Haelwenn (lanodan) Monnier
8176ca9e40
static_fe: Sanitize HTML in users
2020-03-15 20:44:04 +01:00
Haelwenn (lanodan) Monnier
0ac6e29654
static_fe: Sanitize HTML in posts
...
Note: Seems to have different sanitization with TwitterCard generator giving
the following:
<meta content=\"“alert('xss')”\" property=\"twitter:description\">
2020-03-15 20:44:04 +01:00
lain
fa4ec17c84
Merge branch '1560-non-federating-instances-routes-restrictions' into 'develop'
...
[#1560 ] Restricted AP- & OStatus-related routes for non-federating instances
Closes #1560
See merge request pleroma/pleroma!2235
2020-03-15 19:15:20 +00:00
Ivan Tashkinov
7c8003c3fc
[ #1364 ] Improved control over generation / sending of notifications. Fixed blocking / muting users notifications issue. Added tests.
2020-03-15 21:00:12 +03:00
Haelwenn
d84670b9e1
Merge branch 'f' into 'develop'
...
rip out fetch_initial_posts
Closes #1422 and #1595
See merge request pleroma/pleroma!2297
2020-03-15 16:14:54 +00:00
Haelwenn
67a27825b1
Merge branch 'fix/rate-limiter-remoteip-behavior' into 'develop'
...
rate limiter: disable based on if remote ip was found, not on if the plug was enabled
Closes #1620
See merge request pleroma/pleroma!2296
2020-03-15 14:22:10 +00:00
rinpatch
e87a32bcd7
rip out fetch_initial_posts
...
Every time someone tries to use it, it goes mad and tries to scrape the
entire fediverse for no visible reason, it's better to just remove it
than continue shipping it in it's current state.
idea acked by lain and feld on irc
Closes #1595 #1422
2020-03-15 15:59:17 +03:00
Haelwenn (lanodan) Monnier
8f7bc07ebc
pleroma_api_controller.ex: Improve conversations error reporting
...
Related: https://git.pleroma.social/pleroma/pleroma/issues/1594
2020-03-15 12:35:23 +01:00
Ivan Tashkinov
ecb7809e92
Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
...
# Conflicts:
# lib/pleroma/plugs/static_fe_plug.ex
2020-03-14 15:37:02 +03:00
rinpatch
d88c8a9614
Merge branch 'fix/cache-control-headers' into 'develop'
...
Fix Cache Control headers on media
See merge request pleroma/pleroma!2295
2020-03-14 11:19:42 +00:00
rinpatch
6a28c198af
uploaded media plug: do not inject compile-time params on every request
2020-03-13 22:12:33 +03:00
rinpatch
38f796a5c6
Merge branch 'feature/mastofe-admin-scope' into 'develop'
...
auth_controller.ex: Add admin scope to MastoFE
See merge request pleroma/pleroma!2256
2020-03-13 18:58:52 +00:00
rinpatch
994ac4357c
Merge branch 'fix/hashtags-streaming' into 'develop'
...
Fix hashtags WebSocket streaming
Closes #1593
See merge request pleroma/pleroma!2294
2020-03-13 18:50:17 +00:00
rinpatch
658f30c0b3
Merge branch 'static-accept-missing' into 'develop'
...
Fix static FE plug to handle missing Accept header.
See merge request pleroma/pleroma!2260
2020-03-13 18:46:54 +00:00
rinpatch
fc4496d4fa
rate limiter: disable based on if remote ip was found, not on if the plug was enabled
...
The current rate limiter disable logic won't trigger when the remote ip
is not forwarded, only when the remoteip plug is not enabled, which is
not the case on most instances since it's enabled by default. This
changes the behavior to warn and disable when the remote ip was not forwarded,
even if the RemoteIP plug is enabled.
Also closes #1620
2020-03-13 21:41:17 +03:00
rinpatch
3e0f05f08e
Merge branch 'bugfix/br-vs-newline' into 'develop'
...
Formatting: Do not use \n and prefer <br> instead
Closes #1374 and #1375
See merge request pleroma/pleroma!2204
2020-03-13 18:22:55 +00:00
Mark Felder
c6eb1c1b92
Merge branch 'develop' into fix/cache-control-headers
2020-03-13 12:54:06 -05:00
Mark Felder
7321429a2e
Lint
2020-03-13 12:42:06 -05:00
Mark Felder
3b1b183b42
Synchronize cache-control header for local media with the mediaproxy
2020-03-13 12:27:50 -05:00
Mark Felder
413177c8f0
Set correct Cache-Control header for local media
2020-03-13 12:02:58 -05:00
Mark Felder
c62195127d
Update comment to reflect what the code is actually doing
2020-03-13 11:46:40 -05:00
Mark Felder
ad31d0726a
Do not trust remote Cache-Control headers for mediaproxy
2020-03-13 11:30:27 -05:00
rinpatch
096c5c52e0
Merge branch 'revert/cache-control' into 'develop'
...
Revert "Set better Cache-Control header for static content"
Closes #1613
See merge request pleroma/pleroma!2290
2020-03-13 16:25:10 +00:00
Egor Kislitsyn
fffc382f13
Fix hashtags WebSocket streaming
2020-03-13 19:30:42 +04:00
Haelwenn (lanodan) Monnier
d1379c4de8
Formatting: Do not use \n and prefer <br> instead
...
It moves bbcode to bbcode_pleroma as the former is owned by kaniini
and transfering ownership wasn't done in a timely manner.
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1374
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1375
2020-03-13 16:07:17 +01:00
Alexander Strizhakov
98ed0d1c4b
more clean up
2020-03-13 09:37:57 +03:00
feld
802b991814
Merge branch 'exclude-posts-visible-to-admin' into 'develop'
...
Exclude private and direct statuses visible to the admin when using godmode
Closes #1599
See merge request pleroma/pleroma!2272
2020-03-12 20:29:51 +00:00
Alexander Strizhakov
39ed608b13
Merge branch 'develop' into gun
2020-03-12 18:31:10 +03:00
Alexander Strizhakov
1306b92997
clean up
2020-03-12 18:29:07 +03:00
Ivan Tashkinov
bd40880fa0
Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
...
# Conflicts:
# test/web/activity_pub/activity_pub_controller_test.exs
2020-03-12 12:07:07 +03:00
feld
2019f3b3ff
Merge branch 'fix/signup-without-email' into 'develop'
...
Allow account registration without an email
See merge request pleroma/pleroma!2246
2020-03-11 16:53:05 +00:00
rinpatch
7cdabdc0df
Merge branch 'fix/1610-release-compilation-config-fix' into 'develop'
...
Merging default release config on app start
Closes #1610
See merge request pleroma/pleroma!2288
2020-03-11 15:16:18 +00:00
feld
f92c447bbc
Merge branch 'relay-list-change' into 'develop'
...
Relay list shows hosts without accepted follow
See merge request pleroma/pleroma!2240
2020-03-11 15:10:09 +00:00
rinpatch
c3b9fbd3a7
Revert "Set better Cache-Control header for static content"
...
On furher investigation it seems like all that did was cause unintuitive
behavior. The emoji request flood that was the reason for introducing it
isn't really that big of a deal either, since Plug.Static only needs to
read file modification time and size to determine the ETag.
Closes #1613
2020-03-11 17:58:25 +03:00
Alexander Strizhakov
fce090c1de
using Pleroma.Config instead of ets
2020-03-11 17:22:50 +03:00
Alexander Strizhakov
193d67cde5
compile fix
2020-03-11 16:43:58 +03:00
Alexander Strizhakov
282a93554f
merging release default config on app start
2020-03-11 16:25:53 +03:00
Haelwenn (lanodan) Monnier
863ec33ba2
Add support for funkwhale Audio activity
...
reel2bits fixture not included as it lacks the Actor fixture for it.
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1624
Closes: https://git.pleroma.social/pleroma/pleroma/issues/764
2020-03-11 13:46:42 +01:00
Ivan Tashkinov
5b696a8ac1
[ #1560 ] Enforced authentication for non-federating instances in StaticFEController.
2020-03-11 14:05:56 +03:00
Ivan Tashkinov
972889550d
Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
2020-03-11 09:15:55 +03:00
Mark Felder
5af798f246
Fix enforcement of character limits
2020-03-10 13:08:00 -05:00
Alexander Strizhakov
f39e1b9eff
add verify tls_opts only when we open connection
...
for other requests tesla will add tls_opts
2020-03-10 15:54:11 +03:00
Alexander Strizhakov
426f5ee48a
tesla adapter can't be changed in adminFE
2020-03-10 15:31:44 +03:00
Ivan Tashkinov
5fc92deef3
[ #1560 ] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring.
2020-03-09 20:51:44 +03:00
Alexander Strizhakov
d9f8941dac
Merge branch 'develop' into gun
2020-03-09 10:56:33 +03:00
rinpatch
6cf1958b02
moderation log: fix improperly migrated data
...
Some of the actions used to have a user map as a subject, which was then
changed to an array of user maps. However instead of migrating old data
there was just a hack to transform it every time, moreover this hack
didn't include all possible actions, which resulted in crashes. This
commit fixes the crashes by introducing a proper database migration for old data.
Closes #1606
2020-03-07 17:00:58 +03:00
Alexander Strizhakov
474ef512df
wait in mix task while pleroma is rebooted
2020-03-07 16:02:55 +03:00
Alexander Strizhakov
b2eb1124d1
Merge branch 'develop' into gun
2020-03-07 12:41:37 +03:00
rinpatch
6d797b9928
Merge branch 'restart-fix-for-mix-tasks' into 'develop'
...
Wait in mix task while pleroma is rebooted
See merge request pleroma/pleroma!2225
2020-03-07 09:32:29 +00:00
Alexander Strizhakov
5f42ecc4c7
start gun upload pool, if proxy_remote is enabled
2020-03-07 12:24:39 +03:00
Alexander Strizhakov
78282dc983
little polishing
2020-03-06 21:24:19 +03:00
Alexander Strizhakov
c93c3096d5
little refactor
2020-03-06 21:04:18 +03:00
Ivan Tashkinov
027714b519
Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
2020-03-06 11:48:30 +03:00
Ivan Tashkinov
40765875d4
[ #1560 ] Misc. improvements in ActivityPubController federation state restrictions.
2020-03-05 21:19:21 +03:00
Alexander Strizhakov
058c9b01ac
returning, not needed
2020-03-05 18:28:04 +03:00
Alexander Strizhakov
f0753eed0f
removing try block in tesla request
...
added mocks for tests which fail with Tesla.Mock.Error
2020-03-05 17:31:06 +03:00
eugenijm
ad22e94f33
Exclude private and direct statuses visible to the admin when using godmode
2020-03-05 15:15:27 +03:00
lain
47604907c9
Merge branch 'proper_error_messages' into 'develop'
...
MastodonController: Return 404 errors correctly.
See merge request pleroma/pleroma!2270
2020-03-05 11:49:51 +00:00
Haelwenn
927079e2ff
Merge branch 'fix/stats-on-startup' into 'develop'
...
Generate instance stats on startup
Closes #1598
See merge request pleroma/pleroma!2271
2020-03-05 07:25:23 +00:00
Alexander Strizhakov
eb324467d9
removing try block in getting gun info
2020-03-05 09:51:52 +03:00
Mark Felder
cdb05633a6
Generate instance stats on startup
2020-03-04 13:33:26 -06:00
feld
9b740cfb23
Merge branch 'exclude-reblogs-from-admin-api-by-default' into 'develop'
...
Exclude reblogs from `GET /api/pleroma/admin/statuses` by default
Closes #1596
See merge request pleroma/pleroma!2267
2020-03-04 18:22:37 +00:00
lain
4bce13fa2f
MastodonController: Return 404 errors correctly.
2020-03-04 18:09:06 +01:00
Alexander Strizhakov
d6bebd4f9c
moving some logic to tesla adapter
...
- checking original inside gun adapter
- flushing streams on max_body error
2020-03-04 18:13:24 +03:00
lain
6f7a8c43a2
Merge branch 'fix/no-email-no-fail' into 'develop'
...
Do not fail when user has no email
See merge request pleroma/pleroma!2249
2020-03-04 12:43:06 +00:00
Alexander Strizhakov
22d52f5691
same copyright date format
2020-03-04 09:41:23 +03:00
Alexander Strizhakov
6b2fb9160c
otp version
2020-03-04 09:23:42 +03:00
Mark Felder
d9c5ae7c09
Update Copyrights for gun related files
2020-03-03 17:16:24 -06:00
Mark Felder
4427161ca3
Merge branch 'develop' into gun
2020-03-03 17:15:49 -06:00
Mark Felder
05da5f5cca
Update Copyrights
2020-03-03 16:44:49 -06:00
Ivan Tashkinov
b6fc98d9cd
[ #1560 ] ActivityPubController federation state restrictions adjustments. Adjusted tests.
2020-03-03 22:22:02 +03:00
Alexander Strizhakov
884d9710b2
refactoring for gun api modules
2020-03-03 19:24:14 +03:00
Alexander Strizhakov
f98ee730f0
adapter renaming to adapter_helper
2020-03-03 18:53:44 +03:00
Alexander Strizhakov
8854770fc4
retry and retry_timeout settings default change
2020-03-03 18:01:35 +03:00
Alexander Strizhakov
1ad34bfdba
no try block in checkout connection
2020-03-03 17:44:04 +03:00
Alexander Strizhakov
24bf5c4e89
remove try block from pool request
2020-03-03 17:27:56 +03:00
Alexander Strizhakov
aaa879ce75
proxy parsing errors
2020-03-03 17:27:22 +03:00
Alexander Strizhakov
6ebf389d6e
poolboy timeout fix
2020-03-03 16:51:49 +03:00
Alexander Strizhakov
8fc00b7cbf
return error if connection failed to open
2020-03-03 16:42:24 +03:00
Alexander Strizhakov
7d68924e4f
naming
2020-03-03 16:42:24 +03:00
Alexander Strizhakov
e605e79df9
simplification of formatting host method
...
case for format_proxy method
2020-03-03 16:42:03 +03:00
Alexander Strizhakov
ee8071f0d5
removing unused method
2020-03-03 15:12:09 +03:00
Alexander Strizhakov
05429730e4
unnecessary with
2020-03-03 15:11:48 +03:00
Alexander Strizhakov
d0e4d3ca3b
removing unnecessary with
...
comment in tesla client impovement
2020-03-03 14:56:49 +03:00
Alexander Strizhakov
24d1ac125c
hiding raise error logic to otp_version module
2020-03-03 13:24:19 +03:00
Alexander Strizhakov
28ed4b41d0
naming for checkin from pool timeout
2020-03-03 13:05:28 +03:00
Alexander Strizhakov
151dc4e387
Apply suggestion to lib/pleroma/reverse_proxy/client/tesla.ex
2020-03-03 09:53:37 +00:00
Alexander Strizhakov
7eb6592992
Apply suggestion to lib/pleroma/pool/connections.ex
2020-03-03 09:53:31 +00:00
Alexander Strizhakov
a21a66972f
Apply suggestion to lib/pleroma/http/http.ex
2020-03-03 09:52:01 +00:00
Alexander Strizhakov
614e3934f9
Apply suggestion to lib/pleroma/http/http.ex
2020-03-03 09:50:42 +00:00
Alexander Strizhakov
d30ff35d94
Apply suggestion to lib/pleroma/http/request_builder.ex
2020-03-03 09:46:53 +00:00
Alexander Strizhakov
a3ad028973
Apply suggestion to lib/pleroma/http/adapter.ex
2020-03-03 09:34:36 +00:00
Alexander Strizhakov
2c8d80dc0a
Apply suggestion to lib/pleroma/pool/connections.ex
2020-03-03 09:29:57 +00:00
Alexander Strizhakov
097ad10d02
Apply suggestion to lib/pleroma/pool/connections.ex
2020-03-03 09:29:51 +00:00
Alexander Strizhakov
4c8569d403
otp_version refactor
2020-03-03 12:21:10 +03:00
Alexander Strizhakov
509c81e4b1
Merge branch 'develop' into gun
2020-03-03 10:08:07 +03:00
Ivan Tashkinov
99a6c660a9
Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
2020-03-02 18:41:12 +03:00
eugenijm
7af431c150
Exclude reblogs from `GET /api/pleroma/admin/statuses` by default
2020-03-02 16:47:31 +03:00
Egor Kislitsyn
4a45b96a91
Merge branch 'develop' into fix/signup-without-email
2020-03-02 15:35:49 +04:00
Haelwenn
764a50f8a6
Merge branch 'feature/1482-activity_pub_transactions' into 'develop'
...
ActivityPub actions & side-effects in transaction
Closes #1482
See merge request pleroma/pleroma!2089
2020-03-02 07:58:01 +00:00