Commit Graph

1649 Commits

Author SHA1 Message Date
William Pitcock e82ce2a4b3 formatting 2018-09-10 00:28:40 +00:00
William Pitcock 358f88e10a html: allow inline images by default (because of custom emoji) 2018-09-10 00:24:19 +00:00
William Pitcock 40e2f6e500 html: add default scrubbing profile and configuration knobs 2018-09-10 00:14:57 +00:00
William Pitcock ac486fc59b everywhere: use Pleroma.HTML module instead of HtmlSanitizeEx directly 2018-09-10 00:14:47 +00:00
William Pitcock 255f46d7ab html: new module providing a configurable markup scrubbing policy 2018-09-10 00:13:57 +00:00
Dominique Feyer 801d645c6b TASK: Fix formatting 2018-09-09 23:42:28 +02:00
Dominique Feyer b79c126ee0 Add missing URL encoding in create authorization redirect 2018-09-09 23:31:47 +02:00
Hakaba Hitoyo 4e1bb7bccb make limit for /api/v1/suggestions 2018-09-09 13:57:23 +09:00
lambda 045953225e Merge branch 'moonman/pleroma-sha512-crypt' into 'develop'
auth overhaul and legacy GS auth

See merge request pleroma/pleroma!331
2018-09-08 09:20:34 +00:00
kaniini 530561a091 Merge branch 'add-secure-and-samesite-cookie-flags' into 'develop'
Add Secure and SameSite cookie flags

See merge request pleroma/pleroma!302
2018-09-07 23:55:42 +00:00
kaniini 3e4f39116b Merge branch 'feature/custom_media_url' into 'develop'
[Pleroma.Uploaders.Local]: Add configuration for custom url path

See merge request pleroma/pleroma!318
2018-09-07 23:49:36 +00:00
Martin Kühl c1d07da4e1 Mastodon API: Fake support for loading filters 2018-09-07 16:12:44 +02:00
Martin Kühl 619f67768a Mastodon API: Add unsupported attributes to relationship responses
These attributes are documented as required by the Mastodon API.
Since we don’t support them (I think?), respond with default values.
2018-09-07 16:12:44 +02:00
lain 70163aec9b Add LegacyAuthenticationPlug to router. 2018-09-05 22:31:57 +02:00
lain 44b094908c Update legacy passwords automatically. 2018-09-05 22:30:14 +02:00
lain 3aba585e7a Add Plugs to router. 2018-09-05 21:57:56 +02:00
lain e601165426 Add UserEnabledPlug. 2018-09-05 21:53:53 +02:00
lain 5ce1ebb179 Add SetUserSessionIdPlug. 2018-09-05 21:42:42 +02:00
Haelwenn 4a3dbd9d4e Merge branch 'fix/sign-in-with-toot' into 'develop'
Fix sign-in and sign-out with Toot!

See merge request pleroma/pleroma!306
2018-09-05 18:20:26 +00:00
lain 636ad3e155 Add new plugs to router. 2018-09-05 19:13:53 +02:00
lain 12bc73dd28 Add EnsureUserKeyPlug, smaller fixes 2018-09-05 19:06:28 +02:00
lain 32465b9939 Simplify AuthenticationPlug 2018-09-05 18:53:38 +02:00
lain 9a96c93be7 Add SessionAuthenticationPlug. 2018-09-05 18:37:02 +02:00
lain a3f54fca4d Add LegacyAuthenticationPlug 2018-09-05 18:17:33 +02:00
lain 3cf17dc402 Add EnsureAuthenticatedPlug 2018-09-05 17:59:19 +02:00
lain faf5347748 Add UserFetcherPlug. 2018-09-05 17:44:38 +02:00
lain 42bd985e66 Add BasicAuthDecoderPlug 2018-09-05 17:30:05 +02:00
Moon Man 8b020e03a6 change cond to if else 2018-09-05 01:37:48 -04:00
Moon Man 1a8bc26e52 auth against sha512-crypt password hashes, upgrade to pbkdf2 2018-09-05 00:21:44 -04:00
kaniini 76c67a41c1 Merge branch 'develop' into 'feature/staff-discovery-api'
# Conflicts:
#   lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
2018-09-03 14:55:42 +00:00
William Pitcock 9a21ff5f61 nodeinfo: add staffAccounts field to metadata 2018-09-03 14:48:31 +00:00
kaniini 1c9e539b47 Merge branch 'feature/mastodon_api_2.4.x' into 'develop'
Add/Fix Mastodon endpoints for 2.4.3 compatibility

See merge request pleroma/pleroma!266
2018-09-03 12:33:36 +00:00
Hakaba Hitoyo b1124f1605 report chat and gopher support at /nodeinfo/2.0.json 2018-09-03 21:13:30 +09:00
William Pitcock b61430163b user: add moderator_user_query() 2018-09-03 12:03:23 +00:00
kaniini 7ca2a2ddea Merge branch 'nil-bio-emojis' into 'develop'
add nil clause for Formatter.get_emoji/1 to return an empty result

Closes #274

See merge request pleroma/pleroma!315
2018-09-03 05:54:11 +00:00
shadowfacts 35515cfa66 Update mastodon_api_controller.ex 2018-09-03 01:58:55 +00:00
shadowfacts 26f8697400 Update mastodon_api_controller.ex 2018-09-03 01:52:02 +00:00
shadowfacts 2b2bd0e047 Render notification IDs as strings, not numbers 2018-09-03 01:40:05 +00:00
Thurloat 4257f784bc sloop around get_emoji/1 to check is_binary and have a fallthrough
default that returns empty
2018-09-02 20:44:37 -03:00
Haelwenn (lanodan) Monnier 754deb26dd
[Pleroma.Uploaders.Local]: Add configuration for custom url path
One use-case being an external caching proxy
2018-09-02 19:00:16 +02:00
kaniini b7923aa304 Merge branch 'hotfix_broken_likes' into 'develop'
hotfix for broken like completely breaking the notifications API

See merge request pleroma/pleroma!284
2018-09-02 12:37:00 +00:00
William Pitcock 834515fb51 formatter: don't add XSS emoji 2018-09-02 00:04:09 +00:00
kaniini 3c7280934e Merge branch 'security/activitypub-spoofing' into 'develop'
security: activitypub spoofing

See merge request pleroma/pleroma!321
2018-09-01 23:48:55 +00:00
William Pitcock 03e92977cb transmogrifier: fix peertube/plume actor handling 2018-09-01 23:44:19 +00:00
William Pitcock 0b2c051a04 activitypub: fix possibility of spoofing by containing remote objects to the same domain as their actor 2018-09-01 23:20:02 +00:00
William Pitcock e2ce0e9e05 run `mix format`. 2018-09-01 21:12:42 +00:00
Martin Kühl 84d84e4ca4 OAuth: Support /revoke endpoint for revoking tokens
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
Martin Kühl ad2a7972e7 OAuth: Set `created_at` in token exchange response
(for compatibility with Mastodon)
2018-09-01 23:10:48 +02:00
Martin Kühl b60d232719 AccountView: `sensitive` is supposed to be a boolean, not a string 2018-09-01 23:10:48 +02:00
William Pitcock c921d99898 config: add ability to disable Pleroma FE config management (closes #276) 2018-09-01 21:05:32 +00:00
kaniini 2e2f458705 Merge branch 'lanodan/code-dup_in_mastoapi_search' into 'develop'
Clean code duplication in MastoAPI search(v1/v2)

See merge request pleroma/pleroma!316
2018-09-01 09:12:59 +00:00
Will Pearson 0c2a0e3551 Specify default scope in verify_credentials
Certain Mastodon/Pleroma front ends call verify_credentials to get the
default scope of a new toot.

Currently, Pleroma hardcodes this value to "public".

This patch changes it to the user's default_scope value.
2018-08-31 21:04:46 -07:00
Haelwenn (lanodan) Monnier 8885d16e1b
[Pleroma.Web.MastodonAPI.MastodonAPIController].search(2)?: Remove code duplication 2018-09-01 03:11:58 +02:00
Thurloat a9c0f395cb add nil clause for Formatter.get_emoji/1 to return an empty result 2018-08-31 14:29:23 -03:00
lambda 58539e1357 Revert "Merge branch 'feature/rich-text' into 'develop'"
This reverts merge request !309
2018-08-31 09:51:20 +00:00
William Pitcock 856b5e1ca4 config: chase pleroma-fe updates from MR pleroma-fe!324. 2018-08-31 04:01:21 +00:00
kaniini a26d5e6b2a Merge branch 'feature/rich-text' into 'develop'
rich text support

See merge request pleroma/pleroma!309
2018-08-31 03:41:00 +00:00
William Pitcock 6aa65b68b8 common api: add support for formatting messages outside of twitter-style plain text 2018-08-31 03:13:59 +00:00
kaniini e838969495 Merge branch 'use-media-proxy-in-suggestions-api' into 'develop'
use media proxy for the suggestions api

See merge request pleroma/pleroma!305
2018-08-30 23:06:30 +00:00
kaniini 65e8d47cfb Merge branch 'backendhack' into 'develop'
Flexible Storage Backends

See merge request pleroma/pleroma!304
2018-08-30 23:05:01 +00:00
Thurloat adffad5502 increase uploader behaviour documentation accuracy. 2018-08-30 09:20:29 -03:00
Thurloat af01f0196a Add backend failure handling with :ok | :error so the uploader can handle it.
defaulting to :ok, since that's the currently level of error handling.
2018-08-29 22:07:28 -03:00
William Pitcock 29b5e30c46 activity: drop recipients_to/recipients_cc fields 2018-08-29 18:41:02 +00:00
William Pitcock de9acebbf3 activitypub: use jsonb query for containment instead of recipients_to/recipients_cc. 2018-08-29 18:41:02 +00:00
href ddc6f32b75
Fix Mastodon API when actor's nickname is null 2018-08-29 16:32:50 +02:00
William Pitcock cce9d008f9 streamer: contain list updates in the same way as we do with the database query 2018-08-29 09:23:05 +00:00
William Pitcock ded9091206 mastodon api: use bounded AP object graph query to enforce containment of private statuses 2018-08-29 08:51:51 +00:00
William Pitcock 643fae6e36 activitypub: allow querying the activity/object graph bounded to a specific to/cc set 2018-08-29 08:51:23 +00:00
William Pitcock 81673b8136 activity: add recipients_to and recipients_cc fields 2018-08-29 08:42:33 +00:00
Thurloat 2ff25ac0ce A hobbldey-working swift client.
apparently, all elixir openstack libraries are trash
luckily, the APIs are stupid easy.
2018-08-28 22:32:24 -03:00
Thurloat 9fc20ed572 works now, tested with profile photo upload on local backend. 2018-08-28 20:04:26 -03:00
Thurloat dad39b24a1 add the behaviour, work on actually making it work. 2018-08-28 19:48:03 -03:00
shibayashi 18ad8aaecf
Explicitly set 'http_only' to true 2018-08-28 22:34:31 +02:00
Thurloat 8d2d7a8859 Implement uploader behaviour
run formatter <#
2018-08-28 09:57:41 -03:00
shibayashi 4656a07e9e
Set SameSite flag to 'Strict' 2018-08-28 14:03:29 +02:00
Hakaba Hitoyo 6cbfb5ab5d use media proxy for suggestions api 2018-08-28 17:01:17 +09:00
Thurloat 0df558a6a5 cleaning up a bit. 2018-08-27 22:45:53 -03:00
Thurloat 709816a0f8 example of flexible storage backends 2018-08-27 22:20:54 -03:00
William Pitcock d22f66655b upload: formatting 2018-08-28 00:25:30 +00:00
William Pitcock 1596185ac6 upload: add the S3 support itself 2018-08-28 00:18:44 +00:00
William Pitcock 86c007ddd2 upload: strip exif data before finalizing the file path 2018-08-27 23:36:30 +00:00
shibayashi 0c4493f144
Fix formatting 2018-08-28 00:47:34 +02:00
shibayashi b9a642da1e
Add Secure and SameSite cookie flags 2018-08-28 00:40:58 +02:00
Henry Jameson 0f1c629d65 better solution, added test. 2018-08-27 17:07:26 +03:00
Haelwenn (lanodan) Monnier 6973b77e94
[Pleroma.Web.MastodonAPI.FilterView] fix expires_at being a unsafe variable 2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier 9bddb39ff0
[Pleroma.Web.MastodonAPI.FilterView]: expires_at should be null when N/A 2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier d571a571fe
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.4.3 2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier 6e030129fb
[MastodonAPI] Add filters 2018-08-27 15:09:05 +02:00
Haelwenn (lanodan) Monnier a5adb251ab
[Pleroma.Web.MastodonAPI.AccountView]: Add fields support 2018-08-27 15:09:05 +02:00
Haelwenn (lanodan) Monnier d008f2d69c
[Pleroma.Web.MastodonAPI.AccountView]: Add bot field 2018-08-27 15:09:04 +02:00
Haelwenn (lanodan) Monnier 97e20d2932
[MastodonAPI] the tag field isn’t fixed to a static type in pleroma 2018-08-27 15:08:25 +02:00
Haelwenn (lanodan) Monnier 83efaa3af6
[MastodonAPI] Add streaming of hashtags 2018-08-27 15:08:25 +02:00
William Pitcock 5dd6542db5 formatting 2018-08-27 10:46:01 +00:00
William Pitcock 1089d3658e user: fix up notification last calculation [NOT related to upstream] 2018-08-27 10:46:01 +00:00
lambda 46c7c2380c Merge branch 'feature/relay' into 'develop'
message relay

Closes #144

See merge request pleroma/pleroma!264
2018-08-27 08:29:25 +00:00
lambda 440b459cd1 Merge branch 'bugfix/announce-timeline-flooding' into 'develop'
activitypub: filter destination list for announce activities differently than normal (closes #164)

Closes #164

See merge request pleroma/pleroma!227
2018-08-27 08:25:27 +00:00
kaniini 63094cfd3e Merge branch 'feature/emoji-in-local-users' into 'develop'
Add emoji to local user profiles.

Closes #202

See merge request pleroma/pleroma!271
2018-08-26 23:24:41 +00:00
William Pitcock bc3c30430e fix formatting 2018-08-26 22:46:25 +00:00
kaniini 1ad5cbed51 Merge branch 'bugfix/common-api-visibility-orphan' into 'develop'
common api: properly handle replying to orphaned threads

See merge request pleroma/pleroma!299
2018-08-26 22:39:15 +00:00
William Pitcock 741c6ad671 common api: handle replying to orphaned threads 2018-08-26 22:37:36 +00:00
kaniini c9e4c45e0e Merge branch 'login-with-email' into 'develop'
When logging in, try treating the login as an email

Closes #245

See merge request pleroma/pleroma!295
2018-08-26 21:35:12 +00:00
kaniini 0f5bff8c66 Merge branch 'develop' into 'feature/relay'
# Conflicts:
#   lib/pleroma/web/activity_pub/utils.ex
2018-08-26 21:06:15 +00:00
hakabahitoyo 946a0769c4 remove unused settings from /api/statusnet/config 2018-08-26 17:40:15 +09:00
Ekaterina Vaartis 540cce5d10 When logging in, try treating the login as an email
Closes #245
2018-08-25 23:29:03 +03:00
kaniini ffa552f1a4 Merge branch 'feature/twitterapi-object-description' into 'develop'
twitter api: provide object descriptions as attachment description field

See merge request pleroma/pleroma!293
2018-08-25 00:20:25 +00:00
William Pitcock aab2bdddf4 twitter api: provide object descriptions as attachment description field 2018-08-25 00:12:58 +00:00
William Pitcock 290798b821 http: fix TLS server name indication
by default, hackney only sent TLS server name indication if TLS was locked
to TLS 1.2.

since there are many instances out there not speaking TLS 1.2, it is not
acceptable to lock SNI to TLS 1.2.

closes #261
2018-08-24 20:04:50 +00:00
kaniini be7a6db1f5 Merge branch 'bugfix/formatter-single-char-nicks' into 'develop'
formatter: fix single char local nicknames

Closes #163

See merge request pleroma/pleroma!290
2018-08-24 18:42:14 +00:00
kaniini 9ded0ee1a5 Merge branch 'config/fe-collapse-subject' into 'develop'
fe config: add collapse_message_with_subject fe option

See merge request pleroma/pleroma!289
2018-08-24 18:27:43 +00:00
William Pitcock 3e10d13909 formatter: adjust regexp captures to match local users with single character nicknames (closes #163) 2018-08-24 18:22:47 +00:00
William Pitcock 09cb402203 fe config: add collapse_message_with_subject fe option 2018-08-24 18:21:42 +00:00
hakabahitoyo bf9f68b681 debug 2018-08-23 11:52:18 +09:00
William Pitcock a909fe45a6 formatting 2018-08-23 01:34:36 +00:00
William Pitcock 52b44184b4 transmogrifier: reject activities lacking a valid ID 2018-08-23 01:25:26 +00:00
Henry Jameson 9b046d2a84 fixed notifications API completely breaking if there's a like for
missing (deleted) post.
2018-08-22 16:10:59 +03:00
Haelwenn (lanodan) Monnier d5bdd55b5d
[Pleroma.Web.TwitterAPI.UserView]: Do not fail if user.bio is nil 2018-08-22 01:47:25 +02:00
Haelwenn (lanodan) Monnier 5dde6e4a00
[Pleroma.Web.MastodonAPI.StatusView] Fix rendering peertube videos 2018-08-22 01:46:26 +02:00
kaniini f6b06d2ac8 Merge branch 'feature/peertube_2' into 'develop'
rebase/update of feature/peertube

See merge request pleroma/pleroma!217
2018-08-21 16:58:44 +00:00
kaniini a6d4cc8917 Merge branch 'sanitize-bio' into 'develop'
mastodon api: sanitize the bio HTML

See merge request pleroma/pleroma!282
2018-08-21 16:56:24 +00:00
Haelwenn (lanodan) Monnier 046741c60d
[Pleroma.Web.MastodonAPI.StatusView] Support Peertube Video titles 2018-08-21 18:34:56 +02:00
Haelwenn (lanodan) Monnier f5b056e3ce
[Pleroma.Web.ActivityPub.Transmogrifier]: Fix likes 2018-08-21 18:26:12 +02:00
Haelwenn (lanodan) Monnier 3b8ef24532
Fix attachement rendering 2018-08-21 18:24:10 +02:00
lain a6b021a52b
Render peertube videos in mastodon. 2018-08-21 18:24:10 +02:00
lain c381d0b577
Use activitypub to fetch posts.
This falls back to ostatus.
2018-08-21 18:24:09 +02:00
Haelwenn (lanodan) Monnier 74c74decf5
Basic peertube support. 2018-08-21 18:24:09 +02:00
Haelwenn (lanodan) Monnier ef4f982e2c
Pleroma.Web.ActivityPub.Transmogrifier: Fix actor being a list of objects (Peertube) 2018-08-21 18:24:06 +02:00
ensra 1495d04789 fix test for converting bio \r\n to <br>. 2018-08-21 14:51:27 +01:00
ensra cdb3dd48ab Format 2018-08-21 14:12:55 +01:00
ensra 5debd7b5cc Twitter API: Support Mastodon-style bios
(multi-line, with links, and user mentions)
2018-08-21 14:03:36 +01:00
ensra 175f0bebbc mastodon api: sanitize the bio HTML 2018-08-21 10:53:53 +01:00
kaniini c1b8a6a73b Merge branch 'feature/formatter-consistent-hashtag-mentions' into 'develop'
formatter: consistent presentation of hashtags and mentions

See merge request pleroma/pleroma!280
2018-08-20 18:44:52 +00:00
William Pitcock c033d2004b formatting 2018-08-20 18:40:05 +00:00
William Pitcock 145546e52a common api: format hashtags in the same way as we format mentions 2018-08-20 18:39:47 +00:00
eal f1c407e777 Merge branch 'fix/redirect-on-user-fetch' into 'develop'
ActivityPub: follow redirects when fetching user

See merge request pleroma/pleroma!278
2018-08-20 12:13:07 +00:00
eal 51a21284c6 ActivityPub: follow redirects when fetching user 2018-08-20 15:03:25 +03:00
shadowfacts 6698749073 Fix typo in app creation response
Mastodon sends redirect_uri (singular), so should Pleroma.
2018-08-17 12:48:24 +00:00
William Pitcock a3ef2ebb35 mastodon api controller: client_name, not name 2018-08-16 23:50:49 +00:00
William Pitcock b5a92b1199 mastodon api: add undocumented fields to json response, return app id as string like mastodon itself does 2018-08-16 23:40:42 +00:00
kaniini 183ccd1812 Merge branch 'dev-lanodan-url-regex' into 'develop'
lib/pleroma/formatter.ex: Fix URL regex

Closes #127

See merge request pleroma/pleroma!69
2018-08-16 15:41:16 +00:00
kaniini c004b6ea0a Merge branch 'mastofe/system-font' into 'develop'
Mastodon frontend: Use system font

See merge request pleroma/pleroma!247
2018-08-16 15:38:59 +00:00
kaniini 5fbb14f5ec Merge branch 'bugfix/federation-kroeg' into 'develop'
fix federation with kroeg

See merge request pleroma/pleroma!272
2018-08-16 15:20:15 +00:00
kaniini 38361e7b5e Merge branch 'fix/put-repeats-at-activitypub-outbox' into 'develop'
Fix: Output repeats at ActivityPub outbox

Closes #191

See merge request pleroma/pleroma!175
2018-08-16 15:19:46 +00:00
kaniini 8dc715b30b Merge branch 'fix/normalize-file-extension' into 'develop'
Normalize file extension for uploaded files

Closes #218

See merge request pleroma/pleroma!233
2018-08-16 15:17:17 +00:00
lambda 9908cf8fda Merge branch 'feature/suggestions-api-with-third-party-recommendation-engine' into 'develop'
Feature / Suggestions API with third party recommendation engine

See merge request pleroma/pleroma!254
2018-08-15 07:47:33 +00:00
William Pitcock f446e75577 activitypub: transmogrifier: add necessary translations for kroeg 2018-08-14 17:09:11 +00:00
eal 92caa2632b Use Image type for emoji icons. 2018-08-13 16:21:18 +03:00
eal 1ed1ff17a4 ActivityPub user view: include tag if present. 2018-08-13 16:11:48 +03:00
eal f9d13558c8 CommonAPI: add emoji to user source data on update 2018-08-13 15:27:20 +03:00
lain 8c0c930041 formatting 2018-08-12 19:42:21 +02:00
lain ffd9ad1f0c Fix for elixir 1.7. 2018-08-12 18:41:33 +02:00