Mark Felder
fadcd7f1a9
Revert MediaProxy Host header validation
...
Something is going wrong here even though the tests are correct.
2023-06-07 09:19:22 -04:00
lain
43458cb7a1
Merge branch 'preload-escaping' into 'develop'
...
B Preload: Make sure that the preloaded json is html safe
See merge request pleroma/pleroma!3901
2023-06-06 13:31:08 +00:00
Lain Soykaf
40d40d67a3
Add changelog.
2023-06-02 17:09:58 +04:00
Lain Soykaf
cbc5b8cebd
B Preload: Make sure that the preloaded json is html safe
2023-06-02 17:03:21 +04:00
Haelwenn
e8d3525665
Merge branch 'bump-gettext' into 'develop'
...
mix: bump gettext to 0.22
See merge request pleroma/pleroma!3831
2023-06-02 01:38:41 +00:00
Haelwenn (lanodan) Monnier
313e68c180
mix: bump gettext to ~0.20
...
Includes https://github.com/elixir-gettext/gettext/pull/304 in 0.20.0+
Includes https://github.com/elixir-gettext/expo/issues/91 in 0.22+ via expo 0.2.0+
2023-06-02 03:06:32 +02:00
Haelwenn
e2a63dadd1
Merge branch 'test_improvement' into 'develop'
...
Use Phoenix.ConnTest.redirected_to/2
See merge request pleroma/pleroma!3899
2023-06-01 09:40:25 +00:00
Sean King
c9cb90ff4f
Media proxy base URL doesn't need /proxy
2023-05-31 17:49:06 -06:00
Sean King
a2bbd7c9da
Fix base media and proxy URL in instructions to serve media on another domain
2023-05-31 12:22:13 -06:00
Mark Felder
46c799f528
Use Phoenix.ConnTest.redirected_to/2
2023-05-31 09:54:37 -04:00
Haelwenn (lanodan) Monnier
737e45c102
installation/debian_based_jp: Elixir 1.11 means Debian 12+ and Ubuntu 22.04+
...
I checked for what each part of the debian&ubuntu sentences meant with the
help of Jisho.org, should be safe but it did make me notice that this guide
hasn't been updated in years
2023-05-31 08:32:58 +02:00
Haelwenn (lanodan) Monnier
8336519f30
installation/debian_based_en: Elixir 1.11 means Debian 12+ and Ubuntu 22.04+
2023-05-31 08:32:58 +02:00
Haelwenn
d998a114e2
Merge branch 'validate-host' into 'develop'
...
Validate Host header for MediaProxy and Uploads
See merge request pleroma/pleroma!3896
2023-05-31 00:50:01 +00:00
Mark Felder
b3c3bd99c3
Switch from serving a 400 to a 302
2023-05-30 16:56:09 -04:00
lain
da6b4003ac
Merge branch 'only_media_filter' into 'develop'
...
Add OnlyMedia Upload Filter
See merge request pleroma/pleroma!3897
2023-05-30 08:04:23 +00:00
Mark Felder
50a20f3bbd
Esacpe the asterisks in Markdown
2023-05-29 15:53:16 -04:00
Mark Felder
9caa0b0be1
Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
2023-05-29 15:49:04 -04:00
Mark Felder
da7394f33b
Fix unused assignment
2023-05-29 15:09:31 -04:00
Mark Felder
43bb2f39db
Remove unwanted parameter
2023-05-29 15:05:37 -04:00
Mark Felder
84974efe4c
Host header validation is now required for MediaProxy and Uploads
2023-05-29 14:17:27 -04:00
Mark Felder
a60dd0d92d
Validate Host header matches expected value before allowing access to Uploads
2023-05-29 14:16:03 -04:00
Mark Felder
843fcca5b4
Validate Host header matches expected value before allowing access to MediaProxy
2023-05-29 13:59:51 -04:00
Mark Felder
506a1c98e7
ConnCase: Make sure the host we use in tests is the actual Endpoint host
2023-05-29 13:55:48 -04:00
faried nawaz
4c91c0d1ba
oops, forgot the test cases
2023-05-29 02:52:50 +05:00
faried nawaz
8b390d27dc
twitter card: handle case where image has no alt text
2023-05-29 02:52:49 +05:00
faried nawaz
a1af122499
changelog entry
2023-05-29 02:52:49 +05:00
faried nawaz
52368e6702
fix meta tag for twitter cards and image attachments
...
The name of the tag should be twitter:image, not twitter:player.
Also, add twitter:image:alt meta tags.
2023-05-29 02:52:49 +05:00
faried nawaz
b6b7de2010
add url to Metadata.build_tags call
...
If static_fe is enabled, going to https://pleroma/notice/some-id
results in
<meta content="https://pleroma/users/someuser " property="og:url">
With this fix, it is
<meta content="https://pleroma/notice/some-id " property="og:url">
Additionally, Pleroma.Web.Metadata.Providers.OpenGraph now
generates meta tags for attachments in the post.
2023-05-29 02:52:41 +05:00
tusooa
e92eb5f482
Add instructions to other distro's guides
2023-05-27 00:57:22 +00:00
Haelwenn
31ec5cd35e
Merge branch 'mergeback/2.5.2' into 'develop'
...
Mergeback: 2.5.2
Closes #3030 , #3062 , and #3045
See merge request pleroma/pleroma!3893
2023-05-26 22:16:18 +00:00
Haelwenn (lanodan) Monnier
869f0d24a6
Merge branch 'release/2.5.2' into mergeback/2.5.2
2023-05-26 23:47:50 +02:00
tusooa
408ea697aa
Add changelog
2023-05-26 17:28:41 -04:00
tusooa
85902ad1ae
Recommend users to serve media on another domain in guide
2023-05-26 17:27:35 -04:00
tusooa
f970091c6a
Add instructions to serve media on another domain
2023-05-26 17:17:13 -04:00
Haelwenn
2d193861db
Merge branch 'release/2.5.2' into 'stable'
...
Security release 2.5.2
See merge request pleroma/pleroma!3863
2023-05-26 19:35:31 +00:00
Haelwenn
cd9d6a12ab
Merge branch 'issue/3126' into 'develop'
...
Filter OEmbed HTML tags
See merge request pleroma/pleroma!3891
2023-05-26 18:26:40 +00:00
Haelwenn (lanodan) Monnier
7618e562b3
Version 2.5.2
2023-05-26 19:57:00 +02:00
Mark Felder
4505bc1e58
Filter OEmbed HTML tags
2023-05-26 19:56:36 +02:00
Mark Felder
0d68804aa7
Filter OEmbed HTML tags
2023-05-26 19:54:24 +02:00
tusooa
d0c2e0830b
Enforce unauth restrictions for public streaming endpoints
2023-05-26 19:24:08 +02:00
Haelwenn
b36263e5ff
Merge branch 'issue/3126' into 'develop'
...
MediaProxyController: Apply CSP sandbox
See merge request pleroma/pleroma!3890
2023-05-26 19:24:08 +02:00
Haelwenn
4339230f64
Merge branch 'tusooa/fix-object-test' into 'develop'
...
Fix ObjectTest
See merge request pleroma/pleroma!3887
2023-05-26 19:24:08 +02:00
Haelwenn
72833c84b5
Merge branch 'tusooa/rework-refetch' into 'develop'
...
Make sure object refetching follows update rules
See merge request pleroma/pleroma!3883
2023-05-26 19:24:08 +02:00
Haelwenn
47e66c9500
Merge branch 'issue/3126' into 'develop'
...
MediaProxyController: Apply CSP sandbox
See merge request pleroma/pleroma!3890
2023-05-26 17:12:18 +00:00
Mark Felder
38bcf6b19e
MediaProxyController: Apply CSP sandbox
2023-05-26 12:34:01 -04:00
Zero
279fd47b48
ForceMentionsInContent: fix double mentions for Mastodon/Misskey posts
...
The code checked for duplicates using "ap_id", but in Mastodon and Misskey the look like that:
Mastodon: https://mastodon.example.com/users/roger
Misskey: https:///misskey.example.com/users/104ab42f11
The fix is to also check for "uri", which is what will be in the "explicitly_mentioned_uris" list:
Mastodon: https://mastodon.example.com/@roger
Misskey: https://misskey.example.com/@roger
2023-05-26 12:30:19 -04:00
tusooa
1fa196d8f7
Fix deleting banned users' statuses
2023-05-25 19:00:38 -04:00
tusooa
2c66f584b5
Show more informative errors when profile exceeds char limits
2023-05-25 08:22:33 -04:00
Haelwenn
5433742faf
Merge branch 'tusooa/fix-object-test' into 'develop'
...
Fix ObjectTest
See merge request pleroma/pleroma!3887
2023-05-23 01:57:07 +00:00
tusooa
819a82da99
Fix unused variable
2023-05-22 08:19:58 -04:00