Alex Gleason
1f19dd76f6
ActivityDraft: mix format, defensive actor ID
2023-09-13 19:19:04 -04:00
Alex Gleason
54a9897938
ActivityDraft: mention the OP of a quoted post
2023-09-13 19:19:04 -04:00
Alex Gleason
80ab2572a4
Return quote_url through the API, don't render quotes more than 1 level deep
2023-09-13 19:19:04 -04:00
Alex Gleason
5716f88a1d
InstanceView: add "quote_posting" feature
2023-09-13 19:19:03 -04:00
Alex Gleason
9600973917
mix format
2023-09-13 19:19:03 -04:00
Alex Gleason
d4fea8b559
ActivityDraft: allow quoting
2023-09-13 19:19:03 -04:00
Alex Gleason
6ac19c3999
ActivityDraft: create quote posts
2023-09-13 19:19:03 -04:00
Alex Gleason
0d9c443e51
StatusView: render the whole quoted status
2023-09-13 19:19:03 -04:00
Alex Gleason
ce5eb31723
StatusView: show quoted posts through the API, probably
2023-09-13 19:19:03 -04:00
Alex Gleason
cc4badaf60
Transmogrifier: fix quoteUrl here too
2023-09-13 19:19:03 -04:00
Alex Gleason
b022d6635d
Transmogrifier: fetch quoted post
2023-09-13 19:19:03 -04:00
Alex Gleason
795736af16
ObjectValidators: improve quoteUrl compatibility
2023-09-13 19:19:03 -04:00
Alex Gleason
31eb3dc245
ObjectValidators: accept "quoteUrl" field
2023-09-13 19:19:02 -04:00
Mint
1afde067b1
CommonAPI: Prevent users from accessing media of other users
2023-09-03 10:41:37 +02:00
tusooa
3d09bc320e
Make lint happy
2023-08-30 20:36:52 -04:00
Haelwenn
1e685c8302
Merge branch 'csp-flash' into 'develop'
...
allow https: so that flash works across instances without need for media proxy
See merge request pleroma/pleroma!3879
2023-08-16 13:37:49 +00:00
Haelwenn
d838d1990b
Apply lanodan's suggestion(s) to 1 file(s)
2023-08-16 13:34:32 +00:00
mae
48b1e9bdc7
Completely disable xml entity resolution
2023-08-05 14:17:04 +02:00
Mae
ca0859b90f
Prevent XML parser from loading external entities
2023-08-04 22:35:13 -04:00
Haelwenn
819fccb7d1
Merge branch 'tusooa/3154-attachment-type-check' into 'develop'
...
Restrict attachments to only uploaded files only
Closes #3154
See merge request pleroma/pleroma!3923
2023-08-03 10:01:32 +00:00
Faried Nawaz
e5e76ec445
cleaner ecto query to handle restrict_unauthenticated for activities
...
This fix is for this case:
config :pleroma, :restrict_unauthenticated,
activities: %{local: true, remote: true}
2023-07-28 18:45:59 +05:00
faried nawaz
dc4de79d43
status context: perform visibility check on activities around a status
...
issue #2927
2023-07-28 18:45:59 +05:00
tusooa
ea4225a646
Restrict attachments to only uploaded files only
2023-07-18 18:39:59 -04:00
Haelwenn
93ad16cca0
Merge branch '2023-06-deps-update' into 'develop'
...
2023-06 deps update + de-override plug
See merge request pleroma/pleroma!3911
2023-07-17 20:37:47 +00:00
tusooa
1459d64508
Make regex-to-string descriptor reusable
2023-07-07 07:09:35 -04:00
tusooa
ba3aa4f86d
Fix edge cases
2023-07-07 06:58:32 -04:00
tusooa
ef8a6c539a
Make EmojiPolicy aware of custom emoji reactions
2023-07-07 06:58:31 -04:00
tusooa
20d193c91d
Improve config examples for EmojiPolicy
2023-07-07 06:58:31 -04:00
tusooa
f50422c380
Move emoji_policy.ex to the right place
2023-07-07 06:58:31 -04:00
tusooa
7eb8abf7bb
EmojiPolicy: Implement delist
2023-07-07 06:58:31 -04:00
tusooa
80ce6482f6
EmojiPolicy: implement remove by shortcode
2023-07-07 06:58:31 -04:00
tusooa
28ff828caa
Add emoji policy to remove emojis matching certain urls
...
https://git.pleroma.social/pleroma/pleroma/-/issues/2775
2023-07-07 06:58:22 -04:00
Haelwenn (lanodan) Monnier
3d79ceb23a
Deprecate audio scrobbling
2023-07-04 03:40:11 +02:00
Haelwenn
a31a4c522f
Merge branch 'tusooa/3131-handle-report-from-deactivated-user' into 'develop'
...
Fix handling report from a deactivated user
Closes #3131
See merge request pleroma/pleroma!3915
2023-07-02 21:27:15 +00:00
tusooa
6e4de2383f
Fix handling report from a deactivated user
2023-07-02 11:15:34 -04:00
tusooa
a1621839cc
Fix user fetch completely broken if featured collection is not in a supported form
2023-07-02 11:03:09 -04:00
tusooa
48e490cd58
Merge branch 'bugfix/full-revert-media-host-validation' into 'develop'
...
Merge Revert "Merge branch 'validate-host' into 'develop'"
Closes #3136
See merge request pleroma/pleroma!3909
2023-07-01 21:54:18 +00:00
Haelwenn
ae0ca49451
Merge branch 'tusooa/3119-bio-update' into 'develop'
...
Show more informative errors when profile exceeds char limits
Closes #3119
See merge request pleroma/pleroma!3886
2023-06-27 18:49:43 +00:00
Haelwenn
41f2ee69a8
Merge branch 'from/upstream-develop/tusooa/backup-status' into 'develop'
...
Detail backup states
Closes #3024
See merge request pleroma/pleroma!3809
2023-06-27 12:08:11 +00:00
Haelwenn (lanodan) Monnier
d7e049d5e8
router: Fix usage of globs
...
warning: doing a prefix match with globs is deprecated, invalid segment "pleroma*path".
You can either replace by a single segment match:
/foo/bar-:var
Or by mixing single segment match with globs:
/foo/bar-:var/*rest
2023-06-27 10:42:10 +02:00
Haelwenn (lanodan) Monnier
3a67b8f287
endpoint: Use custom Multipart module for dynamic configuration
2023-06-27 10:41:25 +02:00
Haelwenn (lanodan) Monnier
dd9f8150fc
Merge Revert "Merge branch 'validate-host' into 'develop'"
...
This reverts commit d998a114e2
, reversing
changes made to da6b4003ac
.
2023-06-22 21:28:25 +02:00
Sean King
a5a354a36e
Prevent bypassing authorized fetch mode with a json file
2023-06-21 23:10:56 -06:00
lain
4e6ea7cc91
Merge branch 'tusooa/3054-banned-delete' into 'develop'
...
Fix deleting banned users' statuses
See merge request pleroma/pleroma!3889
2023-06-11 13:17:12 +00:00
Lain Soykaf
6611c6ce4e
B ForceMentionsInContent: Fix test, refactor.
2023-06-11 16:45:31 +04:00
Lain Soykaf
55dd8ef1c7
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into pleroma-double_mentions
2023-06-11 16:31:20 +04:00
lain
16313af7eb
Merge branch 'fix/metadata-tags' into 'develop'
...
static frontend: fix meta tags
See merge request pleroma/pleroma!3885
2023-06-11 11:57:16 +00:00
lain
1f4618d64b
Merge branch 'cleanup/ostatus-user-upgrade' into 'develop'
...
Cleanup OStatus-era user upgrades and ap_enabled indicator
See merge request pleroma/pleroma!3880
2023-06-11 11:13:57 +00:00
feld
75900f21f0
Merge branch 'revert-mediaproxy-host-validation' into 'develop'
...
Revert MediaProxy Host header validation
See merge request pleroma/pleroma!3902
2023-06-11 11:10:51 +00:00
lain
1db29f734f
Merge branch 'fep-fffd-url' into 'develop'
...
CommonFields: Use BareUri for :url
Closes #3121
See merge request pleroma/pleroma!3884
2023-06-11 11:02:39 +00:00
Mark Felder
fadcd7f1a9
Revert MediaProxy Host header validation
...
Something is going wrong here even though the tests are correct.
2023-06-07 09:19:22 -04:00
Mark Felder
63ef1dcedc
Phoenix.Router.routes/1 is the public function we are meant to be using here
2023-06-03 14:17:49 -04:00
Lain Soykaf
cbc5b8cebd
B Preload: Make sure that the preloaded json is html safe
2023-06-02 17:03:21 +04:00
Mark Felder
f0e5f0e837
Fix compile warning
...
warning: doing a prefix match with globs is deprecated, invalid segment "pleroma*path"
2023-05-31 22:23:36 +00:00
Mark Felder
62322f71e2
Clean up Plug.Parsers.MULTIPART deprecation warnings
...
There is no need to the length setting to :multipart. The length setting is global for all of the parsers.
2023-05-31 16:22:40 -04:00
Mark Felder
ffee478ed0
Move websocket config for Shoutbox to the Endpoint
...
This is the modern way of configuring it
2023-05-31 15:30:58 -04:00
Mark Felder
e3110cb34e
Fix deprecated calls to get_flash/2
2023-05-31 13:36:21 -04:00
Mark Felder
b3c3bd99c3
Switch from serving a 400 to a 302
2023-05-30 16:56:09 -04:00
Mark Felder
da7394f33b
Fix unused assignment
2023-05-29 15:09:31 -04:00
Mark Felder
a60dd0d92d
Validate Host header matches expected value before allowing access to Uploads
2023-05-29 14:16:03 -04:00
Mark Felder
843fcca5b4
Validate Host header matches expected value before allowing access to MediaProxy
2023-05-29 13:59:51 -04:00
faried nawaz
8b390d27dc
twitter card: handle case where image has no alt text
2023-05-29 02:52:49 +05:00
faried nawaz
52368e6702
fix meta tag for twitter cards and image attachments
...
The name of the tag should be twitter:image, not twitter:player.
Also, add twitter:image:alt meta tags.
2023-05-29 02:52:49 +05:00
faried nawaz
b6b7de2010
add url to Metadata.build_tags call
...
If static_fe is enabled, going to https://pleroma/notice/some-id
results in
<meta content="https://pleroma/users/someuser " property="og:url">
With this fix, it is
<meta content="https://pleroma/notice/some-id " property="og:url">
Additionally, Pleroma.Web.Metadata.Providers.OpenGraph now
generates meta tags for attachments in the post.
2023-05-29 02:52:41 +05:00
Haelwenn (lanodan) Monnier
869f0d24a6
Merge branch 'release/2.5.2' into mergeback/2.5.2
2023-05-26 23:47:50 +02:00
Mark Felder
4505bc1e58
Filter OEmbed HTML tags
2023-05-26 19:56:36 +02:00
Mark Felder
0d68804aa7
Filter OEmbed HTML tags
2023-05-26 19:54:24 +02:00
tusooa
d0c2e0830b
Enforce unauth restrictions for public streaming endpoints
2023-05-26 19:24:08 +02:00
Haelwenn
b36263e5ff
Merge branch 'issue/3126' into 'develop'
...
MediaProxyController: Apply CSP sandbox
See merge request pleroma/pleroma!3890
2023-05-26 19:24:08 +02:00
Haelwenn
72833c84b5
Merge branch 'tusooa/rework-refetch' into 'develop'
...
Make sure object refetching follows update rules
See merge request pleroma/pleroma!3883
2023-05-26 19:24:08 +02:00
Mark Felder
38bcf6b19e
MediaProxyController: Apply CSP sandbox
2023-05-26 12:34:01 -04:00
Zero
279fd47b48
ForceMentionsInContent: fix double mentions for Mastodon/Misskey posts
...
The code checked for duplicates using "ap_id", but in Mastodon and Misskey the look like that:
Mastodon: https://mastodon.example.com/users/roger
Misskey: https:///misskey.example.com/users/104ab42f11
The fix is to also check for "uri", which is what will be in the "explicitly_mentioned_uris" list:
Mastodon: https://mastodon.example.com/@roger
Misskey: https://misskey.example.com/@roger
2023-05-26 12:30:19 -04:00
tusooa
1fa196d8f7
Fix deleting banned users' statuses
2023-05-25 19:00:38 -04:00
tusooa
2c66f584b5
Show more informative errors when profile exceeds char limits
2023-05-25 08:22:33 -04:00
Haelwenn
0524e66a05
Merge branch 'accept-tags-2.5' into 'develop'
...
TagValidator: Drop unrecognized Tag types
Closes #2952
See merge request pleroma/pleroma!3823
2023-05-17 19:04:51 +00:00
Haelwenn
ce1c0f75cd
Merge branch 'tusooa/3065-scopes' into 'develop'
...
OAuth scopes descriptions
Closes #3065
See merge request pleroma/pleroma!3848
2023-05-17 18:51:26 +00:00
Haelwenn (lanodan) Monnier
a5066bb078
CommonFields: Use BareUri for :url
...
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3121
2023-05-17 17:25:46 +02:00
tusooa
be5c5118cb
Make sure object refetching follows update rules
2023-05-09 21:04:27 -04:00
Henry Jameson
2a07411b0c
keep the websocket url for all modes
2023-05-07 15:34:17 +03:00
Henry Jameson
f50fd9278f
reduce redundant reduntancy reduction
2023-05-07 15:29:19 +03:00
Henry Jameson
f8ef4924ec
fix whitespace
2023-05-07 15:24:09 +03:00
Henry Jameson
c0d11da2d8
conditionally set csp depnding on media-proxy state
2023-05-07 15:16:30 +03:00
Haelwenn (lanodan) Monnier
fcd49e3985
User: Remove ap_enabled field
2023-05-05 11:11:26 +02:00
Haelwenn (lanodan) Monnier
9dfa1c4be0
ActivityPub: Mark fetch_and_prepare_user_from_ap_id/1 as private
2023-05-05 11:11:26 +02:00
Haelwenn (lanodan) Monnier
8181be89a2
Federator: Stop using ap_enabled?/1
2023-05-05 11:11:26 +02:00
Haelwenn (lanodan) Monnier
e17265a7a2
TransmogrifierWorker: Remove obsolete worker
2023-05-05 11:11:26 +02:00
Haelwenn (lanodan) Monnier
2ee483ba41
Transmogrifier: Remove upgrade_user_from_ap_id
2023-05-05 11:11:26 +02:00
Haelwenn (lanodan) Monnier
3962253cf1
Publisher: Stop filtering via ap_enabled?/1
2023-05-05 11:11:26 +02:00
Haelwenn (lanodan) Monnier
606f78f5e5
ActivityPub: Stop relying on ap_enabled and upgrade_user_from_ap_id
2023-05-05 11:11:26 +02:00
Haelwenn (lanodan) Monnier
4fd96b24ae
AddRemoveValidator: Use User.fetch_by_ap_id instead of upgrade_user_from_ap_id
2023-05-05 11:11:26 +02:00
tusooa
6d0ebccdb0
Make webui use translated scope descriptions
2023-05-02 16:32:33 -04:00
tusooa
85bdbb102e
Add extraction process for oauth scopes
2023-05-02 16:32:10 -04:00
HJ
675639225a
allow https: so that flash works across instances without need for media proxy
2023-04-28 11:13:42 +00:00
tusooa
248f914e6e
Merge branch 'list-installed-frontends' into 'develop'
...
List installed frontend refs in admin API
See merge request pleroma/pleroma!3862
2023-04-27 02:56:19 +00:00
Haelwenn (lanodan) Monnier
2148ef5e2f
UploadedMedia: Increase readability via ~s sigil
2023-04-18 00:12:42 +02:00
Haelwenn (lanodan) Monnier
8f0f58e28b
UploadedMedia: Add missing disposition_type to Content-Disposition
...
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-04-18 00:09:19 +02:00
Haelwenn
3867b52aef
Merge branch 'tusooa/3027-dedupe-poll' into 'develop'
...
Dedupe poll options
Closes #3027
See merge request pleroma/pleroma!3860
2023-04-13 08:40:04 +00:00
Ekaterina Vaartis
6a63dced4a
Fix tests for frontend installation
2023-03-30 19:25:35 +03:00
tusooa
40f14fd31c
Merge branch 'remove-crypt' into 'develop'
...
Remove crypt(3) support
Closes #3030 and #3062
See merge request pleroma/pleroma!3847
2023-03-30 12:47:36 +02:00
Haelwenn
937df7e465
Merge branch 'fix/tag-feed-crashes' into 'develop'
...
fix: atom/rss feed issues
Closes #3045
See merge request pleroma/pleroma!3851
2023-03-30 12:46:35 +02:00