FloatingGhost
cc75b313f3
Add favicon, frontend docs
2022-11-20 21:44:32 +00:00
@r3g_5z@plem.sapphic.site
0e4c201f8d
HTTP header improvements ( #294 )
...
- Drop Expect-CT
Expect-CT has been redundant since 2018 when Certificate Transparency became mandated and required for all CAs and browsers. This header is only implemented in Chrome and is now deprecated. HTTP header analysers do not check this anymore as this is enforced by default. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT
- Raise HSTS to 2 years and explicitly preload
The longer age for HSTS, the better. Header analysers prefer 2 years over 1 year now as free TLS is very common using Let's Encrypt.
For HSTS to be fully effective, you need to submit your root domain (domain.tld) to https://hstspreload.org . However, a requirement for this is the "preload" directive in Strict-Transport-Security. If you do not have "preload", it will reject your domain.
- Drop X-Download-Options
This is an IE8-era header when Adobe products used to use the IE engine for making outbound web requests to embed webpages in things like Adobe Acrobat (PDFs). Modern apps are using Microsoft Edge WebView2 or Chromium Embedded Framework. No modern browser checks or header analyser check for this.
- Set base-uri to 'none'
This is to specify the domain for relative links (`<base>` HTML tag). pleroma-fe does not use this and it's an incredibly niche tag.
I use all of these myself on my instance by rewriting the headers with zero problems. No breakage observed.
I have not compiled my Elixr changes, but I don't see why they'd break.
Co-authored-by: r3g_5z <june@terezi.dev>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/294
Co-authored-by: @r3g_5z@plem.sapphic.site <june@terezi.dev>
Co-committed-by: @r3g_5z@plem.sapphic.site <june@terezi.dev>
2022-11-20 21:20:06 +00:00
floatingghost
6453297e9c
Merge pull request 'Drop XSS auditor' ( #292 ) from r3g_5z/akkoma:drop-xss-auditor into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/292
2022-11-20 04:00:25 +00:00
r3g_5z
f90552f62e
Drop XSS auditor
...
It's deprecated, removed in some, by all modern browsers and is known
to create XSS vulnerabilities in itself.
Signed-off-by: r3g_5z <june@terezi.dev>
2022-11-19 20:40:20 -05:00
FloatingGhost
fb5f846e8c
Add languages
to cheatsheet
2022-11-18 11:22:30 +00:00
Norm
14c1a4220b
docs: Update list of clients ( #284 )
...
In addition to making the page refer to Akkoma instead of Pleroma, I've
also removed clients that were not updated in a year or more and updated
links to websites and the contact links of authors.
Also removed language that suggested these clients are in any way
"officially supported".
Co-authored-by: Francis Dinh <normandy@biribiri.dev>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/284
Co-authored-by: Norm <normandy@biribiri.dev>
Co-committed-by: Norm <normandy@biribiri.dev>
2022-11-18 11:19:37 +00:00
floatingghost
ab44b82af0
Merge pull request 'Update copyright info' ( #285 ) from norm/akkoma:copyright-stuff into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/285
2022-11-18 11:17:24 +00:00
floatingghost
e1e0d5d759
microblogpub federation fixes ( #288 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/288
2022-11-18 11:14:35 +00:00
Francis Dinh
e45b242d88
Update copyright info
...
- Bump years to 2022 where appropriate
- Add copyright for Akkoma authors
- Remove references to deleted images
2022-11-17 22:48:33 -05:00
floatingghost
9deae8c533
Merge pull request 'docs: Update links to list of akkoma instances' ( #278 ) from norm/akkoma:update-akkoma-list-urls into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/278
2022-11-16 10:16:27 +00:00
FloatingGhost
d4ca1217d3
Be very specific about the double-quotes in strings
2022-11-16 10:13:41 +00:00
Haelwenn (lanodan) Monnier
3e0a5851e5
Set instance reachable on fetch
2022-11-15 17:23:47 +00:00
Francis Dinh
7a833aff90
docs: Update links to list of akkoma instances
...
The old links were for Pleroma instances and one of them isn't even active anymore.
2022-11-15 07:51:19 -05:00
floatingghost
2a1f17e3ed
and i yoink ( #275 )
...
Co-authored-by: Mark Felder <feld@feld.me>
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/275
2022-11-14 15:07:26 +00:00
FloatingGhost
893bfde66f
Remove references to soykaf
...
Fixes #271
2022-11-14 00:01:31 +00:00
floatingghost
c1127e321b
Add configurable timeline per oban job ( #273 )
...
Heavily inspired by https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3777
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/273
2022-11-13 23:55:51 +00:00
floatingghost
7d4c4aa16e
Merge pull request 'change default redirectRootNoLogin to /main/public' ( #272 ) from nocebo/akkoma:nocebo-default-public-tl into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/272
2022-11-13 22:45:22 +00:00
nocebo
35cddd7cf7
change default redirectRootNoLogin to /main/public
...
close #268
2022-11-13 08:43:12 +00:00
floatingghost
19272be0ce
Merge pull request 'Chores for 2022.11' ( #266 ) from 2022-11-stable into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/266
2022-11-12 15:16:51 +00:00
FloatingGhost
89dbc7177b
Chores for 2022.11
2022-11-11 16:12:04 +00:00
FloatingGhost
634463ff64
fix requirements
2022-11-11 16:07:07 +00:00
FloatingGhost
ac0c00cdee
Add media sources to connect-src if media proxy is enabled
2022-11-10 17:26:51 +00:00
FloatingGhost
50458a17dc
Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop
2022-11-10 11:54:35 +00:00
FloatingGhost
bab1ab5b6c
strip \r and \r from content-disposition filenames
2022-11-10 11:54:12 +00:00
FloatingGhost
dcc36df8cf
add manual deploy for docs
2022-11-10 10:55:57 +00:00
floatingghost
77ed5fc674
Merge pull request 'Fix typo in README' ( #262 ) from eloy/akkoma:develop into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/262
2022-11-10 10:52:59 +00:00
Eloy Degen
f8b4e360a0
Fix typo in README
2022-11-10 10:00:39 +01:00
FloatingGhost
539c6d6666
update requirements.txt
2022-11-10 03:40:36 +00:00
FloatingGhost
dc2e9845bb
Merge remote-tracking branch 'origin/translations' into develop
2022-11-10 03:38:38 +00:00
FloatingGhost
66eb844bd2
Update documentation builder
2022-11-10 03:38:10 +00:00
FloatingGhost
c5b6cb746f
add requested_by changelog entry
2022-11-10 03:17:00 +00:00
Weblate
f2c6749b57
Update translation files
...
Updated by "Squash Git commits" hook in Weblate.
Translation: Pleroma fe/Akkoma Backend (Errors)
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-errors/
2022-11-10 03:16:35 +00:00
Weblate
f7c1e15d08
Translated using Weblate (Spanish)
...
Currently translated at 21.6% (23 of 106 strings)
Co-authored-by: mint <they@mint.lgbt>
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-errors/es/
Translation: Pleroma fe/Akkoma Backend (Errors)
2022-11-10 03:16:35 +00:00
floatingghost
cc6a076202
Include requested_by in relationship ( #260 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/260
2022-11-10 03:16:32 +00:00
FloatingGhost
53fbe26c80
reference "stable" in all URLs
2022-11-09 13:22:44 +00:00
FloatingGhost
0681a26dbb
Remove unused pattern
2022-11-08 13:54:43 +00:00
FloatingGhost
4e8ab0deeb
fix count of poll voters
2022-11-08 13:50:04 +00:00
FloatingGhost
2e895b6c02
make metdata check a debug log
2022-11-08 11:03:43 +00:00
FloatingGhost
479aacb1b6
Add fallback for reports that don't have attached activities
2022-11-08 11:01:47 +00:00
FloatingGhost
a0b8e3c842
Don't mess with the cache on metadata update
2022-11-08 10:39:01 +00:00
FloatingGhost
7bbaa8f8e0
automatically trim loading *. prefixes on domain blocks
2022-11-07 22:33:18 +00:00
FloatingGhost
c0eecb55bf
Update finch
2022-11-07 13:32:34 +00:00
FloatingGhost
e0032e4799
Add rollbacks for associated_object_id
2022-11-07 00:08:20 +00:00
FloatingGhost
48309c141e
Add "differences" in readme
2022-11-06 23:57:43 +00:00
floatingghost
31ad09010e
Fix regex usage in MRF ( #254 )
...
fixes #235
fixes #228
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/254
2022-11-06 23:50:32 +00:00
FloatingGhost
5123b3a5dd
Add enabled check on /translation/languages
2022-11-06 22:55:26 +00:00
FloatingGhost
bbedbaaf5c
Changelog
2022-11-06 22:50:11 +00:00
floatingghost
b7e8ce2350
Scrape instance nodeinfo ( #251 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/251
2022-11-06 22:49:39 +00:00
FloatingGhost
ccdf55acff
Fix instance name in email test
2022-11-04 18:42:12 +00:00
floatingghost
cc6d760814
Merge pull request 'Fix typo in CSP Report-To header name' ( #250 ) from tcit/akkoma:fix-typo-in-csp-report-to-header-name into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/250
2022-11-04 18:41:26 +00:00