Commit graph

1864 commits

Author SHA1 Message Date
lain 2cf40237ff MastodonAPI: Add pagination to private messages. 2018-11-13 19:46:34 +01:00
href 9b553a1087
media_proxy: CSP, content-disposition
* Adds CSP headers to the media proxy endpoint

* Sends `content-disposition: attachment; …` for non-image/video/audio
content types

The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.

* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)
2018-11-13 15:58:02 +01:00
shibayashi 87c76a9a2f
Add __Host- prefix when secure flag is enabled 2018-11-13 00:32:38 +01:00
scarlett 0ce5623134 Merge branch 'twitter-api-null-display-name' into 'develop'
Twitter API: Fall back to user.nickname if user has no name

Closes #375

See merge request pleroma/pleroma!444
2018-11-12 17:08:54 +00:00
scarlett cb6fd73861 Twitter API: Fall back to user.nickname if user has no name 2018-11-12 15:52:13 +00:00
kaniini 54923c2e55 Merge branch 'feature/csp-plug' into 'develop'
migrate CSP management to CSPPlug

See merge request pleroma/pleroma!441
2018-11-12 15:30:42 +00:00
William Pitcock 2829fa4183 sample config: chase http_security change 2018-11-12 15:17:04 +00:00
William Pitcock ee5932a504 http security: allow referrer-policy to be configured 2018-11-12 15:14:46 +00:00
William Pitcock fe67665e19 rename CSPPlug to HTTPSecurityPlug. 2018-11-12 15:08:02 +00:00
KokaKiwi 1592fa2bea Mastodon API: Fix list streaming 2018-11-11 14:18:15 +01:00
William Pitcock df72978dce csp plug: add support for certificate transparency 2018-11-11 06:55:44 +00:00
William Pitcock 331cf6ada1 csp plug: add sts support 2018-11-11 06:50:28 +00:00
William Pitcock a2bf5426cb sample config: document how to make CSPPlug send STS headers (off by default to allow for SSL debugging) 2018-11-11 06:42:14 +00:00
William Pitcock f516e317ea plugs: add CSPPlug 2018-11-11 06:10:21 +00:00
William Pitcock 419ed3a0ca oauth: fix token decode regression 2018-11-11 05:26:39 +00:00
lambda f745e823f0 Merge branch 'bugfix/json-ld-object-sanitization' into 'develop'
JSON-LD: object sanitization

See merge request pleroma/pleroma!438
2018-11-10 12:37:18 +00:00
William Pitcock 97e50f3191 activitypub: transmogrifier: sanitize internal representation details from outgoing objects
this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data.  accordingly, it seems better to just remove
it.
2018-11-10 12:24:20 +00:00
Haelwenn (lanodan) Monnier 5ecb5629f6
lib/mix/tasks: s/@doc/@moduledoc/ 2018-11-10 13:09:39 +01:00
Haelwenn (lanodan) Monnier 5e3207045e
lib/mix/tasks/unsubscribe_user.ex: Fix syntax from bad line copy 2018-11-10 13:09:39 +01:00
Haelwenn (lanodan) Monnier 64c0289893
lib/mix/tasks: Add remaining documentation for mix tasks 2018-11-10 13:09:38 +01:00
Haelwenn (lanodan) Monnier 8b2541e4e7
Document the mix tasks in ex_doc instead 2018-11-10 13:09:37 +01:00
Haelwenn (lanodan) Monnier e1814bb322
Document mix tasks 2018-11-10 13:09:37 +01:00
William Pitcock f8310114a6 activitypub: object view: sanitize both the activity and the object when an activity is given for rendering 2018-11-10 12:04:09 +00:00
kaniini c9c1f9dee2 Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'
ostatus: only federate activities concerning note objects

See merge request pleroma/pleroma!437
2018-11-10 11:50:02 +00:00
kaniini 7daa102fa4 Merge branch 'bugfix/local-jsonld-context' into 'develop'
Host LitePub JSON-LD context locally

See merge request pleroma/pleroma!435
2018-11-10 11:37:44 +00:00
William Pitcock 4f87b8362b endpoint: move CORSPlug in front of Plug.Static 2018-11-10 11:23:50 +00:00
William Pitcock 03a9990baf endpoint: fix formatting 2018-11-10 11:18:25 +00:00
William Pitcock e6d246882d federator: don't federate anything other than Note objects to OStatus 2018-11-10 10:06:10 +00:00
William Pitcock e4971553c7 activitypub: utils: use same object type list for mention extraction as insertion 2018-11-09 13:40:39 +00:00
William Pitcock b3c360ce2c notification: add fallback get_notified_from_activity() 2018-11-09 09:07:40 +00:00
William Pitcock b9871e7e5a activitypub: utils: wrap Note objects in a Create when extracting mentions 2018-11-09 09:01:40 +00:00
William Pitcock 8c805ada32 user: remove obsolete User.get_notified_from_activity(). 2018-11-09 09:01:40 +00:00
William Pitcock 6cadfcb21e activitypub: utils: switch to using new Notification.get_notified_from_activity(). 2018-11-09 09:01:40 +00:00
William Pitcock cdfdd77e30 notification: implement new Notification.get_notified_from_activity() 2018-11-09 09:01:36 +00:00
William Pitcock d26cd6c1bf user: factor out user set fetching from User.get_notified_from_activity() 2018-11-09 08:23:45 +00:00
William Pitcock 81d6ca1783 user: implement AS2 mention extraction + unify Announce handling 2018-11-08 20:19:56 +00:00
William Pitcock 6b4064fa5d activitypub: transmogrifier: unify mention extraction 2018-11-08 19:41:36 +00:00
William Pitcock 0a2c1a3419 user: add optional local_only param to get_notified_from_activity() 2018-11-08 19:30:55 +00:00
Haelwenn (lanodan) Monnier 2fab32ab61
Pleroma.Web.Endpoint: Whitelist schemas directory 2018-11-08 20:22:12 +01:00
Haelwenn (lanodan) Monnier 934125695d
Move /litepub-1.0.jsonld to /schemas/litepub-0.1.jsonld 2018-11-08 20:21:45 +01:00
William Pitcock 4e93d6ae14 common api: utils: flip to/cc for mentions 2018-11-08 19:17:01 +00:00
William Pitcock 3e33479c05 activitypub: transmogrifier: only consider to users as mention targets 2018-11-08 18:58:27 +00:00
William Pitcock 144dc048b8 user: only consider to recipients as mention targets 2018-11-08 18:58:24 +00:00
Haelwenn (lanodan) Monnier abcacec97d
Pleroma.Web.ActivityPub.Utils: Use locally-served JSON-LD Litepub context instead of Github-hosted one 2018-11-08 19:38:38 +01:00
William Pitcock da16ada424 utils: use litepub @context instead of that huge mess 2018-11-08 16:52:14 +00:00
William Pitcock f733470037 user view: unify a @context entry that was missed 2018-11-08 16:51:48 +00:00
lambda 59cf7cf235 Merge branch 'small-jsonld-refactor' into 'develop'
Small jsonld refactor

See merge request pleroma/pleroma!433
2018-11-08 16:23:58 +00:00
lain 34bd411781 Unify json ld header handling. 2018-11-08 16:39:38 +01:00
lain 3b02fd9fb7 Small refactor. 2018-11-08 16:05:28 +01:00
kaniini 4d627a5117 Merge branch 'feature/qvitter-notifications-dismiss' into 'develop'
qvitter notifications: add new "read notifications" API

See merge request pleroma/pleroma!431
2018-11-07 22:33:06 +00:00
kaniini b451a92d78 Merge branch 'runtime-config' into 'develop'
Runtime configuration

See merge request pleroma/pleroma!430
2018-11-07 22:32:34 +00:00
href e42f2efae4
/api/v1/accounts/relationships Return an empty array if no id in params
This copies Mastodon API behaviour & fixes Mastalab app.
2018-11-07 16:32:57 +01:00
href 9070588493
Runtime config: MRF changes 2018-11-07 10:40:24 +01:00
William Pitcock b2105a3131 twitterapi: add notification read endpoint 2018-11-06 23:25:07 +00:00
William Pitcock f16c2e0b1b notification: add Notification.set_read_up_to() 2018-11-06 22:50:43 +00:00
href 5bb88fd174
Runtime configuration
Related to #85

Everything should now be configured at runtime, with the exception of
the `Pleroma.HTML` scrubbers (the scrubbers used can be
changed at runtime, but their configuration is compile-time) because
it's building a module with a macro.
2018-11-06 19:41:15 +01:00
kaniini a68c18f0ad Merge branch 'unify-mastodon-oauth' into 'develop'
Unify Mastodon Login with OAuth login.

See merge request pleroma/pleroma!429
2018-11-06 16:18:12 +00:00
kaniini 0f3e78addb Merge branch 'runtime-router' into 'develop'
Runtime configured router

See merge request pleroma/pleroma!426
2018-11-06 15:35:19 +00:00
lain a8f1e30cb8 Formatting. 2018-11-06 16:05:58 +01:00
href 7d328c658d
Small wrapper module around Application.get_env/put_env
Same API as the old Pleroma.Config
2018-11-06 16:00:48 +01:00
lain 4f640c43ed Unify Mastodon Login with OAuth login.
This removes duplication in the login code.
2018-11-06 15:19:11 +01:00
href 2bc924ba45
Get rid of Pleroma.Config in favor of Application
Discussed in https://git.pleroma.social/pleroma/pleroma/merge_requests/426#note_7232
2018-11-06 15:12:53 +01:00
href 013f7ba8c1
Add federating plug & public tests 2018-11-06 14:45:04 +01:00
href 83911b1443
Fix wrong return when finmoji is disabled 2018-11-05 21:17:47 +01:00
href fd0e7d18d9
handle_continue is OTP21+ 2018-11-05 18:04:43 +01:00
href 6fe23c5458
Runtime configured router 2018-11-05 15:19:03 +01:00
href d096bc17bf
revert endpoint position in supervision tree 2018-11-05 14:05:04 +01:00
href 763fc7b44f
Runtime configured emojis
The changes are a bit heavy since the emojis were loaded into module
attributes from filesystem.

This introduces a GenServer using an ETS table to cache in memory the
emojis, and allows a runtime-reload with `Pleroma.Emoji.reload()`.
2018-11-05 13:24:00 +01:00
kaniini 007f1c73b1 Merge branch 'feature/cors-again' into 'develop'
Add CORSPlug to make web-based OAuth easier.

See merge request pleroma/pleroma!420
2018-11-03 15:36:23 +00:00
Haelwenn (lanodan) Monnier 3e50bb667f
Pleroma.Web.MastodonAPI.StatusView: Content isn’t nullable 2018-11-03 14:42:47 +01:00
lain e954cfcc2c Add CORSPlug to make web-based OAuth easier. 2018-11-03 13:38:01 +01:00
lambda 4bcdbb12a4 Merge branch 'fix_hashtag_search' into 'develop'
Fix hashtag search

See merge request pleroma/pleroma!418
2018-11-02 20:05:56 +00:00
Mark Felder 0cca7edbe0 Fix hashtag search
When we lowercase the search it will succesfully do a case insenstive
match. Now #Linux will match #linux and #LINUX whereas previously it
would only match the exact case.
2018-11-02 19:38:57 +00:00
lain 45ebc8dd9a Check for empty string in_reply_to ids. 2018-11-02 17:33:51 +01:00
Haelwenn (lanodan) Monnier 3c7d4ff271
Pleroma.Web.TwitterAPI.ActivityView: Harden TwitterAPI against remnant of prismo 2018-11-01 15:07:27 +01:00
William Pitcock 24ba08de13 twitter api: add support for rendering Page objects 2018-11-01 10:01:35 +00:00
William Pitcock 4d8f076125 mastodon api: add support for rendering Page objects 2018-11-01 10:00:16 +00:00
William Pitcock 9f03b5c4f7 activitypub: transmogrifier: add support for Page objects 2018-11-01 09:59:43 +00:00
Lee Starnes 585b29337c Ensure filters have a filter_id 2018-11-01 09:17:02 +00:00
kaniini eba9a62024 Merge branch 'feature/relay-tests' into 'develop'
relay tests

See merge request pleroma/pleroma!411
2018-11-01 09:10:51 +00:00
Haelwenn 40676d7683 Merge branch 'bugfix/prismo.news_article_url' into 'develop'
Bugfix/prismo.news article url

Closes #352

See merge request pleroma/pleroma!410
2018-11-01 09:05:16 +00:00
lain 1e9ced5af4 Test Relay, switch to runtime configuration. 2018-11-01 09:01:43 +00:00
lain e6ec01afb6 Start configuration manager. 2018-11-01 09:01:24 +00:00
lain 9b77030d3c Add basic configuration management module. 2018-11-01 09:01:03 +00:00
Haelwenn (lanodan) Monnier b2da5262ea
Pleroma.Web.ActivityPub.Transmogrifier: fix_url when not a string/empty
Thanks prismo.news, I hate it
2018-11-01 09:56:37 +01:00
Haelwenn (lanodan) Monnier 755f166406
Pleroma.Web.MastodonAPI.StatusView: Do not fail when URL isn’t a string 2018-11-01 09:55:38 +01:00
William Pitcock 2b3a40d038 object: split object_cache from user_cache 2018-11-01 08:41:46 +00:00
William Pitcock f584a603f9 user: make User.delete() return data consistent with Object.delete() 2018-11-01 07:56:21 +00:00
William Pitcock 2c3bfd7f76 user: delete user_info data in User.invalidate_cache() 2018-11-01 07:52:58 +00:00
William Pitcock 10f3958468 object: return the deleted object as well 2018-11-01 07:47:50 +00:00
William Pitcock 2bf358d7b4 activitypub: use Object.delete() instead of mutating the database and cache directly 2018-11-01 07:29:12 +00:00
William Pitcock c4e43da63e object: add safe object deletion function 2018-11-01 07:28:48 +00:00
Haelwenn (lanodan) Monnier 558e6a84d6
[Pleroma.Web.CommonAPI]: Delete post cache entry when it’s deleted
Closes: https://git.pleroma.social/pleroma/pleroma/issues/346
2018-11-01 06:52:01 +01:00
William Pitcock 47f76bf4b1 common api: allow self-liking objects
mastodon allows this, for whatever reason.

closes #347.
2018-10-31 22:29:49 +00:00
kaniini 5fea3d9eca Merge branch 'allow-abbr' into 'develop'
Allow use of the `abbr` HTML tag.

See merge request pleroma/pleroma!405
2018-10-30 23:22:48 +00:00
scarlett 795634c90f Allow use of the abbr HTML tag. 2018-10-30 21:40:06 +00:00
scarlett b92e38d2d4 Add user reactivation task. 2018-10-29 23:13:15 +00:00
kaniini a880e0a527 Merge branch 'feature/upload-limits' into 'develop'
configurable media upload limits

Closes #118

See merge request pleroma/pleroma!401
2018-10-29 20:14:10 +00:00
William Pitcock 676c97b8c7 nodeinfo: expose configured upload limits 2018-10-29 20:07:52 +00:00
William Pitcock 36825932eb s3 uploader: add new feature to force public attachment URIs to go through media proxy 2018-10-29 18:00:59 +00:00