Commit graph

4057 commits

Author SHA1 Message Date
Alexander Strizhakov f0651730bd
Merge branch 'develop' into gun 2020-03-16 14:25:55 +03:00
Haelwenn (lanodan) Monnier 8176ca9e40 static_fe: Sanitize HTML in users 2020-03-15 20:44:04 +01:00
Haelwenn (lanodan) Monnier 0ac6e29654 static_fe: Sanitize HTML in posts
Note: Seems to have different sanitization with TwitterCard generator giving
the following:

<meta content=\"“alert(&#39;xss&#39;)”\" property=\"twitter:description\">
2020-03-15 20:44:04 +01:00
lain fa4ec17c84 Merge branch '1560-non-federating-instances-routes-restrictions' into 'develop'
[#1560] Restricted AP- & OStatus-related routes for non-federating instances

Closes #1560

See merge request pleroma/pleroma!2235
2020-03-15 19:15:20 +00:00
Haelwenn d84670b9e1 Merge branch 'f' into 'develop'
rip out fetch_initial_posts

Closes #1422 and #1595

See merge request pleroma/pleroma!2297
2020-03-15 16:14:54 +00:00
rinpatch e87a32bcd7 rip out fetch_initial_posts
Every time someone tries to use it, it goes mad and tries to scrape the
entire fediverse for no visible reason, it's better to just remove it
than continue shipping it in it's current state.

idea acked by lain and feld on irc

Closes #1595 #1422
2020-03-15 15:59:17 +03:00
Haelwenn (lanodan) Monnier 8f7bc07ebc pleroma_api_controller.ex: Improve conversations error reporting
Related: https://git.pleroma.social/pleroma/pleroma/issues/1594
2020-03-15 12:35:23 +01:00
Ivan Tashkinov ecb7809e92 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
# Conflicts:
#	lib/pleroma/plugs/static_fe_plug.ex
2020-03-14 15:37:02 +03:00
rinpatch 38f796a5c6 Merge branch 'feature/mastofe-admin-scope' into 'develop'
auth_controller.ex: Add admin scope to MastoFE

See merge request pleroma/pleroma!2256
2020-03-13 18:58:52 +00:00
rinpatch 3e0f05f08e Merge branch 'bugfix/br-vs-newline' into 'develop'
Formatting: Do not use \n and prefer <br> instead

Closes #1374 and #1375

See merge request pleroma/pleroma!2204
2020-03-13 18:22:55 +00:00
rinpatch 096c5c52e0 Merge branch 'revert/cache-control' into 'develop'
Revert "Set better Cache-Control header for static content"

Closes #1613

See merge request pleroma/pleroma!2290
2020-03-13 16:25:10 +00:00
Haelwenn (lanodan) Monnier d1379c4de8
Formatting: Do not use \n and prefer <br> instead
It moves bbcode to bbcode_pleroma as the former is owned by kaniini
and transfering ownership wasn't done in a timely manner.

Closes: https://git.pleroma.social/pleroma/pleroma/issues/1374
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1375
2020-03-13 16:07:17 +01:00
feld 802b991814 Merge branch 'exclude-posts-visible-to-admin' into 'develop'
Exclude private and direct statuses visible to the admin when using godmode

Closes #1599

See merge request pleroma/pleroma!2272
2020-03-12 20:29:51 +00:00
Alexander Strizhakov 39ed608b13
Merge branch 'develop' into gun 2020-03-12 18:31:10 +03:00
Ivan Tashkinov bd40880fa0 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
# Conflicts:
#	test/web/activity_pub/activity_pub_controller_test.exs
2020-03-12 12:07:07 +03:00
feld 2019f3b3ff Merge branch 'fix/signup-without-email' into 'develop'
Allow account registration without an email

See merge request pleroma/pleroma!2246
2020-03-11 16:53:05 +00:00
rinpatch 7cdabdc0df Merge branch 'fix/1610-release-compilation-config-fix' into 'develop'
Merging default release config on app start

Closes #1610

See merge request pleroma/pleroma!2288
2020-03-11 15:16:18 +00:00
feld f92c447bbc Merge branch 'relay-list-change' into 'develop'
Relay list shows hosts without accepted follow

See merge request pleroma/pleroma!2240
2020-03-11 15:10:09 +00:00
rinpatch c3b9fbd3a7 Revert "Set better Cache-Control header for static content"
On furher investigation it seems like all that did was cause unintuitive
behavior. The emoji request flood that was the reason for introducing it
isn't really that big of a deal either, since Plug.Static only needs to
read file modification time and size to determine the ETag.

Closes #1613
2020-03-11 17:58:25 +03:00
Alexander Strizhakov 282a93554f
merging release default config on app start 2020-03-11 16:25:53 +03:00
Ivan Tashkinov 5b696a8ac1 [#1560] Enforced authentication for non-federating instances in StaticFEController. 2020-03-11 14:05:56 +03:00
Ivan Tashkinov 972889550d Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-11 09:15:55 +03:00
Mark Felder 5af798f246 Fix enforcement of character limits 2020-03-10 13:08:00 -05:00
Ivan Tashkinov 5fc92deef3 [#1560] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring. 2020-03-09 20:51:44 +03:00
Alexander Strizhakov b2eb1124d1
Merge branch 'develop' into gun 2020-03-07 12:41:37 +03:00
Ivan Tashkinov 027714b519 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-06 11:48:30 +03:00
Ivan Tashkinov 40765875d4 [#1560] Misc. improvements in ActivityPubController federation state restrictions. 2020-03-05 21:19:21 +03:00
Alexander Strizhakov 058c9b01ac
returning, not needed 2020-03-05 18:28:04 +03:00
Alexander Strizhakov f0753eed0f
removing try block in tesla request
added mocks for tests which fail with Tesla.Mock.Error
2020-03-05 17:31:06 +03:00
eugenijm ad22e94f33 Exclude private and direct statuses visible to the admin when using godmode 2020-03-05 15:15:27 +03:00
lain 47604907c9 Merge branch 'proper_error_messages' into 'develop'
MastodonController: Return 404 errors correctly.

See merge request pleroma/pleroma!2270
2020-03-05 11:49:51 +00:00
feld 9b740cfb23 Merge branch 'exclude-reblogs-from-admin-api-by-default' into 'develop'
Exclude reblogs from `GET /api/pleroma/admin/statuses` by default

Closes #1596

See merge request pleroma/pleroma!2267
2020-03-04 18:22:37 +00:00
lain 4bce13fa2f MastodonController: Return 404 errors correctly. 2020-03-04 18:09:06 +01:00
lain 6f7a8c43a2 Merge branch 'fix/no-email-no-fail' into 'develop'
Do not fail when user has no email

See merge request pleroma/pleroma!2249
2020-03-04 12:43:06 +00:00
Alexander Strizhakov 22d52f5691
same copyright date format 2020-03-04 09:41:23 +03:00
Mark Felder 4427161ca3 Merge branch 'develop' into gun 2020-03-03 17:15:49 -06:00
Mark Felder 05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Ivan Tashkinov b6fc98d9cd [#1560] ActivityPubController federation state restrictions adjustments. Adjusted tests. 2020-03-03 22:22:02 +03:00
Alexander Strizhakov 509c81e4b1
Merge branch 'develop' into gun 2020-03-03 10:08:07 +03:00
Ivan Tashkinov 99a6c660a9 Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions 2020-03-02 18:41:12 +03:00
eugenijm 7af431c150 Exclude reblogs from GET /api/pleroma/admin/statuses by default 2020-03-02 16:47:31 +03:00
Egor Kislitsyn 4a45b96a91
Merge branch 'develop' into fix/signup-without-email 2020-03-02 15:35:49 +04:00
Haelwenn 764a50f8a6 Merge branch 'feature/1482-activity_pub_transactions' into 'develop'
ActivityPub actions & side-effects in transaction

Closes #1482

See merge request pleroma/pleroma!2089
2020-03-02 07:58:01 +00:00
Alexander Strizhakov cc98d010ed
relay list shows hosts without accepted follow 2020-03-02 09:27:20 +03:00
Haelwenn (lanodan) Monnier 6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Alexander Strizhakov d9e4b77f8b
Merge branch 'develop' into gun 2020-03-01 12:48:49 +03:00
Alexander Strizhakov 34f1d09f3a
spec fix 2020-03-01 12:01:39 +03:00
Alexander Strizhakov 32d1e04817
ActivityPub actions & side-effects in transaction 2020-03-01 12:01:39 +03:00
rinpatch b5465bf385 timeline controller: add a TODO for replacing copypaste with a macro 2020-03-01 02:03:46 +03:00
rinpatch ffcebe7e22 timeline controller: rate limit timelines to 3 requests per 500ms per timeline per ip/user 2020-03-01 01:13:08 +03:00