William Pitcock
c07464607d
http security: remove form-action from CSP definitions
2018-11-16 17:40:21 +00:00
lambda
cc45797f4e
Merge branch 'fix-media-proxy-filename' into 'develop'
...
media_proxy: use path only to retrieve filename
See merge request pleroma/pleroma!450
2018-11-14 18:17:10 +00:00
kaniini
69d557e86d
Merge branch 'twitter-api-direct-messages' into 'develop'
...
Twitter api direct messages
See merge request pleroma/pleroma!449
2018-11-14 08:52:08 +00:00
href
f52a1d1ec5
media_proxy: use path only to retrieve filename
2018-11-13 23:41:33 +01:00
lain
ea9a776d7b
TwitterApi: Add direct message endpoint
2018-11-13 20:08:50 +01:00
lain
2cf40237ff
MastodonAPI: Add pagination to private messages.
2018-11-13 19:46:34 +01:00
href
9b553a1087
media_proxy: CSP, content-disposition
...
* Adds CSP headers to the media proxy endpoint
* Sends `content-disposition: attachment; …` for non-image/video/audio
content types
The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.
* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)
2018-11-13 15:58:02 +01:00
shibayashi
87c76a9a2f
Add __Host- prefix when secure flag is enabled
2018-11-13 00:32:38 +01:00
scarlett
0ce5623134
Merge branch 'twitter-api-null-display-name' into 'develop'
...
Twitter API: Fall back to user.nickname if user has no name
Closes #375
See merge request pleroma/pleroma!444
2018-11-12 17:08:54 +00:00
scarlett
cb6fd73861
Twitter API: Fall back to user.nickname if user has no name
2018-11-12 15:52:13 +00:00
kaniini
54923c2e55
Merge branch 'feature/csp-plug' into 'develop'
...
migrate CSP management to CSPPlug
See merge request pleroma/pleroma!441
2018-11-12 15:30:42 +00:00
William Pitcock
ee5932a504
http security: allow referrer-policy to be configured
2018-11-12 15:14:46 +00:00
William Pitcock
fe67665e19
rename CSPPlug to HTTPSecurityPlug.
2018-11-12 15:08:02 +00:00
KokaKiwi
1592fa2bea
Mastodon API: Fix list streaming
2018-11-11 14:18:15 +01:00
William Pitcock
df72978dce
csp plug: add support for certificate transparency
2018-11-11 06:55:44 +00:00
William Pitcock
331cf6ada1
csp plug: add sts support
2018-11-11 06:50:28 +00:00
William Pitcock
f516e317ea
plugs: add CSPPlug
2018-11-11 06:10:21 +00:00
William Pitcock
419ed3a0ca
oauth: fix token decode regression
2018-11-11 05:26:39 +00:00
William Pitcock
97e50f3191
activitypub: transmogrifier: sanitize internal representation details from outgoing objects
...
this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data. accordingly, it seems better to just remove
it.
2018-11-10 12:24:20 +00:00
William Pitcock
f8310114a6
activitypub: object view: sanitize both the activity and the object when an activity is given for rendering
2018-11-10 12:04:09 +00:00
kaniini
c9c1f9dee2
Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'
...
ostatus: only federate activities concerning note objects
See merge request pleroma/pleroma!437
2018-11-10 11:50:02 +00:00
kaniini
7daa102fa4
Merge branch 'bugfix/local-jsonld-context' into 'develop'
...
Host LitePub JSON-LD context locally
See merge request pleroma/pleroma!435
2018-11-10 11:37:44 +00:00
William Pitcock
4f87b8362b
endpoint: move CORSPlug in front of Plug.Static
2018-11-10 11:23:50 +00:00
William Pitcock
03a9990baf
endpoint: fix formatting
2018-11-10 11:18:25 +00:00
William Pitcock
e6d246882d
federator: don't federate anything other than Note objects to OStatus
2018-11-10 10:06:10 +00:00
William Pitcock
e4971553c7
activitypub: utils: use same object type list for mention extraction as insertion
2018-11-09 13:40:39 +00:00
William Pitcock
b3c360ce2c
notification: add fallback get_notified_from_activity()
2018-11-09 09:07:40 +00:00
William Pitcock
b9871e7e5a
activitypub: utils: wrap Note objects in a Create when extracting mentions
2018-11-09 09:01:40 +00:00
William Pitcock
8c805ada32
user: remove obsolete User.get_notified_from_activity().
2018-11-09 09:01:40 +00:00
William Pitcock
6cadfcb21e
activitypub: utils: switch to using new Notification.get_notified_from_activity().
2018-11-09 09:01:40 +00:00
William Pitcock
cdfdd77e30
notification: implement new Notification.get_notified_from_activity()
2018-11-09 09:01:36 +00:00
William Pitcock
d26cd6c1bf
user: factor out user set fetching from User.get_notified_from_activity()
2018-11-09 08:23:45 +00:00
William Pitcock
81d6ca1783
user: implement AS2 mention extraction + unify Announce handling
2018-11-08 20:19:56 +00:00
William Pitcock
6b4064fa5d
activitypub: transmogrifier: unify mention extraction
2018-11-08 19:41:36 +00:00
William Pitcock
0a2c1a3419
user: add optional local_only param to get_notified_from_activity()
2018-11-08 19:30:55 +00:00
Haelwenn (lanodan) Monnier
2fab32ab61
Pleroma.Web.Endpoint: Whitelist schemas directory
2018-11-08 20:22:12 +01:00
Haelwenn (lanodan) Monnier
934125695d
Move /litepub-1.0.jsonld to /schemas/litepub-0.1.jsonld
2018-11-08 20:21:45 +01:00
William Pitcock
4e93d6ae14
common api: utils: flip to/cc for mentions
2018-11-08 19:17:01 +00:00
William Pitcock
3e33479c05
activitypub: transmogrifier: only consider to
users as mention targets
2018-11-08 18:58:27 +00:00
William Pitcock
144dc048b8
user: only consider to
recipients as mention targets
2018-11-08 18:58:24 +00:00
Haelwenn (lanodan) Monnier
abcacec97d
Pleroma.Web.ActivityPub.Utils: Use locally-served JSON-LD Litepub context instead of Github-hosted one
2018-11-08 19:38:38 +01:00
William Pitcock
da16ada424
utils: use litepub @context instead of that huge mess
2018-11-08 16:52:14 +00:00
William Pitcock
f733470037
user view: unify a @context entry that was missed
2018-11-08 16:51:48 +00:00
lambda
59cf7cf235
Merge branch 'small-jsonld-refactor' into 'develop'
...
Small jsonld refactor
See merge request pleroma/pleroma!433
2018-11-08 16:23:58 +00:00
lain
34bd411781
Unify json ld header handling.
2018-11-08 16:39:38 +01:00
lain
3b02fd9fb7
Small refactor.
2018-11-08 16:05:28 +01:00
kaniini
4d627a5117
Merge branch 'feature/qvitter-notifications-dismiss' into 'develop'
...
qvitter notifications: add new "read notifications" API
See merge request pleroma/pleroma!431
2018-11-07 22:33:06 +00:00
kaniini
b451a92d78
Merge branch 'runtime-config' into 'develop'
...
Runtime configuration
See merge request pleroma/pleroma!430
2018-11-07 22:32:34 +00:00
href
e42f2efae4
/api/v1/accounts/relationships Return an empty array if no id in params
...
This copies Mastodon API behaviour & fixes Mastalab app.
2018-11-07 16:32:57 +01:00
href
9070588493
Runtime config: MRF changes
2018-11-07 10:40:24 +01:00