Commit graph

2190 commits

Author SHA1 Message Date
shibayashi d035566116
installation/pleroma.nginx: Add 'always' to the security headers, so that they are included regardless of the status code 2018-08-29 19:00:40 +02:00
Haelwenn b11746726e Merge branch 'fix-mastodon-notifications-without-nickname' into 'develop'
Fix Mastodon API when actor's nickname is null

See merge request pleroma/pleroma!308
2018-08-29 14:43:45 +00:00
href ddc6f32b75
Fix Mastodon API when actor's nickname is null 2018-08-29 16:32:50 +02:00
William Pitcock cce9d008f9 streamer: contain list updates in the same way as we do with the database query 2018-08-29 09:23:05 +00:00
William Pitcock ded9091206 mastodon api: use bounded AP object graph query to enforce containment of private statuses 2018-08-29 08:51:51 +00:00
William Pitcock 643fae6e36 activitypub: allow querying the activity/object graph bounded to a specific to/cc set 2018-08-29 08:51:23 +00:00
William Pitcock 9cac7c957c test: add testcase proving lists system does not leak non-public posts 2018-08-29 08:50:23 +00:00
William Pitcock 40ea07cd2f migrations: add migration to fill in recipients_to/recipients_cc fields 2018-08-29 08:43:24 +00:00
William Pitcock 81673b8136 activity: add recipients_to and recipients_cc fields 2018-08-29 08:42:33 +00:00
Thurloat d424e9fa5f fix S3 ref in sample config to generate proper path. 2018-08-28 23:49:23 -03:00
Thurloat ab9e5d64d6 add a sample swift config 2018-08-28 22:39:33 -03:00
Thurloat 2ff25ac0ce A hobbldey-working swift client.
apparently, all elixir openstack libraries are trash
luckily, the APIs are stupid easy.
2018-08-28 22:32:24 -03:00
shibayashi 64388c420a
installation/pleroma-apache.conf: Add TLS configuration and security headers 2018-08-29 01:29:04 +02:00
shibayashi 3487e15963
installation/pleroma.vcl: Add HTTP security headers 2018-08-29 01:28:10 +02:00
shibayashi 82e661cd07
installation/caddyfile-pleroma.example: Add Content-Security-Policy 2018-08-29 01:16:13 +02:00
Thurloat 9fc20ed572 works now, tested with profile photo upload on local backend. 2018-08-28 20:04:26 -03:00
Thurloat dad39b24a1 add the behaviour, work on actually making it work. 2018-08-28 19:48:03 -03:00
shibayashi 18ad8aaecf
Explicitly set 'http_only' to true 2018-08-28 22:34:31 +02:00
Haelwenn (lanodan) Monnier 0fd2eaf7af
installation/pleroma.nginx: Add Content-Security-Policy
Closes: https://git.pleroma.social/pleroma/pleroma/issues/266
2018-08-28 20:54:50 +02:00
Thurloat 8d2d7a8859 Implement uploader behaviour
run formatter <#
2018-08-28 09:57:41 -03:00
shibayashi 4656a07e9e
Set SameSite flag to 'Strict' 2018-08-28 14:03:29 +02:00
Hakaba Hitoyo 6cbfb5ab5d use media proxy for suggestions api 2018-08-28 17:01:17 +09:00
Thurloat 0df558a6a5 cleaning up a bit. 2018-08-27 22:45:53 -03:00
Thurloat 709816a0f8 example of flexible storage backends 2018-08-27 22:20:54 -03:00
kaniini 49b165ddc6 Merge branch 'feature/s3' into 'develop'
S3 support

Closes #65

See merge request pleroma/pleroma!303
2018-08-28 00:29:49 +00:00
William Pitcock d22f66655b upload: formatting 2018-08-28 00:25:30 +00:00
William Pitcock 1596185ac6 upload: add the S3 support itself 2018-08-28 00:18:44 +00:00
William Pitcock 03c35e579b sample config: add S3 public endpoint option 2018-08-28 00:18:24 +00:00
William Pitcock 86c007ddd2 upload: strip exif data before finalizing the file path 2018-08-27 23:36:30 +00:00
William Pitcock e95d958b52 sample config: show how amazon s3 support is activated, including third-party clones like wasabi 2018-08-27 23:30:53 +00:00
William Pitcock 4e4b1016ab mix: add ex_aws and ex_aws_s3 dependencies 2018-08-27 23:24:35 +00:00
shibayashi 0c4493f144
Fix formatting 2018-08-28 00:47:34 +02:00
shibayashi b9a642da1e
Add Secure and SameSite cookie flags 2018-08-28 00:40:58 +02:00
Henry Jameson 0f1c629d65 better solution, added test. 2018-08-27 17:07:26 +03:00
Haelwenn (lanodan) Monnier 6973b77e94
[Pleroma.Web.MastodonAPI.FilterView] fix expires_at being a unsafe variable 2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier 9bddb39ff0
[Pleroma.Web.MastodonAPI.FilterView]: expires_at should be null when N/A 2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier d571a571fe
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.4.3 2018-08-27 15:09:06 +02:00
Haelwenn (lanodan) Monnier 6e030129fb
[MastodonAPI] Add filters 2018-08-27 15:09:05 +02:00
Haelwenn (lanodan) Monnier a5adb251ab
[Pleroma.Web.MastodonAPI.AccountView]: Add fields support 2018-08-27 15:09:05 +02:00
Haelwenn (lanodan) Monnier d008f2d69c
[Pleroma.Web.MastodonAPI.AccountView]: Add bot field 2018-08-27 15:09:04 +02:00
Haelwenn (lanodan) Monnier 97e20d2932
[MastodonAPI] the tag field isn’t fixed to a static type in pleroma 2018-08-27 15:08:25 +02:00
Haelwenn (lanodan) Monnier 83efaa3af6
[MastodonAPI] Add streaming of hashtags 2018-08-27 15:08:25 +02:00
William Pitcock 5ffaa2bf69 Revert "enable scope options and such"
This reverts commit e5642d7566.
2018-08-27 10:49:12 +00:00
William Pitcock e5642d7566 enable scope options and such 2018-08-27 10:46:01 +00:00
William Pitcock 5dd6542db5 formatting 2018-08-27 10:46:01 +00:00
William Pitcock 1089d3658e user: fix up notification last calculation [NOT related to upstream] 2018-08-27 10:46:01 +00:00
lambda 46c7c2380c Merge branch 'feature/relay' into 'develop'
message relay

Closes #144

See merge request pleroma/pleroma!264
2018-08-27 08:29:25 +00:00
lambda 440b459cd1 Merge branch 'bugfix/announce-timeline-flooding' into 'develop'
activitypub: filter destination list for announce activities differently than normal (closes #164)

Closes #164

See merge request pleroma/pleroma!227
2018-08-27 08:25:27 +00:00
kaniini 63094cfd3e Merge branch 'feature/emoji-in-local-users' into 'develop'
Add emoji to local user profiles.

Closes #202

See merge request pleroma/pleroma!271
2018-08-26 23:24:41 +00:00
William Pitcock 86dca39640 tests: fix formatting 2018-08-26 23:19:45 +00:00