Commit Graph

55 Commits

Author SHA1 Message Date
rinpatch 6ca709816f Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
Steven Fuchs f2ef9735c5 Federate data through persistent websocket connections 2020-09-18 11:58:22 +00:00
Haelwenn (lanodan) Monnier f1f44069ae
Fetcher: Correctly return MRF reject reason 2020-09-11 20:00:41 +02:00
lain 9433311923 Merge branch 'bugfix/incoming-poll-emoji' into 'develop'
Fix emoji in Question, force generated context/context_id insertion

Closes #1870

See merge request pleroma/pleroma!2915
2020-09-03 11:50:30 +00:00
Alexander Strizhakov 79f65b4374
correct pool and uniform headers format 2020-09-02 09:16:51 +03:00
Haelwenn (lanodan) Monnier d9a21e4784
fetcher: Remove fix_object call for Question activities 2020-09-01 08:35:00 +02:00
Haelwenn (lanodan) Monnier b1fc4fe0ca
fetcher: fallback to [] when to/cc is nil
Related: https://git.pleroma.social/pleroma/pleroma/-/issues/2063
2020-08-18 02:02:20 +02:00
Haelwenn (lanodan) Monnier ac2598307d
Merge remote-tracking branch 'pleroma/develop' into features/poll-validation 2020-07-31 13:57:21 +02:00
Haelwenn (lanodan) Monnier ad867ccfa1
fetcher: Reinject Question through validator 2020-07-15 11:39:55 +02:00
Haelwenn (lanodan) Monnier 6b9c4bc1f1
fetcher: more descriptive variable names 2020-07-15 11:39:55 +02:00
Haelwenn (lanodan) Monnier ce243b107f
Use Logger.info for {:reject, reason} 2020-07-13 15:26:31 +02:00
Haelwenn (lanodan) Monnier 1566543bec
object/fetcher: Pass full Transmogrifier error 2020-06-26 20:10:47 +02:00
Alexander Strizhakov 509c81e4b1
Merge branch 'develop' into gun 2020-03-03 10:08:07 +03:00
Haelwenn (lanodan) Monnier 6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Alexander Strizhakov 814b275af7
Merge branch 'develop' into gun 2020-02-29 11:34:50 +03:00
Alexander Strizhakov 514c899275
adding gun adapter 2020-02-18 08:19:01 +03:00
Ivan Tashkinov 269d592181 [#1505] Restricted max thread distance for fetching replies on incoming federation (in addition to reply-to depth restriction). 2020-02-15 20:41:38 +03:00
rinpatch 6e6f1ead31 Merge branch 'no-error-404' into 'develop'
Log at debug level for object deletion, not error.

See merge request pleroma/pleroma!2066
2020-01-22 17:55:49 +00:00
Phil Hagelberg 02c3031e99 Don't log when users or objects are deleted. 2019-12-13 12:05:53 -08:00
Egor Kislitsyn a37bd5c255 Change log level 2019-12-10 15:08:57 +07:00
rinpatch 9f29930440 fetcher: move local object checking into a reusable function 2019-11-23 22:55:41 +03:00
rinpatch 32afa07995 Fetcher: fix local check returning unwrapped object
This resulted in error messages about failed refetches being logged.
2019-11-07 01:40:55 +03:00
rinpatch 54746c6c26 Object Fetcher: set cache after reinjecting
Probably fixes the issue hj had, where polls would have different
counters between endpoints.
2019-11-06 14:00:03 +03:00
stwf 2ab072f949 object fetcher error handling 2019-10-24 12:08:34 -04:00
Ariadne Conill 3c785b85a6 object: fetcher: fix up formatting 2019-10-18 14:50:10 +00:00
Ariadne Conill a177f22e02 object: fetcher: improve error reporting 2019-10-18 14:50:10 +00:00
Ariadne Conill 6f110fc04c object fetcher: fix up error handling 2019-10-18 14:50:09 +00:00
Ariadne Conill 48059c03c9 fix up some tests 2019-10-18 14:50:09 +00:00
Ariadne Conill d379b48769 kill almost all of the OStatus module 2019-10-18 14:50:09 +00:00
Maksim Pechnikov d4ed3a35b8 Merge branch 'develop' into test/activity_pub/transmogrifier.ex 2019-09-19 07:35:34 +03:00
rinpatch 5028b7b578 Fix credo issues 2019-09-18 22:09:03 +03:00
rinpatch c096dd86e5 Do not refetch local objects 2019-09-18 20:01:26 +03:00
rinpatch eb87a86b5b Preserve internal fields when reinjecting 2019-09-18 19:53:51 +03:00
rinpatch e3f902b3a1 Set updated_at even if the object stayed the same 2019-09-18 19:07:25 +03:00
rinpatch 7ef575d11e Initial poll refresh support
Implement refreshing the object with an interval and call the function
when getting the poll.
2019-09-18 18:13:21 +03:00
Maksim Pechnikov fcf604fa43 added tests 2019-09-11 07:23:33 +03:00
Maksim Pechnikov 8dc6a6b210 fix /inbox for Relay 2019-08-22 22:48:07 +03:00
rinpatch 196cad46f3 Resolve merge conflicts 2019-07-20 22:04:47 +03:00
rinpatch c3ecaea64d Apply suggestion to lib/pleroma/object/fetcher.ex 2019-07-20 18:53:00 +00:00
Ariadne Conill 399acd4c42 fetcher: sign object fetches if configured 2019-07-17 22:58:46 +00:00
Haelwenn (lanodan) Monnier 2592934480
Object.Fetcher: Keep the with-do block as per kaniini proposition 2019-07-14 17:28:25 +02:00
Haelwenn (lanodan) Monnier e1c08a67d6
Object.Fetcher: Fallback to OStatus only if AP actually fails 2019-07-14 17:05:31 +02:00
Haelwenn (lanodan) Monnier 40d0a198e2
Object.Fetcher: Handle error on Containment.contain_origin/2 2019-07-14 14:58:47 +02:00
rinpatch e8fa477793 Refactor Follows/Followers counter syncronization
- Actually sync counters in the database instead of info cache (which got
overriden after user update was finished anyway)
- Add following count field to user info
- Set hide_followers/hide_follows for remote users based on http status
codes for the first collection page
2019-07-13 19:27:49 +03:00
feld 93a0eeab16 Add license/copyright to all project files 2019-07-10 05:13:23 +00:00
Ivan Tashkinov 5b7b1040b3 [#161] Limited replies depth on incoming federation in order to prevent memory leaks on recursive replies fetching. 2019-06-29 20:04:50 +03:00
Egor Kislitsyn 30e54fd7e2 Handle HTTP 404 response 2019-06-13 17:13:35 +07:00
Egor Kislitsyn afae3ada22 Handle HTTP "410 Gone" response 2019-06-13 16:34:03 +07:00
William Pitcock 9bec891eb4 kill @httpoison 2019-05-25 04:24:21 +00:00
William Pitcock 73df9d690d object: fetcher: add support for reinjecting pruned objects 2019-05-21 21:38:56 +00:00