Commit Graph

2575 Commits

Author SHA1 Message Date
William Pitcock
312676f711 user: fix user.info lookup in User.locked?() 2018-11-20 18:41:44 +00:00
lain
2887f4ff1d Fix formatter tests. 2018-11-20 19:07:01 +01:00
lain
fbb70d25fe Several twitter api fixes. 2018-11-18 22:36:47 +01:00
lain
40d9d2098c Fix user updating from AP. 2018-11-18 22:15:03 +01:00
lain
cafa15131a Mix format. 2018-11-18 21:41:35 +01:00
lain
4c918392c6 Fix most User tests. 2018-11-18 21:40:52 +01:00
lain
e7cd6e9739 Fix setting of keys. 2018-11-18 19:33:43 +01:00
lain
fc3bcf335e Fix following locked users. 2018-11-18 18:53:50 +01:00
lain
d5af41b577 Fix note count update. 2018-11-18 18:52:21 +01:00
lain
6f90ceb2ed Fix follower count test. 2018-11-18 18:49:17 +01:00
lain
8e3d8bde04 Fix user deactivation test. 2018-11-18 18:40:58 +01:00
lain
812f5b058a Fix blocking. 2018-11-18 18:40:31 +01:00
lain
756764266c Formatting. 2018-11-18 18:27:04 +01:00
lain
b396dba425 Fix follower count setting. 2018-11-18 18:24:16 +01:00
lain
5c8f07f0a8 Fix note counting. 2018-11-18 18:17:56 +01:00
lain
47d883d3ab Fix User deactivation. 2018-11-18 18:06:02 +01:00
lain
50585d051b Add User.Info module
To validate and mutate the user.info field.
2018-11-18 18:04:42 +01:00
lambda
5143501426 Merge branch 'security/as2-object-render-hardening' into 'develop'
activitypub: object view: avoid leaking private details

See merge request pleroma/pleroma!463
2018-11-17 22:43:45 +00:00
William Pitcock
f6be980f4f activitypub: object view: avoid leaking private details 2018-11-17 22:30:53 +00:00
lambda
b471344b63 Merge branch 'bugfix/notice-urls-should-return-objects' into 'develop'
ostatus controller: respond with AS2 objects instead of activities to notice URIs

Closes #289 and #383

See merge request pleroma/pleroma!462
2018-11-17 22:20:08 +00:00
William Pitcock
98795172a7 ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 22:10:15 +00:00
lambda
d73c7cc0ca Merge branch 'security/spoofing-hardening' into 'develop'
security: spoofing hardening

Closes #380, #381, and #382

See merge request pleroma/pleroma!461
2018-11-17 21:52:51 +00:00
William Pitcock
e10f839e9b tests: federator: fix formatting 2018-11-17 21:41:08 +00:00
William Pitcock
dfcfb184b1 activitypub: transmogrifier: make deletes secure 2018-11-17 21:22:57 +00:00
William Pitcock
b1a6e8d80d test: add sanity tests for federator handling of AP docs 2018-11-17 21:01:19 +00:00
William Pitcock
0d1375f274 federator: return :ok or :error depending on if an AP doc was accepted or not 2018-11-17 21:00:37 +00:00
William Pitcock
3d9266a8cb federator: do origin containment when processing inbound messages 2018-11-17 20:43:43 +00:00
William Pitcock
55640c4804 tests: add a test to verify the general fake direction protection works in all cases 2018-11-17 20:31:20 +00:00
William Pitcock
dc1d8e13b4 tests: add a testcase for user collision 2018-11-17 20:20:45 +00:00
William Pitcock
c88533209c activitypub: user fetching: use fetch_and_contain_remote_object_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock
1a940cb46e tests: add tests for contain_origin_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock
daa8ec3d62 activitypub: factor out AP object fetching to it's own function and add ID-based containment 2018-11-17 20:15:59 +00:00
lambda
a960983815 Merge branch 'security/actor-containment' into 'develop'
security hotfix: actor containment

See merge request pleroma/pleroma!460
2018-11-17 18:33:09 +00:00
William Pitcock
b483ae0a72 tests: add a second spoofing variant 2018-11-17 18:25:32 +00:00
William Pitcock
603fccf175 activitypub: fetch_object_from_id(): prefer actor over attributedTo to avoid spoofing 2018-11-17 18:17:17 +00:00
William Pitcock
9c8adfb6ef test: fix more test defects 2018-11-17 18:16:55 +00:00
William Pitcock
d9cb081f07 tests: add additional spoofing tests 2018-11-17 18:12:11 +00:00
William Pitcock
2ab8e28728 transmogrifier tests: fix defective spoofing test 2018-11-17 18:11:46 +00:00
William Pitcock
010fcb73d7 test: httpoison mock: add second spoofing activity test 2018-11-17 18:11:17 +00:00
kaniini
05967472f2 Merge branch 'feature/uploader-mdii' into 'develop'
Feature / MDII Uploader

See merge request pleroma/pleroma!454
2018-11-17 16:41:09 +00:00
hakabahitoyo
59e079f641 fallbacking into local uploader 2018-11-17 20:16:25 +09:00
hakabahitoyo
8fd0556c78 better config reading 2018-11-17 18:14:42 +09:00
kaniini
e4f57f89de Merge branch 'bugfix/dm-timeline-scope' into 'develop'
TwitterAPI: Fix dm_timeline displaying only half of the conversation.

See merge request pleroma/pleroma!457
2018-11-16 23:34:43 +00:00
lain
f87b315618 TwitterAPI: Fix dm_timeline displaying only half of the conversation. 2018-11-16 19:47:36 +01:00
lambda
2f639ea129 Merge branch 'feature/pleromafe-usersearch' into 'develop'
Add Twitter / Pleroma API user search

See merge request pleroma/pleroma!452
2018-11-16 18:13:47 +00:00
kaniini
38f76d964f Merge branch 'bugfix/csp-remove-form-action' into 'develop'
http security: remove form-action from CSP definitions

Closes #379

See merge request pleroma/pleroma!456
2018-11-16 17:47:22 +00:00
William Pitcock
c07464607d http security: remove form-action from CSP definitions 2018-11-16 17:40:21 +00:00
lain
e8d8c84f79 Add better test for user search functionlity. 2018-11-16 18:31:32 +01:00
lambda
4ad0432565 Merge branch 'fix/test' into 'develop'
Reset http security settings to fix plug test

See merge request pleroma/pleroma!455
2018-11-16 15:52:38 +00:00
AkiraFukushima
62944b47fb Reset http security settings to fix plug test 2018-11-17 00:45:21 +09:00