Commit Graph

8167 Commits

Author SHA1 Message Date
Pierre-Louis Bonicoli a158774364
hackney adapter helper & reverse proxy client: enable TLSv1.3
The list of TLS versions was added by
8bd2b6eb13 when hackney version was
pinned to 1.15.2. Later hackney version was upgraded
(166455c884) but the list of TLS
versions wasn't removed. From the hackney point of view, this list has
been replaced by the OTP defaults since 0.16.0
(734694ea4e24f267864c459a2f050e943adc6694).

It looks like the same issue already occurred before:
0cb7b0ea84.

A way to test this issue (where example.com is an ActivityPub site
which uses TLSv1.3 only):

   $ PLEROMA_CONFIG_PATH=/path/to/config.exs pleroma start_iex
   Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe]

   Erlang/OTP 22 [erts-10.7.2.16] [source] [64-bit] [smp:2:2] [ds:2:2:10] [async-threads:1] [hipe]

   Interactive Elixir (1.10.4) - press Ctrl+C to exit (type h() ENTER for help)
   iex(pleroma@127.0.0.1)2> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/")
   {:error,
    {:tls_alert,
     {:protocol_version,
      'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}}

With this patch, the output is the expected one:

   iex(pleroma@127.0.0.1)3> Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id("https://example.com/@/Nick/")
   {:error,
   {:ok,
    %{
      "@context" => [
        "https://www.w3.org/ns/activitystreams",
        "https://w3id.org/security/v1",
        %{
          "Emoji" => "toot:Emoji",
          "Hashtag" => "as:Hashtag",
          "atomUri" => "ostatus:atomUri",
          "conversation" => "ostatus:conversation",
          "featured" => "toot:featured",
          "focalPoint" => %{"@container" => "@list", "@id" => "toot:focalPoint"},
          "inReplyToAtomUri" => "ostatus:inReplyToAtomUri",
          "manuallyApprovesFollowers" => "as:manuallyApprovesFollowers",
          "movedTo" => "as:movedTo",
          "ostatus" => "http://ostatus.org#",
          "sensitive" => "as:sensitive",
          "toot" => "http://joinmastodon.org/ns#"
        }
      ],
      "endpoints" => %{"sharedInbox" => "https://example.com/inbox"},
      "followers" => "https://example.com/@/Nick/followers",
      "following" => nil,
      "icon" => %{
        "type" => "Image",
        "url" => "https://example.com/static/media/[...].png"
      },
      "id" => "https://example.com/@/Nick/",
      "inbox" => "https://example.com/@/Nick/inbox",
      "liked" => nil,
      "name" => "Nick",
      "outbox" => "https://example.com/@/Nick/outbox",
      "preferredUsername" => "Nick",
      "publicKey" => %{
        "id" => "https://example.com/@/Nick/#main-key",
        "owner" => "https://example.com/@/Nick/",
        "publicKeyPem" => "[...]
      },
      "summary" => "",
      "type" => "Person",
      "url" => "https://example.com/@/Nick/"
    }}

A way to test the reverse proxy bits of this issue (where example.com allows TLSv1.3 only):

    iex(pleroma@127.0.0.1)1> Pleroma.ReverseProxy.Client.Hackney.request("GET", "https://example.com", [], [])
    {:error,
     {:tls_alert,
      {:protocol_version,
       'TLS client: In state hello received SERVER ALERT: Fatal - Protocol Version\n'}}}
2022-05-31 00:51:45 +02:00
Hélène a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
Haelwenn 4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop'
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
Ilja a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu 57c030a0a7 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu e2d24eda57 Allow to skip cache in Cache plug
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Tusooa Zhu be08d9305b
Fix incorrect fallback when English is set to first language 2022-04-17 22:39:52 -04:00
Haelwenn d7c53da77a Merge branch 'from/upstream-develop/tusooa/translate-pages' into 'develop'
Translate backend-rendered pages

See merge request pleroma/pleroma!3634
2022-03-20 18:14:37 +00:00
Haelwenn b76340511d Merge branch 'delete_report_notifs_when_demoting_from_superuser' into 'develop'
Delete report notifs when demoting from superuser

Closes #2840

See merge request pleroma/pleroma!3642
2022-03-20 18:13:19 +00:00
Ilja cdc5bbe836 After code review
Use patern matching to see if someone was superuser before
2022-03-07 14:00:42 +01:00
Tusooa Zhu 79ccb6b999
Support fallbacking to other languages 2022-03-06 11:43:31 -05:00
Ilja 89667189b8 Delete report notifs when demoting from superuser
When someone isn't a superuser any more, they shouldn't see the reporsts any more either.
Here we delete the report notifications from a user when that user gets updated from being a superuser to a non-superuser.
2022-03-06 17:36:30 +01:00
Tusooa Zhu cd42e2bed0
Lint 2022-03-03 09:49:55 -05:00
Tusooa Zhu aca11fb70e
Support multiple locales from userLanguage cookie 2022-03-03 02:31:36 -05:00
Tusooa Zhu 7ea330b4fe
Support multiple locales formally
elixir gettext current does not fully support fallback to another language [0].
But it might in the future. We adapt it so that all languages in Accept-Language
headers are received by Pleroma.Web.Gettext. User.languages is now a comma-separated
list.

[0]: https://github.com/elixir-gettext/gettext/issues/303
2022-03-03 02:03:44 -05:00
Tusooa Zhu d3f3f30c6a
Make lint happy 2022-03-02 22:56:19 -05:00
Tusooa Zhu 8de573b047
Fallback to a variant if the language in general is not supported
For an example, here, zh is not supported, but zh_Hans and zh_Hant
are. If the user asks for zh, we should choose a variant for them
instead of fallbacking to default.

Some browsers (e.g. Firefox) does not allow users to customize
their language codes. For example, there is no zh-Hans, but only
zh, zh-CN, zh-TW, zh-HK, etc. This provides a workaround for
those users suffering from bad design decisions.
2022-03-02 19:59:11 -05:00
Tusooa Zhu e644f8dea5
Allow user to register with custom language 2022-03-02 01:41:13 -05:00
Tusooa Zhu 396f036b13
Allow update_credentials to update User.language 2022-03-02 00:58:02 -05:00
Tusooa Zhu 0149ea4538
Send emails i18n'd using backend-stored user language 2022-03-01 22:19:13 -05:00
Tusooa Zhu af82f09ce3
Make all emails translatable 2022-03-01 20:45:59 -05:00
Tusooa Zhu 1deab33fb0
Make mail and mailer translatable 2022-03-01 19:17:11 -05:00
Tusooa Zhu 32e4aa42d3
Make static fe translatable 2022-03-01 18:48:08 -05:00
Tusooa Zhu fdbf9b06e5
Fix tests 2022-02-28 11:23:15 -05:00
Tusooa Zhu cadca083ea
Make mfa pages translatable 2022-02-28 11:07:28 -05:00
Tusooa Zhu 50a316cd63
Make oauth pages translatable 2022-02-28 02:11:57 -05:00
Tusooa Zhu f63d9b7835
Use proper lang attributes in htmls 2022-02-28 01:28:23 -05:00
Tusooa Zhu 0cc6557716
Make tag feed translatable 2022-02-28 01:13:39 -05:00
Tusooa Zhu 1edbda39e1
Make password reset pages translatable 2022-02-28 01:04:04 -05:00
HJ ee05abe052 Merge branch 'revert/notice-routes' into 'develop'
Revert notice compatibility routes merge request

See merge request pleroma/pleroma!3576
2022-02-26 16:24:49 +00:00
Sean King 17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
Tusooa Zhu 9f4c5743e8
Make lint happy 2022-02-21 19:12:32 -05:00
Tusooa Zhu a867107437
Make remote follow pages translatable 2022-02-21 18:43:45 -05:00
Tusooa Zhu 0fd3695b9c
Prefer userLanguage cookie over Accept-Language header in detecting locale
https://git.pleroma.social/pleroma/pleroma-meta/-/issues/60
2022-02-21 18:02:19 -05:00
Sam Therapy 061cb749cd
Add unicode 14 support
and add a test with a unicode 14 emoji
2022-02-21 12:28:33 -06:00
marcin mikołajczak e473bcf7a0 Max media attachment count
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-02-06 17:41:15 +01:00
marcin mikołajczak f8f2a17754 Birthdays: Fix outgoing federation of birth dates
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-02-01 12:00:26 +01:00
Alex Gleason 3bf257171f
ForceMentionsInContent: improve display of Markdown posts 2022-01-27 14:15:06 -06:00
Alex Gleason 27cb3d6273
ForceMentionsInContent: don't apply it to top-level posts 2022-01-26 21:24:26 -06:00
bot a4de79ced0 ForceBotUnlistedPolicy: fix to stop unlisting my posts >:( 2022-01-26 22:53:02 +00:00
Alex Gleason 0604b0dd09
ForceMentionsInContent: don't mention self 2022-01-25 12:33:47 -06:00
Alex Gleason 0f4e0e667e Merge branch 'recipients-inline' into 'develop'
ForceMentionsInContent: wrap mentions in a span, fix the formatting

See merge request pleroma/pleroma!3620
2022-01-25 17:43:39 +00:00
Alex Gleason 99e9c2c668 Merge branch 'birth-dates' into 'develop'
Fix show_birthday

See merge request pleroma/pleroma!3621
2022-01-25 16:59:07 +00:00
Alex Gleason 65b4d2ce84
ForceMentionsInContent: fix order of mentions 2022-01-25 10:42:34 -06:00
marcin mikołajczak ab12a05a43 AccountView: Add test for show_birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-25 17:34:36 +01:00
marcin mikołajczak c1ae35ff2c Fix show_birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-25 17:04:41 +01:00
Alex Gleason dd7977bb68 Merge branch 'birth-dates' into 'develop'
Birth dates

See merge request pleroma/pleroma!3608
2022-01-25 15:35:47 +00:00
Alex Gleason 267184b70e
ForceMentionsInContentTest: return mentions in a not terrible format 2022-01-24 20:03:43 -06:00
Alex Gleason c5a20c80c4
ForceMentionsInContent: simplify finding users 2022-01-24 19:44:44 -06:00
Alex Gleason d5644a52aa
ForceMentionsInContent: wrap inline mentions with span tag 2022-01-24 19:11:45 -06:00