kaniini
|
bdb0c6e418
|
Merge branch 'bugfix/csp-no-https' into 'develop'
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
See merge request pleroma/pleroma!475
|
2018-11-26 22:24:21 +00:00 |
Haelwenn (lanodan) Monnier
|
04daa0fa44
|
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
This fixes running mastofe with MIX_ENV=dev
|
2018-11-26 21:41:36 +01:00 |
Haelwenn
|
3370924b8b
|
Merge branch 'add-manifest-src-to-csp' into 'develop'
Add manifest-src to CSP to allow manifest.json
See merge request pleroma/pleroma!474
|
2018-11-26 19:56:49 +00:00 |
shibayashi
|
591b11eafc
|
Add manifest-src to allow manifest.json
|
2018-11-26 20:48:24 +01:00 |
kaniini
|
39a3b1724a
|
Merge branch 'bugfix/public-mastoapi-websocket' into 'develop'
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
See merge request pleroma/pleroma!471
|
2018-11-25 02:54:54 +00:00 |
Haelwenn (lanodan) Monnier
|
cc8952b45f
|
Web.MastodonApi.MastodonSocketTest: Add test for unauthenticated websocket
|
2018-11-24 08:51:35 +01:00 |
Haelwenn (lanodan) Monnier
|
ca029f0b69
|
Web.Streamer: Get unauthenticated statuses representation
|
2018-11-24 08:45:45 +01:00 |
Haelwenn (lanodan) Monnier
|
d388a99143
|
Web.MastodonAPI.MastodonSocket: Put access_token at function-level
|
2018-11-24 06:43:03 +01:00 |
Haelwenn (lanodan) Monnier
|
5346fabf14
|
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
reported by soka on CRTNet
|
2018-11-24 06:13:36 +01:00 |
kaniini
|
675653ceb7
|
Merge branch 'feature/admin-api' into 'develop'
Add a admin API
See merge request pleroma/pleroma!366
|
2018-11-22 00:28:04 +00:00 |
kaniini
|
182e3e8da2
|
Merge branch 'feature/improve-version' into 'develop'
Improved version string
See merge request pleroma/pleroma!467
|
2018-11-21 16:53:38 +00:00 |
kaniini
|
a591a044a9
|
Merge branch 'runtime-fixes' into 'develop'
Various runtime configuration fixes
See merge request pleroma/pleroma!468
|
2018-11-20 22:25:35 +00:00 |
Haelwenn
|
c7d08bc1cf
|
Merge branch 'feature/retry-queue' into 'develop'
Federator: add retry queue.
See merge request pleroma/pleroma!323
|
2018-11-20 19:04:52 +00:00 |
kaniini
|
dbb483659a
|
Merge branch 'fix/mediaproxy-empty-url' into 'develop'
mediaproxy: fix empty url & add some tests
See merge request pleroma/pleroma!466
|
2018-11-20 18:09:46 +00:00 |
href
|
bc5cf2c192
|
Improved version string
|
2018-11-20 17:55:03 +01:00 |
href
|
7f4c3a1e99
|
mediaproxy: fix empty url & add some tests
|
2018-11-20 17:50:03 +01:00 |
eal
|
689b46efc8
|
RetryQueue: tiny refractor, add tests
|
2018-11-19 18:08:41 +02:00 |
href
|
bcecdc3ab1
|
Various runtime configuration fixes
|
2018-11-19 10:09:24 +01:00 |
kaniini
|
fbc3f2893a
|
Merge branch 'update/pleroma-fe-20181118' into 'develop'
update pleroma frontend
See merge request pleroma/pleroma!464
|
2018-11-18 17:29:25 +00:00 |
William Pitcock
|
db8f269cd3
|
update pleroma frontend
|
2018-11-18 17:27:48 +00:00 |
eal
|
62299be094
|
Federator: add retry queue.
|
2018-11-18 17:46:29 +02:00 |
lambda
|
5143501426
|
Merge branch 'security/as2-object-render-hardening' into 'develop'
activitypub: object view: avoid leaking private details
See merge request pleroma/pleroma!463
|
2018-11-17 22:43:45 +00:00 |
William Pitcock
|
f6be980f4f
|
activitypub: object view: avoid leaking private details
|
2018-11-17 22:30:53 +00:00 |
lambda
|
b471344b63
|
Merge branch 'bugfix/notice-urls-should-return-objects' into 'develop'
ostatus controller: respond with AS2 objects instead of activities to notice URIs
Closes #289 and #383
See merge request pleroma/pleroma!462
|
2018-11-17 22:20:08 +00:00 |
William Pitcock
|
98795172a7
|
ostatus controller: respond with AS2 objects instead of activities to notice URIs
|
2018-11-17 22:10:15 +00:00 |
lambda
|
d73c7cc0ca
|
Merge branch 'security/spoofing-hardening' into 'develop'
security: spoofing hardening
Closes #380, #381, and #382
See merge request pleroma/pleroma!461
|
2018-11-17 21:52:51 +00:00 |
William Pitcock
|
e10f839e9b
|
tests: federator: fix formatting
|
2018-11-17 21:41:08 +00:00 |
William Pitcock
|
dfcfb184b1
|
activitypub: transmogrifier: make deletes secure
|
2018-11-17 21:22:57 +00:00 |
Haelwenn (lanodan) Monnier
|
52681f7fd0
|
Web.AdminAPI.AdminAPIControllerTest: New Test
|
2018-11-17 22:12:14 +01:00 |
Haelwenn (lanodan) Monnier
|
0ca00b3a07
|
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit
|
2018-11-17 22:12:14 +01:00 |
Haelwenn (lanodan) Monnier
|
76bd80d462
|
test/plugs/user_is_admin_plug_test: New test
|
2018-11-17 22:12:13 +01:00 |
Haelwenn (lanodan) Monnier
|
44b6200103
|
lib/mix/tasks/relay*: Use a with block
|
2018-11-17 22:12:13 +01:00 |
Haelwenn (lanodan) Monnier
|
12ccf0c4f8
|
Change Relay from `status` to `{status, message}`
|
2018-11-17 22:12:13 +01:00 |
Haelwenn (lanodan) Monnier
|
4634d99d0d
|
Web.Router: Change right to permission group (except for function names)
|
2018-11-17 22:12:13 +01:00 |
William Pitcock
|
b1a6e8d80d
|
test: add sanity tests for federator handling of AP docs
|
2018-11-17 21:01:19 +00:00 |
William Pitcock
|
0d1375f274
|
federator: return :ok or :error depending on if an AP doc was accepted or not
|
2018-11-17 21:00:37 +00:00 |
William Pitcock
|
3d9266a8cb
|
federator: do origin containment when processing inbound messages
|
2018-11-17 20:43:43 +00:00 |
William Pitcock
|
55640c4804
|
tests: add a test to verify the general fake direction protection works in all cases
|
2018-11-17 20:31:20 +00:00 |
William Pitcock
|
dc1d8e13b4
|
tests: add a testcase for user collision
|
2018-11-17 20:20:45 +00:00 |
William Pitcock
|
c88533209c
|
activitypub: user fetching: use fetch_and_contain_remote_object_from_id()
|
2018-11-17 20:16:03 +00:00 |
William Pitcock
|
1a940cb46e
|
tests: add tests for contain_origin_from_id()
|
2018-11-17 20:16:03 +00:00 |
William Pitcock
|
daa8ec3d62
|
activitypub: factor out AP object fetching to it's own function and add ID-based containment
|
2018-11-17 20:15:59 +00:00 |
Haelwenn (lanodan) Monnier
|
e0b0fde713
|
Web.AdminAPI.AdminAPIController: Change right to permission group (except for function names)
|
2018-11-17 20:25:57 +01:00 |
Haelwenn (lanodan) Monnier
|
1a31d71187
|
lib/mix/tasks/relay_{un,}follow.ex: Use a with block
|
2018-11-17 20:25:57 +01:00 |
Haelwenn (lanodan) Monnier
|
ccd6b1956d
|
lib/pleroma/web/admin_api/admin_api_controller.ex: Support status reply of Relay.{un,}follow
|
2018-11-17 20:25:56 +01:00 |
Haelwenn (lanodan) Monnier
|
7fbfd2db96
|
lib/mix/tasks/relay_{un,}follow.ex: Support status reply of Relay.{un,}follow
|
2018-11-17 20:25:56 +01:00 |
Haelwenn (lanodan) Monnier
|
265c8c5209
|
Pleroma.Web.ActivityPub.Relay: make {un,}follow return :ok only if it worked, :error if it didn’t
|
2018-11-17 20:25:56 +01:00 |
Haelwenn (lanodan) Monnier
|
4a79b89dba
|
lib/pleroma/plugs/user_is_admin_plug.ex: change 403 string to “User is not admin.”
|
2018-11-17 20:25:56 +01:00 |
Haelwenn (lanodan) Monnier
|
f9d05902fe
|
lib/pleroma/web/admin_api/admin_api_controller.ex: An admin cannot un-admin themselves
|
2018-11-17 20:25:56 +01:00 |
Haelwenn (lanodan) Monnier
|
a87ed2fad6
|
Pleroma.Web.AdminAPI.AdminAPIController: user_create statement format
|
2018-11-17 20:25:55 +01:00 |