href
9b553a1087
media_proxy: CSP, content-disposition
...
* Adds CSP headers to the media proxy endpoint
* Sends `content-disposition: attachment; …` for non-image/video/audio
content types
The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.
* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)
2018-11-13 15:58:02 +01:00
shibayashi
87c76a9a2f
Add __Host- prefix when secure flag is enabled
2018-11-13 00:32:38 +01:00
scarlett
0ce5623134
Merge branch 'twitter-api-null-display-name' into 'develop'
...
Twitter API: Fall back to user.nickname if user has no name
Closes #375
See merge request pleroma/pleroma!444
2018-11-12 17:08:54 +00:00
scarlett
cb6fd73861
Twitter API: Fall back to user.nickname if user has no name
2018-11-12 15:52:13 +00:00
kaniini
54923c2e55
Merge branch 'feature/csp-plug' into 'develop'
...
migrate CSP management to CSPPlug
See merge request pleroma/pleroma!441
2018-11-12 15:30:42 +00:00
William Pitcock
fe67665e19
rename CSPPlug to HTTPSecurityPlug.
2018-11-12 15:08:02 +00:00
KokaKiwi
1592fa2bea
Mastodon API: Fix list streaming
2018-11-11 14:18:15 +01:00
William Pitcock
f516e317ea
plugs: add CSPPlug
2018-11-11 06:10:21 +00:00
William Pitcock
419ed3a0ca
oauth: fix token decode regression
2018-11-11 05:26:39 +00:00
William Pitcock
97e50f3191
activitypub: transmogrifier: sanitize internal representation details from outgoing objects
...
this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data. accordingly, it seems better to just remove
it.
2018-11-10 12:24:20 +00:00
William Pitcock
f8310114a6
activitypub: object view: sanitize both the activity and the object when an activity is given for rendering
2018-11-10 12:04:09 +00:00
kaniini
c9c1f9dee2
Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'
...
ostatus: only federate activities concerning note objects
See merge request pleroma/pleroma!437
2018-11-10 11:50:02 +00:00
kaniini
7daa102fa4
Merge branch 'bugfix/local-jsonld-context' into 'develop'
...
Host LitePub JSON-LD context locally
See merge request pleroma/pleroma!435
2018-11-10 11:37:44 +00:00
William Pitcock
4f87b8362b
endpoint: move CORSPlug in front of Plug.Static
2018-11-10 11:23:50 +00:00
William Pitcock
03a9990baf
endpoint: fix formatting
2018-11-10 11:18:25 +00:00
William Pitcock
e6d246882d
federator: don't federate anything other than Note objects to OStatus
2018-11-10 10:06:10 +00:00
William Pitcock
e4971553c7
activitypub: utils: use same object type list for mention extraction as insertion
2018-11-09 13:40:39 +00:00
William Pitcock
b9871e7e5a
activitypub: utils: wrap Note objects in a Create when extracting mentions
2018-11-09 09:01:40 +00:00
William Pitcock
6cadfcb21e
activitypub: utils: switch to using new Notification.get_notified_from_activity().
2018-11-09 09:01:40 +00:00
William Pitcock
6b4064fa5d
activitypub: transmogrifier: unify mention extraction
2018-11-08 19:41:36 +00:00
Haelwenn (lanodan) Monnier
2fab32ab61
Pleroma.Web.Endpoint: Whitelist schemas directory
2018-11-08 20:22:12 +01:00
Haelwenn (lanodan) Monnier
934125695d
Move /litepub-1.0.jsonld to /schemas/litepub-0.1.jsonld
2018-11-08 20:21:45 +01:00
William Pitcock
4e93d6ae14
common api: utils: flip to/cc for mentions
2018-11-08 19:17:01 +00:00
William Pitcock
3e33479c05
activitypub: transmogrifier: only consider to
users as mention targets
2018-11-08 18:58:27 +00:00
Haelwenn (lanodan) Monnier
abcacec97d
Pleroma.Web.ActivityPub.Utils: Use locally-served JSON-LD Litepub context instead of Github-hosted one
2018-11-08 19:38:38 +01:00
William Pitcock
da16ada424
utils: use litepub @context instead of that huge mess
2018-11-08 16:52:14 +00:00
William Pitcock
f733470037
user view: unify a @context entry that was missed
2018-11-08 16:51:48 +00:00
lambda
59cf7cf235
Merge branch 'small-jsonld-refactor' into 'develop'
...
Small jsonld refactor
See merge request pleroma/pleroma!433
2018-11-08 16:23:58 +00:00
lain
34bd411781
Unify json ld header handling.
2018-11-08 16:39:38 +01:00
lain
3b02fd9fb7
Small refactor.
2018-11-08 16:05:28 +01:00
kaniini
4d627a5117
Merge branch 'feature/qvitter-notifications-dismiss' into 'develop'
...
qvitter notifications: add new "read notifications" API
See merge request pleroma/pleroma!431
2018-11-07 22:33:06 +00:00
kaniini
b451a92d78
Merge branch 'runtime-config' into 'develop'
...
Runtime configuration
See merge request pleroma/pleroma!430
2018-11-07 22:32:34 +00:00
href
e42f2efae4
/api/v1/accounts/relationships Return an empty array if no id in params
...
This copies Mastodon API behaviour & fixes Mastalab app.
2018-11-07 16:32:57 +01:00
href
9070588493
Runtime config: MRF changes
2018-11-07 10:40:24 +01:00
William Pitcock
b2105a3131
twitterapi: add notification read endpoint
2018-11-06 23:25:07 +00:00
href
5bb88fd174
Runtime configuration
...
Related to #85
Everything should now be configured at runtime, with the exception of
the `Pleroma.HTML` scrubbers (the scrubbers used can be
changed at runtime, but their configuration is compile-time) because
it's building a module with a macro.
2018-11-06 19:41:15 +01:00
kaniini
a68c18f0ad
Merge branch 'unify-mastodon-oauth' into 'develop'
...
Unify Mastodon Login with OAuth login.
See merge request pleroma/pleroma!429
2018-11-06 16:18:12 +00:00
kaniini
0f3e78addb
Merge branch 'runtime-router' into 'develop'
...
Runtime configured router
See merge request pleroma/pleroma!426
2018-11-06 15:35:19 +00:00
lain
a8f1e30cb8
Formatting.
2018-11-06 16:05:58 +01:00
lain
4f640c43ed
Unify Mastodon Login with OAuth login.
...
This removes duplication in the login code.
2018-11-06 15:19:11 +01:00
href
2bc924ba45
Get rid of Pleroma.Config in favor of Application
...
Discussed in https://git.pleroma.social/pleroma/pleroma/merge_requests/426#note_7232
2018-11-06 15:12:53 +01:00
href
013f7ba8c1
Add federating plug & public tests
2018-11-06 14:45:04 +01:00
href
6fe23c5458
Runtime configured router
2018-11-05 15:19:03 +01:00
href
763fc7b44f
Runtime configured emojis
...
The changes are a bit heavy since the emojis were loaded into module
attributes from filesystem.
This introduces a GenServer using an ETS table to cache in memory the
emojis, and allows a runtime-reload with `Pleroma.Emoji.reload()`.
2018-11-05 13:24:00 +01:00
kaniini
007f1c73b1
Merge branch 'feature/cors-again' into 'develop'
...
Add CORSPlug to make web-based OAuth easier.
See merge request pleroma/pleroma!420
2018-11-03 15:36:23 +00:00
Haelwenn (lanodan) Monnier
3e50bb667f
Pleroma.Web.MastodonAPI.StatusView: Content isn’t nullable
2018-11-03 14:42:47 +01:00
lain
e954cfcc2c
Add CORSPlug to make web-based OAuth easier.
2018-11-03 13:38:01 +01:00
lambda
4bcdbb12a4
Merge branch 'fix_hashtag_search' into 'develop'
...
Fix hashtag search
See merge request pleroma/pleroma!418
2018-11-02 20:05:56 +00:00
Mark Felder
0cca7edbe0
Fix hashtag search
...
When we lowercase the search it will succesfully do a case insenstive
match. Now #Linux will match #linux and #LINUX whereas previously it
would only match the exact case.
2018-11-02 19:38:57 +00:00
lain
45ebc8dd9a
Check for empty string in_reply_to ids.
2018-11-02 17:33:51 +01:00
Haelwenn (lanodan) Monnier
3c7d4ff271
Pleroma.Web.TwitterAPI.ActivityView: Harden TwitterAPI against remnant of prismo
2018-11-01 15:07:27 +01:00
William Pitcock
24ba08de13
twitter api: add support for rendering Page objects
2018-11-01 10:01:35 +00:00
William Pitcock
4d8f076125
mastodon api: add support for rendering Page objects
2018-11-01 10:00:16 +00:00
William Pitcock
9f03b5c4f7
activitypub: transmogrifier: add support for Page objects
2018-11-01 09:59:43 +00:00
kaniini
eba9a62024
Merge branch 'feature/relay-tests' into 'develop'
...
relay tests
See merge request pleroma/pleroma!411
2018-11-01 09:10:51 +00:00
Haelwenn
40676d7683
Merge branch 'bugfix/prismo.news_article_url' into 'develop'
...
Bugfix/prismo.news article url
Closes #352
See merge request pleroma/pleroma!410
2018-11-01 09:05:16 +00:00
lain
1e9ced5af4
Test Relay, switch to runtime configuration.
2018-11-01 09:01:43 +00:00
Haelwenn (lanodan) Monnier
b2da5262ea
Pleroma.Web.ActivityPub.Transmogrifier: fix_url when not a string/empty
...
Thanks prismo.news, I hate it
2018-11-01 09:56:37 +01:00
Haelwenn (lanodan) Monnier
755f166406
Pleroma.Web.MastodonAPI.StatusView: Do not fail when URL isn’t a string
2018-11-01 09:55:38 +01:00
William Pitcock
10f3958468
object: return the deleted object as well
2018-11-01 07:47:50 +00:00
William Pitcock
2bf358d7b4
activitypub: use Object.delete() instead of mutating the database and cache directly
2018-11-01 07:29:12 +00:00
Haelwenn (lanodan) Monnier
558e6a84d6
[Pleroma.Web.CommonAPI]: Delete post cache entry when it’s deleted
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/346
2018-11-01 06:52:01 +01:00
William Pitcock
47f76bf4b1
common api: allow self-liking objects
...
mastodon allows this, for whatever reason.
closes #347 .
2018-10-31 22:29:49 +00:00
scarlett
b92e38d2d4
Add user reactivation task.
2018-10-29 23:13:15 +00:00
kaniini
a880e0a527
Merge branch 'feature/upload-limits' into 'develop'
...
configurable media upload limits
Closes #118
See merge request pleroma/pleroma!401
2018-10-29 20:14:10 +00:00
William Pitcock
676c97b8c7
nodeinfo: expose configured upload limits
2018-10-29 20:07:52 +00:00
William Pitcock
f407831120
common api: prefer formatting attachments using the attachment's name instead of URI
2018-10-29 17:59:24 +00:00
William Pitcock
784b3a615d
utils: fix another possible leak with private S3 backends using mediaproxy
...
same rationale as the other mediaproxy changes
2018-10-29 17:26:15 +00:00
William Pitcock
181f3bb56a
mastodon api: enforce upload limits for avatars and banners
2018-10-29 16:43:05 +00:00
William Pitcock
e12489e2fe
twitter api: enforce upload limits for avatars, banners and backgrounds
2018-10-29 16:43:05 +00:00
William Pitcock
167d3789a5
activitypub: upload: pass through an upload limit if one is provided
2018-10-29 16:43:05 +00:00
William Pitcock
5c6ec2d9fc
twitter/mastodon api: always use mediaproxy URLs in attachments
...
if using local media, the mediaproxy will not replace the URL anyway.
2018-10-29 15:19:32 +00:00
William Pitcock
72ea54de6e
activitypub: fix possible false positives with broken thread filtering
2018-10-28 05:45:33 +00:00
William Pitcock
26eb11c172
activitypub: add support for filtering broken threads out of timelines
2018-10-26 06:16:51 +00:00
William Pitcock
f6cb963df2
activitypub utils: fix recipient check when the message is unaddressed (mastodon)
2018-10-26 01:24:22 +00:00
Haelwenn (lanodan) Monnier
7906dfe5a0
[Pleroma.Web.Nodeinfo.NodeinfoController]: Simplify features strings
2018-10-26 01:06:34 +02:00
Haelwenn (lanodan) Monnier
57330dd91b
[Pleroma.Web.Nodeinfo.NodeinfoController]: Have a list of supported features
2018-10-26 01:06:19 +02:00
William Pitcock
ce70eb8c00
activitypub utils: fix user splicing
2018-10-25 05:24:01 +00:00
William Pitcock
2f1f1a4f30
activitypub: splice users into recipient lists when they receive messages at their personal inbox
...
closes #343
2018-10-25 05:02:21 +00:00
kaniini
9e9b1bd5ea
Merge branch 'bugfix/ap-uri-user-search' into 'develop'
...
transmogrifier: do not try to contain origin of something which doesn't have one
Closes #340
See merge request pleroma/pleroma!389
2018-10-25 04:38:46 +00:00
Haelwenn
79b1e4465f
Merge branch 'bugfix/233-handle-missing-StatusView' into 'develop'
...
[Pleroma.Web.MastodonAPI.StatusView]: Add fallback on missing handler for status.json
Closes #233
See merge request pleroma/pleroma!257
2018-10-25 04:35:29 +00:00
William Pitcock
5383887bd4
transmogrifier: do not try to contain origin of something which doesn't have one
2018-10-25 04:27:33 +00:00
Haelwenn (lanodan) Monnier
b386888a0e
[Pleroma.Web.MastodonAPI.MastodonAPIController]: fallback for try_render/4
...
Better be sure than sorry
2018-10-25 06:21:11 +02:00
William Pitcock
1ed25c963a
twitterapi: activity view: add the other in_reply_to fields
2018-10-25 04:04:04 +00:00
Haelwenn (lanodan) Monnier
b112112c11
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Wrap around render/4
2018-10-25 05:52:45 +02:00
Haelwenn (lanodan) Monnier
b0a940d5a2
[Pleroma.Web.MastodonAPI.StatusView]: Remove unused arguments
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
2da0ffeb28
lib/pleroma/web/mastodon_api/mastodon_api_controller.ex: Output an error when render(status.json) gives a nil
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
0c10be8731
[Pleroma.Web.MastodonAPI.StatusView]: Remove nils from lists.json
2018-10-25 05:24:03 +02:00
Haelwenn (lanodan) Monnier
3b0e9287a5
[Pleroma.Web.MastodonAPI.StatusView]: Return nil as fallback for missing views
2018-10-25 05:24:01 +02:00
William Pitcock
fee43ae5e7
twitterapi: activity view: implement in_reply_to_screen_name using the new graph walking helper
2018-10-25 02:59:04 +00:00
scarlett
a253c1466e
New frontend options
2018-10-21 12:52:52 +01:00
AkiraFukushima
e8c698af41
Add an endpoint /api/v1/accounts/:id/lists to get lists to which account belongs
2018-10-19 01:46:26 +09:00
scarlett
7562912f6a
Use maybe_direct_follow for follow imports
2018-10-17 04:16:11 +01:00
William Pitcock
30efa86c05
common api: enable tag linking in markdown mode
2018-10-14 20:36:11 +00:00
Haelwenn (lanodan) Monnier
eacab0fb05
Delete Tokens and Authorizations on password change
...
Closes: https://git.pleroma.social/pleroma/pleroma/issues/320
2018-10-14 02:14:54 +02:00
William Pitcock
111841ad34
common api: take the combination of the subject and content for length limit enforcement
...
closes #315
2018-10-10 07:53:44 +00:00
William Pitcock
08d5ad71b6
nodeinfo: allow opting out of MRF transparency
2018-10-07 01:23:38 +00:00
William Pitcock
7b3fff9af8
{mastodon api, twitter api}: make the follow handshake timeout configurable
2018-10-07 01:05:59 +00:00
William Pitcock
7f530f6f80
mastodon api: relationship view: better handle no pre-existing follow activity
2018-10-05 23:50:13 +00:00
William Pitcock
e69faf550c
user: add wait_and_refresh() for async three-way handshake case
2018-10-05 23:40:49 +00:00