moon/spc-pleroma
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
spc-pleroma/lib/pleroma
History
rinpatch 6ca709816f Fix object spoofing vulnerability in attachments 
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
..
activity
Remote Timeline: add Streaming support
2020-10-08 20:07:03 -05:00
bbs
alias alphabetically order
2020-10-13 16:43:59 +03:00
captcha
Use Pleroma.HTTP instead of Tesla
2020-11-01 12:05:39 +03:00
chat
ChatController: Add last_read_id option to mark_as_read.
2020-06-07 15:38:33 +02:00
config
migration and warning for RemoteIp plug rename
2020-10-13 16:44:04 +03:00
conversation
Merge branch 'issue/2069' into 'develop'
2020-10-29 23:39:15 +00:00
docs
config descriptions for custom MRF policies
2020-11-10 19:20:14 +03:00
ecto_type
Add new Emoji Ecto.Type and fix emoji in Question
2020-09-01 08:34:57 +02:00
emails
AdminEmail: Use AP id as user url.
2020-11-04 17:12:47 +01:00
emoji
Use Pleroma.HTTP instead of Tesla
2020-11-01 12:05:39 +03:00
gopher
using atom keys in search params
2020-07-17 18:06:05 +03:00
gun
other files consistency
2020-10-13 16:38:19 +03:00
helpers
[#1668] Restricted access to app metrics endpoint by default. Added ability to configure IP whitelist for this endpoint.
2020-10-18 21:22:21 +03:00
http
changes after rebase
2020-10-13 16:44:03 +03:00
instances
federation_status: New endpoint showing unreachable instances
2020-10-16 01:14:04 +02:00
mfa
expire mfa tokens through Oban
2020-09-10 16:01:19 +03:00
migration_helper
added notification constraints
2020-09-14 14:08:12 +03:00
object
Fix object spoofing vulnerability in attachments
2020-11-12 15:25:33 +03:00
reverse_proxy
other files consistency
2020-10-13 16:38:19 +03:00
telemetry
Add missing Copyright headers
2020-10-12 12:00:50 -05:00
tesla/middleware
changes after rebase
2020-10-13 16:44:03 +03:00
tests
alias alphabetically order
2020-10-13 16:43:59 +03:00
upload
Merge branch 'fix/upload-filter-exiftool-webp' into 'develop'
2020-09-08 19:45:44 +03:00
uploaders
UploadedMedia module name
2020-10-13 16:42:51 +03:00
user
Merge remote-tracking branch 'origin/develop' into feature/account-export
2020-10-30 19:34:02 +04:00
web
Merge branch 'title-injection-change' into 'develop'
2020-11-12 08:50:26 +00:00
workers
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/expire-mutes
2020-11-04 16:51:42 +01:00
activity.ex
Permit fetching individual reports with notes preloaded
2020-11-02 13:06:59 -06:00
application_requirements.ex
[#3031] Refactoring: moved system commands checks to ApplicationRequirements.
2020-09-29 16:28:06 +03:00
application.ex
Add idempotency_key to the chat_message entity.
2020-10-31 05:50:59 +03:00
bookmark.ex
captcha.ex
other files consistency
2020-10-13 16:38:19 +03:00
chat.ex
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into issue/2115
2020-09-22 17:13:46 +02:00
clippy.ex
config_db.ex
other files consistency
2020-10-13 16:38:19 +03:00
config.ex
[#2046] Defaulted pleroma/restrict_unauthenticated basing on instance privacy setting (i.e. restrict on private instances only by default).
2020-08-14 20:55:45 +03:00
constants.ex
static-fe.css: Restore and move to /priv/static/static-fe
2020-06-12 20:42:43 +03:00
conversation.ex
remove unread_conversation_count from User
2020-09-01 09:37:08 +03:00
counter_cache.ex
Set sum types in query
2020-05-10 09:13:24 +03:00
delivery.ex
earmark_renderer.ex
ecto_enums.ex
emoji-data.txt
emoji.ex
added tests
2020-08-24 15:01:45 +03:00
filter.ex
renaming back and reject nil on create
2020-07-06 09:30:42 +03:00
following_relationship.ex
relay fix for admin-fe
2020-08-19 08:41:39 +03:00
formatter.ex
Revert "Merge branch 'revert-2b5d9eb1' into 'develop'"
2020-07-21 22:18:17 +00:00
gun.ex
other files consistency
2020-10-13 16:38:19 +03:00
healthcheck.ex
healthcheck: report real amount of memory allocated by beam
2020-05-10 02:11:33 +03:00
html.ex
Merge branch 'fix/rich-media-fake-statuses' into 'develop'
2020-09-08 13:56:42 +03:00
http.ex
other files consistency
2020-10-13 16:38:19 +03:00
instances.ex
federation_status: New endpoint showing unreachable instances
2020-10-16 01:14:04 +02:00
job_queue_monitor.ex
fix job monitor
2020-08-11 22:06:33 +03:00
jwt.ex
Add missing Copyright headers
2020-10-12 12:00:50 -05:00
keys.ex
list.ex
maintenance.ex
Abstract out the database maintenance. I'd like to use this from AdminFE too.
2020-05-27 16:40:51 -05:00
maps.ex
Create Pleroma.Maps.put_if_present(map, key, value, value_fun // &{:ok, &1})
2020-06-05 14:48:02 +00:00
marker.ex
mfa.ex
copyright update
2020-05-18 15:15:51 +03:00
moderation_log.ex
Merge branch 'develop' into feature/account-export
2020-10-14 15:27:15 -05:00
notification.ex
Notification: Small refactor.
2020-08-31 11:02:54 +02:00
object_tombstone.ex
object.ex
Fix linting.
2020-08-05 15:40:32 +02:00
otp_version.ex
pagination.ex
[#1873] Fixes missing :offset pagination param support. Added pagination support for hashtags search.
2020-06-19 16:14:06 +03:00
password_reset_token.ex
registration.ex
release_tasks.ex
repo.ex
RepoStreamer.chunk_stream -> Repo.chunk_stream
2020-09-16 09:47:18 +03:00
report_note.ex
reverse_proxy.ex
other files consistency
2020-10-13 16:38:19 +03:00
scheduled_activity.ex
Add OpenAPI spec for StatusController
2020-05-13 00:25:21 +04:00
signature.ex
Federate data through persistent websocket connections
2020-09-18 11:58:22 +00:00
stats.ex
don't run update in tests
2020-09-09 10:48:18 +03:00
thread_mute.ex
upload.ex
Merge branch 'develop' into feature/gen-magic
2020-09-10 16:05:22 -05:00
user_invite_token.ex
user_relationship.ex
[#2456] Added support for embed_relationships param, nailed down endpoints which should support it. Fixed :source_mutes relationships subset fetching.
2020-05-12 19:14:35 +03:00
user.ex
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/expire-mutes
2020-11-04 16:51:42 +01:00
utils.ex
added tests
2020-08-24 15:01:45 +03:00
web.ex
Merge branch 'develop' into chore/elixir-1.11
2020-10-13 09:54:53 -05:00
xml_builder.ex
more files renamings
2020-10-13 16:38:19 +03:00