90676bdfe3
Merge branch 'fix/csp-mediaproxy-base-url' into 'develop'
...
HTTP security plug: add media proxy base url host to csp
See merge request pleroma/pleroma!2638
2020-06-12 20:43:59 +03:00
rinpatch
cd2df734dd
Merge branch 'bugfix/csp-unproxied' into 'develop'
...
http_security_plug.ex: Fix non-proxied media
See merge request pleroma/pleroma!2610
2020-06-12 20:43:36 +03:00
Haelwenn (lanodan) Monnier
e313aa0977
static-fe.css: Restore and move to /priv/static/static-fe
2020-06-12 20:42:43 +03:00
href
8efd1614ec
Remove use of atoms in MRF.UserAllowListPolicy
2020-06-12 18:57:46 +03:00
Egor Kislitsyn
8b8b8599e9
Fix atom leak in Rich Media Parser
2020-06-12 18:51:42 +03:00
rinpatch
ada9d15eee
Merge branch 'recipients-query-speedup' into 'develop'
...
Greatly speed up recipients query
See merge request pleroma/pleroma!2558
2020-06-08 01:32:35 +03:00
lain
c29ad60c20
Activity.Queries: Use correct actor restriction.
2020-06-08 01:20:13 +03:00
lain
e9aa6a3fa4
ActivityPub: Change ordering to nulls last
in favorites query
...
This makes it use our existing index and speeds up the query.
2020-06-08 01:19:57 +03:00
rinpatch
3687788cf2
Merge branch 'notification-fixes' into 'develop'
...
Notification performance fixes
See merge request pleroma/pleroma!2595
2020-06-08 00:58:31 +03:00
rinpatch
f10b40828f
[stable rewrite]: fix streamer streaming out announces from a muted thread
...
Use parent object instead of activity because context is null of Announce activity from Mastodon.
2020-06-08 00:58:31 +03:00
Haelwenn
9396b2f8cf
Merge branch 'features/apc2s-pagination' into 'develop'
...
Fix AP C2S pagination
Closes #866 and #751
See merge request pleroma/pleroma!2491
2020-06-08 00:58:31 +03:00
rinpatch
a51284b60a
Merge branch 'fix/mediaproxy-bypass-emoji' into 'develop'
...
Fix profile emojis bypassing mediaproxy and harden CSP
Closes #1810
See merge request pleroma/pleroma!2596
2020-06-08 00:58:30 +03:00
lain
3f13437a9c
User: Truncate bios when updating a remote user.
2020-05-13 00:33:38 +03:00
lain
a8abf1ada6
ActivityPub: Fix non-federating blocks.
2020-05-13 00:33:30 +03:00
lain
ec5e057802
Transmogrifier: On incoming follow accept, update follow counts.
2020-05-12 23:05:57 +03:00
href
40d0775c7f
Reorder alias
2020-05-12 21:27:54 +02:00
href
37c2deb3dd
Expand and authorize streams in Streamer directly (backport from !2519 )
2020-05-12 21:14:46 +02:00
rinpatch
3d9a7cf0cc
healthcheck: report real amount of memory allocated by beam
...
as opposed to memory currently in use
2020-05-10 02:11:33 +03:00
lain
f7c28ae544
Webfinger: Request account info with the acct scheme
2020-05-10 02:09:36 +03:00
lain
45df70e691
AP C2S: Restrict creation to Note
s for now.
2020-05-10 02:06:38 +03:00
eugenijm
441e28f365
Dismiss the follow request notification on rejection
2020-05-02 19:16:27 +03:00
rinpatch
c75840f7b8
Merge branch 'follow-request-notifications' into 'develop'
...
Follow request notifications enforcement
See merge request pleroma/pleroma!2451
2020-05-02 18:59:12 +03:00
rinpatch
7b05933677
Merge branch '1559-follow-request-notifications' into 'develop'
...
[#1559 ] Support for "follow_request" notifications
Closes #1559
See merge request pleroma/pleroma!2354
2020-05-02 18:59:12 +03:00
rinpatch
2646fdea22
signature.ex: Remove the use of ObjectID type
...
It is not in stable yet
2020-05-01 22:56:18 +03:00
rinpatch
b6ca8cc539
Merge branch 'bugfix/1727-fix-signature-decoding' into 'develop'
...
Bugfix/1727 fix signature decoding
Closes #1727
See merge request pleroma/pleroma!2454
2020-05-01 22:10:42 +03:00
rinpatch
138e6ece1b
Merge branch 'following-relationships-optimizations' into 'develop'
...
FollowingRelationship storage & performance optimizations
See merge request pleroma/pleroma!2332
2020-05-01 14:31:26 +03:00
Haelwenn
fb9ec885cc
Merge branch 'feature/1677-need_reboot-flag-endpoint' into 'develop'
...
Added need_reboot endpoint to admin api
Closes #1677
See merge request pleroma/pleroma!2373
2020-05-01 01:38:25 +03:00
lain
a4afeed426
Uploads: Sandbox them in the CSP.
2020-05-01 01:37:26 +03:00
Mark Felder
8cf4e1619e
Fix Oban not receiving :ok from RichMediaHelper job
2020-05-01 01:11:51 +03:00
Ivan Tashkinov
862d4886c9
[ #1682 ] Fixed Basic Auth permissions issue by disabling OAuth scopes checks when password is provided. Refactored plugs skipping functionality.
2020-05-01 01:00:37 +03:00
rinpatch
da4923f2e5
Merge branch 'authenticated-api-oauth-check-enforcement' into 'develop'
...
Enforcement of OAuth scopes check for authenticated API endpoints
See merge request pleroma/pleroma!2349
2020-05-01 00:58:40 +03:00
lain
1ebf8db2a5
Merge branch 'fix-object_age_policy' into 'develop'
...
Fix ObjectAgePolicy
See merge request pleroma/pleroma!2404
2020-05-01 00:55:37 +03:00
Haelwenn
2ff3b85326
Merge branch 'bugfix/1670-user-count' into 'develop'
...
Stats: Ignore internal users for user count.
Closes #1670
See merge request pleroma/pleroma!2414
2020-05-01 00:55:37 +03:00
Haelwenn
bf4b5f3856
Merge branch 'fix/follow-and-blocks-import' into 'develop'
...
Fix follower/blocks import when nicknames starts with @
Closes #1698
See merge request pleroma/pleroma!2416
2020-05-01 00:55:37 +03:00
lain
2e58fe08cd
CommonAPI: Don't make repeating announces possible
2020-05-01 00:55:34 +03:00
Alex Gleason
6e0b046771
Let blob: pass CSP
2020-05-01 00:40:09 +03:00
eugenijm
78391a00c5
Mastodon API: do not create a following relationship if the corresponding follow request doesn't exist when calling POST /api/v1/follow_requests/:id/authorize
2020-05-01 00:39:23 +03:00
rinpatch
61889e00fc
Deactivate local users on deletion instead of deleting the record
...
Prevents the possibility of re-registration, which allowed to read
DMs of the deleted account.
Also includes a migration that tries to find any already deleted
accounts and insert skeletons for them.
Closes pleroma/pleroma#1687
2020-05-01 00:38:58 +03:00
rinpatch
94240cac4e
Merge branch 'fix-auto-link-for-profile-fields' into 'develop'
...
Use Pleroma.Formatter.linkify/2 instead
See merge request pleroma/pleroma!2352
2020-04-08 00:29:19 +03:00
Haelwenn
b0a9a02af3
Merge branch 'feature/funkwhale-audio' into 'develop'
...
Add support for funkwhale Audio activity
Closes #764 and #1624
See merge request pleroma/pleroma!2287
2020-04-02 23:00:23 +03:00
Haelwenn
01a3f145d5
Merge branch 'bugfix/funkwhale-channel' into 'develop'
...
Fix profile url for funkwhale channels, removes one source_data use
Closes #1653
See merge request pleroma/pleroma!2333
2020-04-02 22:55:09 +03:00
rinpatch
e99e2a86af
Merge branch 'bugfix/profile-bio-newline' into 'develop'
...
AccountView: fix for other forms of <br> in bio
Closes #1643
See merge request pleroma/pleroma!2322
2020-03-31 13:42:02 +03:00
lain
c4d3ccc7b9
Merge branch 'admin-api-change-password' into 'develop'
...
Admin API: `PATCH /api/pleroma/admin/users/:nickname/update_credentials`
See merge request pleroma/pleroma!2149
2020-03-31 13:41:47 +03:00
10b7b2b4a4
Merge branch 'fix/activity-deletion' into 'develop'
...
Fix activity deletion
Closes #1640
See merge request pleroma/pleroma!2328
2020-03-31 13:40:28 +03:00
rinpatch
0e92aa0025
Merge branch '1364-notifications-sending-control' into 'develop'
...
[#1364 ] Ability to opt-out of notifications (in all clients)
Closes #1364
See merge request pleroma/pleroma!2301
2020-03-31 13:39:58 +03:00
rinpatch
c46d035f7b
rate limiter: disable based on if remote ip was found, not on if the plug was enabled
...
The current rate limiter disable logic won't trigger when the remote ip
is not forwarded, only when the remoteip plug is not enabled, which is
not the case on most instances since it's enabled by default. This
changes the behavior to warn and disable when the remote ip was not forwarded,
even if the RemoteIP plug is enabled.
Also closes #1620
2020-03-16 00:15:21 +03:00
rinpatch
9d09755291
rip out fetch_initial_posts
...
Every time someone tries to use it, it goes mad and tries to scrape the
entire fediverse for no visible reason, it's better to just remove it
than continue shipping it in it's current state.
idea acked by lain and feld on irc
Closes #1595 #1422
2020-03-16 00:15:11 +03:00
rinpatch
fcf51a77ba
Merge branch 'features/staticfe-sanitization' into 'develop'
...
static_fe: Sanitize HTML
Closes #1614
See merge request pleroma/pleroma!2299
2020-03-16 00:14:04 +03:00
Haelwenn (lanodan) Monnier
306d633b40
pleroma_api_controller.ex: Improve conversations error reporting
...
Related: https://git.pleroma.social/pleroma/pleroma/issues/1594
2020-03-15 17:01:33 +03:00
rinpatch
0b823755a2
Merge branch 'fix/cache-control-headers' into 'develop'
...
Fix Cache Control headers on media
See merge request pleroma/pleroma!2295
2020-03-15 17:01:04 +03:00