Commit graph

2610 commits

Author SHA1 Message Date
Haelwenn
5ae6088d37 Merge branch 'feature/mrf-user-allowlist' into 'develop'
MRF: user allowlist module

See merge request pleroma/pleroma!477
2018-11-27 00:12:03 +00:00
kaniini
a76058fc1d Merge branch 'fix/pleromafe-title' into 'develop'
Replace hardcoded <title>

See merge request pleroma/pleroma!476
2018-11-26 23:59:30 +00:00
William Pitcock
6979eeda34 config: document mrf_user_allowlist 2018-11-26 23:54:46 +00:00
William Pitcock
271f9f1335 nodeinfo: add mrf_user_allowlist data 2018-11-26 23:52:19 +00:00
William Pitcock
8c05d19c7f MRF: add user allowlist module 2018-11-26 23:51:58 +00:00
Mark Felder
6cc94404d7 Replace this hardcoded <title> 2018-11-26 22:51:25 +00:00
kaniini
bdb0c6e418 Merge branch 'bugfix/csp-no-https' into 'develop'
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https

See merge request pleroma/pleroma!475
2018-11-26 22:24:21 +00:00
Haelwenn (lanodan) Monnier
04daa0fa44
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
This fixes running mastofe with MIX_ENV=dev
2018-11-26 21:41:36 +01:00
Haelwenn
3370924b8b Merge branch 'add-manifest-src-to-csp' into 'develop'
Add manifest-src to CSP to allow manifest.json

See merge request pleroma/pleroma!474
2018-11-26 19:56:49 +00:00
shibayashi
591b11eafc
Add manifest-src to allow manifest.json 2018-11-26 20:48:24 +01:00
kaniini
39a3b1724a Merge branch 'bugfix/public-mastoapi-websocket' into 'develop'
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints

See merge request pleroma/pleroma!471
2018-11-25 02:54:54 +00:00
Haelwenn (lanodan) Monnier
cc8952b45f
Web.MastodonApi.MastodonSocketTest: Add test for unauthenticated websocket 2018-11-24 08:51:35 +01:00
Haelwenn (lanodan) Monnier
ca029f0b69
Web.Streamer: Get unauthenticated statuses representation 2018-11-24 08:45:45 +01:00
Haelwenn (lanodan) Monnier
d388a99143
Web.MastodonAPI.MastodonSocket: Put access_token at function-level 2018-11-24 06:43:03 +01:00
Haelwenn (lanodan) Monnier
5346fabf14
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
reported by soka on CRTNet
2018-11-24 06:13:36 +01:00
kaniini
675653ceb7 Merge branch 'feature/admin-api' into 'develop'
Add a admin API

See merge request pleroma/pleroma!366
2018-11-22 00:28:04 +00:00
kaniini
182e3e8da2 Merge branch 'feature/improve-version' into 'develop'
Improved version string

See merge request pleroma/pleroma!467
2018-11-21 16:53:38 +00:00
kaniini
a591a044a9 Merge branch 'runtime-fixes' into 'develop'
Various runtime configuration fixes

See merge request pleroma/pleroma!468
2018-11-20 22:25:35 +00:00
Haelwenn
c7d08bc1cf Merge branch 'feature/retry-queue' into 'develop'
Federator: add retry queue.

See merge request pleroma/pleroma!323
2018-11-20 19:04:52 +00:00
kaniini
dbb483659a Merge branch 'fix/mediaproxy-empty-url' into 'develop'
mediaproxy: fix empty url & add some tests

See merge request pleroma/pleroma!466
2018-11-20 18:09:46 +00:00
href
bc5cf2c192
Improved version string 2018-11-20 17:55:03 +01:00
href
7f4c3a1e99
mediaproxy: fix empty url & add some tests 2018-11-20 17:50:03 +01:00
eal
689b46efc8 RetryQueue: tiny refractor, add tests 2018-11-19 18:08:41 +02:00
href
bcecdc3ab1
Various runtime configuration fixes 2018-11-19 10:09:24 +01:00
kaniini
fbc3f2893a Merge branch 'update/pleroma-fe-20181118' into 'develop'
update pleroma frontend

See merge request pleroma/pleroma!464
2018-11-18 17:29:25 +00:00
William Pitcock
db8f269cd3 update pleroma frontend 2018-11-18 17:27:48 +00:00
eal
62299be094 Federator: add retry queue. 2018-11-18 17:46:29 +02:00
lambda
5143501426 Merge branch 'security/as2-object-render-hardening' into 'develop'
activitypub: object view: avoid leaking private details

See merge request pleroma/pleroma!463
2018-11-17 22:43:45 +00:00
William Pitcock
f6be980f4f activitypub: object view: avoid leaking private details 2018-11-17 22:30:53 +00:00
lambda
b471344b63 Merge branch 'bugfix/notice-urls-should-return-objects' into 'develop'
ostatus controller: respond with AS2 objects instead of activities to notice URIs

Closes #289 and #383

See merge request pleroma/pleroma!462
2018-11-17 22:20:08 +00:00
William Pitcock
98795172a7 ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 22:10:15 +00:00
lambda
d73c7cc0ca Merge branch 'security/spoofing-hardening' into 'develop'
security: spoofing hardening

Closes #380, #381, and #382

See merge request pleroma/pleroma!461
2018-11-17 21:52:51 +00:00
William Pitcock
e10f839e9b tests: federator: fix formatting 2018-11-17 21:41:08 +00:00
William Pitcock
dfcfb184b1 activitypub: transmogrifier: make deletes secure 2018-11-17 21:22:57 +00:00
Haelwenn (lanodan) Monnier
52681f7fd0
Web.AdminAPI.AdminAPIControllerTest: New Test 2018-11-17 22:12:14 +01:00
Haelwenn (lanodan) Monnier
0ca00b3a07
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit 2018-11-17 22:12:14 +01:00
Haelwenn (lanodan) Monnier
76bd80d462
test/plugs/user_is_admin_plug_test: New test 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier
44b6200103
lib/mix/tasks/relay*: Use a with block 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier
12ccf0c4f8
Change Relay from status to {status, message} 2018-11-17 22:12:13 +01:00
Haelwenn (lanodan) Monnier
4634d99d0d
Web.Router: Change right to permission group (except for function names) 2018-11-17 22:12:13 +01:00
William Pitcock
b1a6e8d80d test: add sanity tests for federator handling of AP docs 2018-11-17 21:01:19 +00:00
William Pitcock
0d1375f274 federator: return :ok or :error depending on if an AP doc was accepted or not 2018-11-17 21:00:37 +00:00
William Pitcock
3d9266a8cb federator: do origin containment when processing inbound messages 2018-11-17 20:43:43 +00:00
William Pitcock
55640c4804 tests: add a test to verify the general fake direction protection works in all cases 2018-11-17 20:31:20 +00:00
William Pitcock
dc1d8e13b4 tests: add a testcase for user collision 2018-11-17 20:20:45 +00:00
William Pitcock
c88533209c activitypub: user fetching: use fetch_and_contain_remote_object_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock
1a940cb46e tests: add tests for contain_origin_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock
daa8ec3d62 activitypub: factor out AP object fetching to it's own function and add ID-based containment 2018-11-17 20:15:59 +00:00
Haelwenn (lanodan) Monnier
e0b0fde713
Web.AdminAPI.AdminAPIController: Change right to permission group (except for function names) 2018-11-17 20:25:57 +01:00
Haelwenn (lanodan) Monnier
1a31d71187
lib/mix/tasks/relay_{un,}follow.ex: Use a with block 2018-11-17 20:25:57 +01:00