstatus
See merge request pleroma/pleroma!773
2019-02-05 20:26:31 +00:00
kaniini
eb2b1960e0
Merge branch 'feature/split-hide-network-v2' into 'develop'
...
Split hide_network into hide_followers & hide_followings (fixed)
See merge request pleroma/pleroma!765
2019-02-05 18:56:59 +00:00
kaniini
ecdb0b7f57
Merge branch 'bugfix/rich-media-image-nil' into 'develop'
...
mastodon api: fix rendering of cards without image URLs (closes #597 )
Closes #597
See merge request pleroma/pleroma!777
2019-02-05 18:53:43 +00:00
William Pitcock
1d94b67e40
mastodon api: fix rendering of cards without image URLs ( closes #597 )
2019-02-05 18:30:27 +00:00
William Pitcock
e71ab5a10f
activitypub: transmogrifier: fix bare tags
2019-02-05 00:43:28 +00:00
William Pitcock
db1165f70f
activitypub: c2s: add /api/ap/whoami endpoint for andstatus
2019-02-04 22:58:29 +00:00
lain
f3c8b02d65
Massage index until it actually does the stuff we want.
...
Also makes the index a lot smoler.
2019-02-04 23:47:29 +01:00
William Pitcock
7d110be119
activitypub: mrf: tag policy: fix force-unlisted and sandbox actions
2019-02-04 19:03:54 +00:00
William Pitcock
64a3993425
activitypub: mrf: tag policy: add support for subscription control
2019-02-04 17:48:48 +00:00
William Pitcock
ff2c28fd6d
activitypub: mrf: tag policy: refactor the filtering hook a bit
2019-02-04 17:06:37 +00:00
William Pitcock
9a69f08e86
activitypub: mrf: tag policy: add support for processing follow requests
2019-02-04 17:04:05 +00:00
William Pitcock
084bb8ccd5
activitypub: mrf: tag policy: implement force-unlisted and sandbox
2019-02-04 17:04:05 +00:00
William Pitcock
88e32a32ce
mrf: add initial MRF.TagPolicy engine
2019-02-04 17:04:05 +00:00
rinpatch
00835bf678
Merge branch 'fix/rich-media-relative-path' into 'develop'
...
Fix rich media relative path
Closes #588
See merge request pleroma/pleroma!759
2019-02-04 16:01:34 +00:00
rinpatch
89762ad230
Merge branch 'feature/hellthread-filter-improvements' into 'develop'
...
Improve hellthread filter
Closes #584
See merge request pleroma/pleroma!766
2019-02-04 12:36:50 +00:00
58262a8b8a
removed a debug thingy
2019-02-04 11:22:25 +00:00
4430641349
squished a bug
2019-02-04 12:09:00 +01:00
3cf046babb
actually commited the changes
2019-02-04 10:23:43 +01:00
63a4f4b7be
fixed Map,put arguments, updated nomenclature
2019-02-04 10:23:07 +01:00
583c4e0f17
more tweaks, fixed silly mistakes...
2019-02-03 23:56:20 +01:00
e10cda7541
implemented tweaks
2019-02-03 22:46:06 +01:00
531507a635
fixed things
2019-02-03 20:45:32 +01:00
10130fa7d6
made toggleable, added docs
2019-02-03 20:27:28 +01:00
0ef0ae35ab
added optional delist feature
2019-02-03 20:12:23 +01:00
Maxim Filippov
16ce129e38
Split hide_network into hide_followers & hide_followings (fixed)
2019-02-03 21:55:04 +03:00
lambda
69a38644bc
Merge branch '589-fix-cache' into 'develop'
...
Resolve "Update object cache on favs/boosts"
Closes #589
See merge request pleroma/pleroma!764
2019-02-03 18:19:40 +00:00
lain
505a084058
Still do caching in tests.
2019-02-03 18:28:14 +01:00
Ivan Tashkinov
3913b0196e
[ #582 ] Made single-pub task call Instance.set_reachable/1 if set_reachable
is not specified.
...
Added tests.
2019-02-03 13:28:13 +03:00
Ivan Tashkinov
b40b4bc4e5
[ #582 ] Optimized federation retirement by reducing the number of SQL calls
...
(calling `Instances.set_reachable/1` only if instance had `unreachable_since`,
calling `Instances.set_unreachable/1` only if instance had nil `unreachable_since`).
2019-02-03 12:41:27 +03:00
Maxim Filippov
2c59eb3cfc
Add responsive features to layout
2019-02-02 13:40:34 +03:00
rinpatch
68d461b3a9
Check if rich media uri is relative
2019-02-02 12:24:24 +03:00
rinpatch
833404f0f5
Use with instead of if in the card
2019-02-02 12:04:18 +03:00
rinpatch
e4d18f328b
merge only if page_url is an absolute path
2019-02-02 11:53:46 +03:00
rinpatch
cbadf9d333
Fix rich media relative path
2019-02-02 11:38:37 +03:00
kaniini
486749064f
Revert "Merge branch 'feature/split-hide-network' into 'develop'"
...
This reverts merge request !733
2019-02-01 20:22:58 +00:00
href
ffbf306c9a
Merge branch 'streaming-api-url-fix' into 'develop'
...
Fix WebSocket streaming API URL.
See merge request pleroma/pleroma!756
2019-02-01 19:39:50 +00:00
eugenijm
a184811a60
Use url() instead of static_url in Endpoint.websocket_url()
2019-02-01 22:35:19 +03:00
href
7e384a2425
Merge branch 'develop' into 'develop'
...
Use nodeinfo 2.1
See merge request pleroma/pleroma!753
2019-02-01 19:18:46 +00:00
9cac8729af
update nodeinfo version when requesting 2.1
2019-02-01 16:03:23 -03:00
eugenijm
d747bd9870
Use String.replace_leading instead of String.replace for getting websocket streaming api url.
...
Extract the login responsible for obtaining websocket URL into the corresponding
Endpoint function.
2019-02-01 21:58:43 +03:00
1cdcee89da
mix format pass
2019-02-01 14:40:43 -03:00
23b1c64a19
downcase software name in nodeinfo
2019-02-01 14:35:08 -03:00
b17ce875cf
keep compatibility with nodeinfo 2.0
...
splits actual nodeinfo generation into raw_nodeinfo, the 2.0 handler
gives the same result, while the 2.1 handler inserts the
software.repository field. requested by @href
2019-02-01 14:23:40 -03:00
Haelwenn (lanodan) Monnier
74c6119f28
MastodonAPI.MastodonAPIController: Return a 404 when we fail to get a list
2019-02-01 18:21:16 +01:00
kaniini
0a82a7e6d6
Merge branch 'feature/split-hide-network' into 'develop'
...
Split hide_network into hide_followers & hide_followings
See merge request pleroma/pleroma!733
2019-02-01 17:05:29 +00:00
lambda
fc7644798d
Merge branch 'serve-sw-pleroma.js' into 'develop'
...
Serve sw-pleroma.js properly
See merge request pleroma/pleroma!754
2019-02-01 14:24:07 +00:00
href
fa5ec765d9
Serve sw-pleroma.js properly
2019-02-01 11:34:41 +01:00
lain
01d483f9c7
Merge remote-tracking branch 'origin/develop' into fix-rich-media-toggle
2019-02-01 10:21:17 +01:00
href
b3b0855456
Merge branch '534_federation_targets_reachability' into 'develop'
...
[#534 ] Unreachable federation targets retirement
Closes #534
See merge request pleroma/pleroma!703
2019-02-01 09:14:35 +00:00
b0c4c082c4
mix format pass
2019-02-01 04:02:40 -03:00
c05928dbda
use nodeinfo 2.1, add repository field
...
that is the only change from nodeinfo 2.0 to 2.1
also this makes the nodeinfo tests use 2.1.json instead of 2.0.json
2019-02-01 03:55:10 -03:00
lain
b19b4f8537
Remove default value for rich media.
...
Setting it to true will actually override a 'false' set before.
2019-01-31 20:02:08 +01:00
lambda
44913c1019
Merge branch 'bugfix/rich-media-non-unicode' into 'develop'
...
rich media non-unicode bugfix
See merge request pleroma/pleroma!749
2019-01-31 16:54:48 +00:00
William Pitcock
46dba03098
rich media: parser: only try to validate strings, not numbers (OEmbed)
2019-01-31 16:19:31 +00:00
William Pitcock
dafb6f0b5e
rich media: parser: reject OGP fields we cannot safely process
2019-01-31 16:03:56 +00:00
rinpatch
7057891db6
Make rich media support toggleable
2019-01-31 18:18:20 +03:00
Haelwenn
00d4333373
Merge branch 'features/glitch-soc-frontend' into 'develop'
...
Features/glitch soc frontend
See merge request pleroma/pleroma!192
2019-01-31 10:16:11 +00:00
href
5ea0397e2d
Fix 4aff4efa
typos
2019-01-30 21:08:41 +01:00
href
4aff4efa8d
Use multiple hackney pools
...
* federation (ap, salmon)
* media (rich media, media proxy)
* upload (uploader proxy)
Each "part" will stop fighting others ones -- a huge federation outbound
could before make the media proxy fail to checkout a connection in time.
splitted media and uploaded media for the good reason than an upload
pool will have all connections to the same host (the uploader upstream).
it also has a longer default retention period for connections.
2019-01-30 15:06:46 +01:00
kaniini
7a2c4f984b
Merge branch 'bugfix/fix-rejects' into 'develop'
...
follow request fixups
Closes #537
See merge request pleroma/pleroma!734
2019-01-29 14:47:36 +00:00
kaniini
d03a116654
Merge branch 'hj-happiness-improvement' into 'develop'
...
New frontend configuration mechanism.
Closes #445
See merge request pleroma/pleroma!700
2019-01-29 13:54:10 +00:00
William Pitcock
57549f6043
activitypub: utils: update the state of *any* pending follow relationship that matches the actor and target
2019-01-29 12:21:02 +00:00
William Pitcock
cbb2b709de
activitypub: transmogrifier: fix follow request rejections
2019-01-29 11:57:46 +00:00
Ivan Tashkinov
92753b0cd9
[ #534 ] Made federation push sender be determined basing on content instead of referer
header. Updated tests.
2019-01-29 13:12:28 +03:00
Haelwenn
ebb3496386
Merge branch 'feature/rich-media-part-2-electric-boogaloo' into 'develop'
...
Rich Media support, part 2.
See merge request pleroma/pleroma!719
2019-01-29 05:11:08 +00:00
William Pitcock
61d6715714
rich media: oembed: return data in the same format as the other parsers
2019-01-28 21:13:25 +00:00
William Pitcock
ddb5545202
rich media: kill some testsuite noise
2019-01-28 20:55:33 +00:00
William Pitcock
0f11254a06
rich media: parser: add some basic sanity checks on the returned data with pattern matching
2019-01-28 20:43:21 +00:00
William Pitcock
83b7062634
rich media: parser: cache negatives
2019-01-28 20:19:07 +00:00
William Pitcock
8fb16e9f0f
rich media: parser: add copyright header
2019-01-28 20:00:01 +00:00
Maxim Filippov
50d6183893
Split hide_network into hide_followers & hide_followings
2019-01-28 21:40:08 +03:00
Ivan Tashkinov
d3f9e6f6fe
[ #534 ] Merged upstream/develop
.
2019-01-28 15:39:14 +03:00
Ivan Tashkinov
1d2f41642c
[ #534 ] Various tweaks. Tests for Instances and Instance.
2019-01-28 15:25:06 +03:00
lain
8e8a1e1ba8
Return new-style config if old-style config is set to false.
...
This is in preparation for 1.0. We'll be able to switch the config to the new
mechanism on PleromaFE then as well.
2019-01-28 13:07:12 +01:00
Haelwenn
de0fb88a9c
Merge branch 'safe-render-activities' into 'develop'
...
remove unnecessary filter (re !723 )
See merge request pleroma/pleroma!729
2019-01-28 11:48:03 +00:00
href
df2f7b39dd
re f83bae7c
: remove unnecessary filter
2019-01-28 12:24:14 +01:00
lain
1825118fd4
Correctly handle invalid credentials on auth login.
...
Closes #407
2019-01-28 11:41:47 +01:00
Ivan Tashkinov
9560abea10
[ #534 ] Refactoring / tweaks per MR review.
2019-01-28 11:03:52 +03:00
William Pitcock
ddc7ae2c1a
mastodon api: card: force OGP images through mediaproxy
2019-01-28 06:42:27 +00:00
William Pitcock
ebeabdcc72
rich media: helpers: clean up unused aliases
2019-01-28 06:10:25 +00:00
William Pitcock
91ef64a1ec
activitypub: prime OGP crawler cache when new messages are inserted into the database
2019-01-28 06:07:18 +00:00
William Pitcock
8e42251e06
rich media: add helpers module, use instead of MastodonAPI module
2019-01-28 06:04:54 +00:00
William Pitcock
24a103a1fe
mastodon api: formatting
2019-01-28 05:53:17 +00:00
William Pitcock
6096846f5f
API: kill /api/rich_media/parse endpoint
2019-01-28 05:53:17 +00:00
William Pitcock
07a9a891ad
twitter api: fix up activity representer
2019-01-28 05:53:17 +00:00
William Pitcock
de42646634
rich media: add try/rescue to ensure we catch parsing and fetching failures
2019-01-28 05:53:17 +00:00
William Pitcock
5d895093fd
twitter api: embed card in twitterapi posts
2019-01-28 05:53:17 +00:00