Browse Source
Merge branch 'mergeback/2.3.0' into 'develop'
Mergeback/2.3.0 See merge request pleroma/pleroma!3360add-assets-to-static-file-constants
lain
3 years ago
5 changed files with 39 additions and 45 deletions
Split View
Diff Options
-
+10 -4CHANGELOG.md
-
+9 -17lib/pleroma/reverse_proxy.ex
-
+2 -2mix.exs
-
+1 -1mix.lock
-
+17 -21test/pleroma/reverse_proxy_test.exs
+ 10
- 4
CHANGELOG.md
View File
| @@ -6,6 +6,16 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). | |||
| ## Unreleased | |||
| - The `application` metadata returned with statuses is no longer hardcoded. Apps that want to display these details will now have valid data for new posts after this change. | |||
| ## Unreleased (Patch) | |||
| ## [2.3.0] - 2020-03-01 | |||
| ### Security | |||
| - Fixed client user agent leaking through MediaProxy | |||
| ### Removed | |||
| - `:auth, :enforce_oauth_admin_scope_usage` configuration option. | |||
| @@ -59,7 +69,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). | |||
| - Ability to define custom HTTP headers per each frontend | |||
| - MRF (`NoEmptyPolicy`): New MRF Policy which will deny empty statuses or statuses of only mentions from being created by local users | |||
| - New users will receive a simple email confirming their registration if no other emails will be dispatched. (e.g., Welcome, Confirmation, or Approval Required) | |||
| - The `application` metadata returned with statuses is no longer hardcoded. Apps that want to display these details will now have valid data for new posts after this change. | |||
| <details> | |||
| <summary>API Changes</summary> | |||
| @@ -99,9 +108,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). | |||
| - Mastodon API: Support for expires_in/expires_at in the Filters. | |||
| </details> | |||
| ## Unreleased (Patch) | |||
| ## [2.2.2] - 2020-01-18 | |||
| ### Fixed | |||
+ 9
- 17
lib/pleroma/reverse_proxy.ex
View File
| @@ -4,7 +4,7 @@ | |||
| defmodule Pleroma.ReverseProxy do | |||
| @range_headers ~w(range if-range) | |||
| @keep_req_headers ~w(accept user-agent accept-encoding cache-control if-modified-since) ++ | |||
| @keep_req_headers ~w(accept accept-encoding cache-control if-modified-since) ++ | |||
| ~w(if-unmodified-since if-none-match) ++ @range_headers | |||
| @resp_cache_headers ~w(etag date last-modified) | |||
| @keep_resp_headers @resp_cache_headers ++ | |||
| @@ -57,9 +57,6 @@ defmodule Pleroma.ReverseProxy do | |||
| * `false` will add `content-disposition: attachment` to any request, | |||
| * a list of whitelisted content types | |||
| * `keep_user_agent` will forward the client's user-agent to the upstream. This may be useful if the upstream is | |||
| doing content transformation (encoding, …) depending on the request. | |||
| * `req_headers`, `resp_headers` additional headers. | |||
| * `http`: options for [hackney](https://github.com/benoitc/hackney) or [gun](https://github.com/ninenines/gun). | |||
| @@ -84,8 +81,7 @@ defmodule Pleroma.ReverseProxy do | |||
| import Plug.Conn | |||
| @type option() :: | |||
| {:keep_user_agent, boolean} | |||
| | {:max_read_duration, :timer.time() | :infinity} | |||
| {:max_read_duration, :timer.time() | :infinity} | |||
| | {:max_body_length, non_neg_integer() | :infinity} | |||
| | {:failed_request_ttl, :timer.time() | :infinity} | |||
| | {:http, []} | |||
| @@ -291,17 +287,13 @@ defmodule Pleroma.ReverseProxy do | |||
| end | |||
| end | |||
| defp build_req_user_agent_header(headers, opts) do | |||
| if Keyword.get(opts, :keep_user_agent, false) do | |||
| List.keystore( | |||
| headers, | |||
| "user-agent", | |||
| 0, | |||
| {"user-agent", Pleroma.Application.user_agent()} | |||
| ) | |||
| else | |||
| headers | |||
| end | |||
| defp build_req_user_agent_header(headers, _opts) do | |||
| List.keystore( | |||
| headers, | |||
| "user-agent", | |||
| 0, | |||
| {"user-agent", Pleroma.Application.user_agent()} | |||
| ) | |||
| end | |||
| defp build_resp_headers(headers, opts) do | |||
+ 2
- 2
mix.exs
View File
| @@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do | |||
| def project do | |||
| [ | |||
| app: :pleroma, | |||
| version: version("2.2.50"), | |||
| version: version("2.3.50"), | |||
| elixir: "~> 1.9", | |||
| elixirc_paths: elixirc_paths(Mix.env()), | |||
| compilers: [:phoenix, :gettext] ++ Mix.compilers(), | |||
| @@ -157,7 +157,7 @@ defmodule Pleroma.Mixfile do | |||
| {:floki, "~> 0.27"}, | |||
| {:timex, "~> 3.6"}, | |||
| {:ueberauth, "~> 0.4"}, | |||
| {:linkify, "~> 0.4.1"}, | |||
| {:linkify, "~> 0.5.0"}, | |||
| {:http_signatures, "~> 0.1.0"}, | |||
| {:telemetry, "~> 0.3"}, | |||
| {:poolboy, "~> 1.5"}, | |||
+ 1
- 1
mix.lock
View File
| @@ -65,7 +65,7 @@ | |||
| "jose": {:hex, :jose, "1.10.1", "16d8e460dae7203c6d1efa3f277e25b5af8b659febfc2f2eb4bacf87f128b80a", [:mix, :rebar3], [], "hexpm", "3c7ddc8a9394b92891db7c2771da94bf819834a1a4c92e30857b7d582e2f8257"}, | |||
| "jumper": {:hex, :jumper, "1.0.1", "3c00542ef1a83532b72269fab9f0f0c82bf23a35e27d278bfd9ed0865cecabff", [:mix], [], "hexpm", "318c59078ac220e966d27af3646026db9b5a5e6703cb2aa3e26bcfaba65b7433"}, | |||
| "libring": {:hex, :libring, "1.4.0", "41246ba2f3fbc76b3971f6bce83119dfec1eee17e977a48d8a9cfaaf58c2a8d6", [:mix], [], "hexpm"}, | |||
| "linkify": {:hex, :linkify, "0.4.1", "f881eb3429ae88010cf736e6fb3eed406c187bcdd544902ec937496636b7c7b3", [:mix], [], "hexpm", "ce98693f54ae9ace59f2f7a8aed3de2ef311381a8ce7794804bd75484c371dda"}, | |||
| "linkify": {:hex, :linkify, "0.5.0", "e0ea8de73ff44742d6a889721221f4c4eccaad5284957ee9832ffeb347602d54", [:mix], [], "hexpm", "4ccd958350aee7c51c89e21f05b15d30596ebbba707e051d21766be1809df2d7"}, | |||
| "majic": {:git, "https://git.pleroma.social/pleroma/elixir-libraries/majic.git", "289cda1b6d0d70ccb2ba508a2b0bd24638db2880", [ref: "289cda1b6d0d70ccb2ba508a2b0bd24638db2880"]}, | |||
| "makeup": {:hex, :makeup, "1.0.3", "e339e2f766d12e7260e6672dd4047405963c5ec99661abdc432e6ec67d29ef95", [:mix], [{:nimble_parsec, "~> 0.5", [hex: :nimble_parsec, repo: "hexpm", optional: false]}], "hexpm", "2e9b4996d11832947731f7608fed7ad2f9443011b3b479ae288011265cdd3dad"}, | |||
| "makeup_elixir": {:hex, :makeup_elixir, "0.14.1", "4f0e96847c63c17841d42c08107405a005a2680eb9c7ccadfd757bd31dabccfb", [:mix], [{:makeup, "~> 1.0", [hex: :makeup, repo: "hexpm", optional: false]}], "hexpm", "f2438b1a80eaec9ede832b5c41cd4f373b38fd7aa33e3b22d9db79e640cbde11"}, | |||
+ 17
- 21
test/pleroma/reverse_proxy_test.exs
View File
| @@ -18,24 +18,23 @@ defmodule Pleroma.ReverseProxyTest do | |||
| setup :verify_on_exit! | |||
| defp user_agent_mock(user_agent, invokes) do | |||
| json = Jason.encode!(%{"user-agent": user_agent}) | |||
| defp request_mock(invokes) do | |||
| ClientMock | |||
| |> expect(:request, fn :get, url, _, _, _ -> | |||
| |> expect(:request, fn :get, url, headers, _body, _opts -> | |||
| Registry.register(ClientMock, url, 0) | |||
| body = headers |> Enum.into(%{}) |> Jason.encode!() | |||
| {:ok, 200, | |||
| [ | |||
| {"content-type", "application/json"}, | |||
| {"content-length", byte_size(json) |> to_string()} | |||
| ], %{url: url}} | |||
| {"content-length", byte_size(body) |> to_string()} | |||
| ], %{url: url, body: body}} | |||
| end) | |||
| |> expect(:stream_body, invokes, fn %{url: url} = client -> | |||
| |> expect(:stream_body, invokes, fn %{url: url, body: body} = client -> | |||
| case Registry.lookup(ClientMock, url) do | |||
| [{_, 0}] -> | |||
| Registry.update_value(ClientMock, url, &(&1 + 1)) | |||
| {:ok, json, client} | |||
| {:ok, body, client} | |||
| [{_, 1}] -> | |||
| Registry.unregister(ClientMock, url) | |||
| @@ -46,7 +45,7 @@ defmodule Pleroma.ReverseProxyTest do | |||
| describe "reverse proxy" do | |||
| test "do not track successful request", %{conn: conn} do | |||
| user_agent_mock("hackney/1.15.1", 2) | |||
| request_mock(2) | |||
| url = "/success" | |||
| conn = ReverseProxy.call(conn, url) | |||
| @@ -56,18 +55,15 @@ defmodule Pleroma.ReverseProxyTest do | |||
| end | |||
| end | |||
| describe "user-agent" do | |||
| test "don't keep", %{conn: conn} do | |||
| user_agent_mock("hackney/1.15.1", 2) | |||
| conn = ReverseProxy.call(conn, "/user-agent") | |||
| assert json_response(conn, 200) == %{"user-agent" => "hackney/1.15.1"} | |||
| end | |||
| test "use Pleroma's user agent in the request; don't pass the client's", %{conn: conn} do | |||
| request_mock(2) | |||
| test "keep", %{conn: conn} do | |||
| user_agent_mock(Pleroma.Application.user_agent(), 2) | |||
| conn = ReverseProxy.call(conn, "/user-agent-keep", keep_user_agent: true) | |||
| assert json_response(conn, 200) == %{"user-agent" => Pleroma.Application.user_agent()} | |||
| end | |||
| conn = | |||
| conn | |||
| |> Plug.Conn.put_req_header("user-agent", "fake/1.0") | |||
| |> ReverseProxy.call("/user-agent") | |||
| assert json_response(conn, 200) == %{"user-agent" => Pleroma.Application.user_agent()} | |||
| end | |||
| test "closed connection", %{conn: conn} do | |||
| @@ -114,7 +110,7 @@ defmodule Pleroma.ReverseProxyTest do | |||
| describe "max_body" do | |||
| test "length returns error if content-length more than option", %{conn: conn} do | |||
| user_agent_mock("hackney/1.15.1", 0) | |||
| request_mock(0) | |||
| assert capture_log(fn -> | |||
| ReverseProxy.call(conn, "/huge-file", max_body_length: 4) | |||