Commit graph

12309 commits

Author SHA1 Message Date
Haelwenn (lanodan) Monnier e2f573d68b
pleroma.instance: Fix Exiftool module name 2020-11-14 22:31:01 +01:00
rinpatch 6ca709816f Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
Haelwenn 99bc175f02 Merge branch 'title-injection-change' into 'develop'
Title injection change

See merge request pleroma/pleroma!3132
2020-11-12 08:50:26 +00:00
feld ccec59047b Merge branch 'feature/ingest-blurhash' into 'develop'
Ingest blurhash for attachments if they were federated

Closes #2294

See merge request pleroma/pleroma!3133
2020-11-11 22:37:16 +00:00
Mark Felder 966663c3f8 Fix tests for other attachment types 2020-11-11 16:17:35 -06:00
Mark Felder 2156de2fee Ingest blurhash field during transmogrification 2020-11-11 13:39:02 -06:00
Mark Felder 2254e5e595 Render blurhashes in Mastodon API 2020-11-11 12:51:13 -06:00
Mark Felder 6fd72e9e85 Ingest blurhash for attachments if they were federated 2020-11-11 12:27:51 -06:00
lain b0e4e0cf2a Changelog: Add info about title injection 2020-11-11 17:19:09 +01:00
lain 25bd64b03a Bundled FE: Remove title tag 2020-11-11 17:17:41 +01:00
feld 911fc3c523 Merge branch 'mrf-config-descriptions' into 'develop'
little changes for MRF config descriptions

See merge request pleroma/pleroma!3131
2020-11-11 16:15:57 +00:00
lain 631def2df2 RedirectController: Don't replace title, but inject into the meta 2020-11-11 17:10:59 +01:00
Alexander Strizhakov 8da9f919f8
little changes for MRF config descriptions
- log level reduction, if policy doesn't implement config_description method
- docs in dev.md
2020-11-11 18:49:15 +03:00
feld 3cd7ea693f Merge branch 'feature/2222-config-descriptions-for-custom-modules' into 'develop'
Config descriptions for custom MRF policies

Closes #2222

See merge request pleroma/pleroma!3128
2020-11-11 13:48:03 +00:00
Alexander Strizhakov f97f24b067
making credo happy and test fix 2020-11-11 10:48:03 +03:00
Alexander Strizhakov efc27f6464
fix for adminFE
- revert UserAllowPolicy description
- MRF descriptions order
2020-11-11 10:10:57 +03:00
Alexander Strizhakov 485697d96c
config descriptions for custom MRF policies 2020-11-10 19:20:14 +03:00
lain 88f6b61a5e Merge branch '2260-wrong-report-link' into 'develop'
Resolve "Wrong user link in Report email"

Closes #2260

See merge request pleroma/pleroma!3121
2020-11-10 11:04:19 +00:00
lain d77fd6b3d0 Merge branch 'fix/html-title-load' into 'develop'
Fix title on load of Pleroma HTML, fixes #2281

Closes #2281

See merge request pleroma/pleroma!3125
2020-11-10 10:05:15 +00:00
lain 4a3d1e78f6 Merge branch 'fix/2291-atom-feed-escape' into 'develop'
Escaping in xml templates

Closes #2291

See merge request pleroma/pleroma!3126
2020-11-10 09:34:13 +00:00
Alexander Strizhakov 0c68b9ac13
escaping summary and other fields in xml templates 2020-11-10 10:46:57 +03:00
Haelwenn db07b538a5 Merge branch 'remove/release-env' into 'develop'
Remove release_env

See merge request pleroma/pleroma!3124
2020-11-09 09:14:41 +00:00
Sean King e4a21084f0 Fix title on load of Pleroma HTML 2020-11-08 16:16:20 -07:00
rinpatch cc45c69fff Remove release_env
While taking a final look at instance.gen before releasing I noticed
that the release_env task outputs messages in broken english. Upon
further inspection it seems to have even more severe issues which, in
my opinion, warrant it's at least temporary removal:
- We do not explain what it actually does, anywhere. Neither the task
 docs nor instance.gen, nor installation instructions.
- It does not respect FHS on OTP releases (uses /opt/pleroma/config even
 though we store the config in /etc/pleroma/config.exs).
- It doesn't work on OTP releases, which is the main reason it exists.
Neither systemd nor openrc service files for OTP include it.
- It is not mentioned in install guides other than the ones for Debian
and OTP releases.
2020-11-08 11:56:09 +03:00
lain 294628d981 Merge branch 'feature/expire-mutes' into 'develop'
Expiring mutes for users and activities

Closes #1817

See merge request pleroma/pleroma!2971
2020-11-05 12:44:16 +00:00
lain 9b2ed14277 Docs: Add info about expiring mutes. 2020-11-05 13:23:58 +01:00
lain 4e7418d963 Merge branch 'stats-genserver-fix' into 'develop'
don't run  Stats GenServer updates in tests

See merge request pleroma/pleroma!2976
2020-11-04 16:15:04 +00:00
lain 5ddf0be208 Changelog: Add info about admin email user link changes. 2020-11-04 17:13:34 +01:00
lain 6d850c46dc AdminEmail: Use AP id as user url. 2020-11-04 17:12:47 +01:00
lain d8d4e96230 Merge branch 'default-mrf' into 'develop'
Add TagPolicy as default MRF

See merge request pleroma/pleroma!2834
2020-11-04 15:54:12 +00:00
lain 7bbc328d66 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into stats-genserver-fix 2020-11-04 16:52:30 +01:00
lain dd2b3a8da9 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/expire-mutes 2020-11-04 16:51:42 +01:00
lain 78cea44553 Merge branch 'ejabberd-pleroma-auth' into 'develop'
Add ejabberd auth document

See merge request pleroma/pleroma!3074
2020-11-04 15:42:48 +00:00
lain 4800ee656b Merge branch 'features/federation-status' into 'develop'
Add a federation_status endpoint showing unreachable instances

See merge request pleroma/pleroma!3086
2020-11-04 15:00:52 +00:00
lain 5db4c823b2 Merge branch 'restrict-domain' into 'develop'
View a remote server's timeline

See merge request pleroma/pleroma!2713
2020-11-04 14:54:53 +00:00
Haelwenn 9c09ea01aa Merge branch '2284-voters-count' into 'develop'
Always return voters_count in polls

See merge request pleroma/pleroma!3120
2020-11-04 14:44:45 +00:00
lain eb1e1e7494 Changelog: Add info about federation status endpoint 2020-11-04 15:39:32 +01:00
lain 504a829edb Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into features/federation-status 2020-11-04 15:38:10 +01:00
lain cb3cd3a761 TopicsTest: Small addition. 2020-11-04 15:24:10 +01:00
lain 329aa19c9f Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into alexgleason/pleroma-restrict-domain 2020-11-04 15:05:01 +01:00
lain bc4d9c4ffc Merge branch 'hide-muted-chats' into 'develop'
Hide chats from muted users

Closes #2230

See merge request pleroma/pleroma!3116
2020-11-04 13:48:15 +00:00
Egor Kislitsyn ca95cbe0b4
Add with_muted param to ChatController.index/2 2020-11-04 16:40:12 +04:00
lain 92d252f364 Poll Schema: Update and fix. 2020-11-04 10:20:09 +01:00
lain f09bb814a9 Changelog: Add info about poll view changes 2020-11-04 10:14:48 +01:00
lain 1cfc3278c0 Poll View: Always return voters_count. 2020-11-04 10:14:00 +01:00
lain ba3f3a5a56 Merge branch 'chores/pleroma-favicon-logo' into 'develop'
favicon: Use images/pleroma_logo_vector_bg_32.png from pleroma.social

Closes #2270

See merge request pleroma/pleroma!3115
2020-11-03 13:12:39 +00:00
lain f7a3dcd320 Merge branch 'patch-4' into 'develop'
ConversationView: add current user to conversations, according to Mastodon behaviour, fix last_status.account being not filled

Closes #2217

See merge request pleroma/pleroma!3089
2020-11-03 13:11:36 +00:00
lain c37118e6f2 Conversations: A few refactors 2020-11-03 13:56:12 +01:00
lain 91f6c32430 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into a1batross/pleroma-patch-4 2020-11-03 13:45:09 +01:00
Haelwenn (lanodan) Monnier 179936609f
favicon: Update to pleroma logo, provided by @shpuld
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/2270
2020-11-03 09:52:17 +01:00