Commit Graph

1876 Commits

Author SHA1 Message Date
rinpatch
ba21d515d6 Mastodon API: Fix thread mute detection
It was calling CommonAPI.thread_muted? with post author's account
instead of viewer's one.
2019-08-14 01:50:21 +00:00
rinpatch
dcd30e3ceb Mastodon API: Set follower/following counters to 0 when hiding
followers/following is enabled

We are already doing that in AP representation, so I think we should do
it here as well for consistency.
2019-08-14 01:50:21 +00:00
rinpatch
2c2c075fd6 Disallow following locked accounts over OStatus 2019-07-31 20:08:59 +00:00
Ariadne Conill
59e60c6db1 ostatus: explicitly disallow protocol downgrade from activitypub
This closes embargoed bug #1135.
2019-07-31 18:57:52 +00:00
Ariadne Conill
f685e887b3 transmogrifier: use User.delete() instead of handrolled user deletion code for remote users
Closes #1104
2019-07-28 23:09:55 +00:00
rinpatch
6a35c151c6 Fix not being able to pin unlisted posts
Closes #1038
2019-07-28 22:39:10 +00:00
Sachin Joshi
1e5d889aec preserve the original path/filename (no encoding/decoding) for proxy 2019-07-28 22:37:18 +00:00
Sachin Joshi
ccafecf9be try to always match the filename for proxy url 2019-07-28 22:36:42 +00:00
lain
ed639376ac Mastodon Controller: Fix tests. 2019-07-28 22:33:17 +00:00
lain
8123578bf8 Status View: Poll ids are strings.
All ids in mastodon are strings, in general.
2019-07-28 22:33:09 +00:00
Ariadne Conill
f1147a3d7f fix backport 2019-07-14 20:02:39 +00:00
Haelwenn (lanodan) Monnier
c51b2abead HttpRequestMock: Add 404s on OStatus fetching for info.pleroma.site 2019-07-14 20:00:48 +00:00
Haelwenn (lanodan) Monnier
3e298cc85a HttpRequestMock: Add missing mocks for object containment tests 2019-07-14 20:00:17 +00:00
Ariadne Conill
cdf2ff8176 nodeinfo: implement MRF transparency exclusions 2019-07-14 19:31:55 +00:00
Haelwenn (lanodan) Monnier
1c79ec2c08 FetcherTest: Containment refute called(OStatus.fetch_activity_from_url) 2019-07-14 19:30:34 +00:00
Ariadne Conill
5e9befc7d4 tests: fix object containment violations in the transmogrifier tests
Some objects were not completely rewritten in the tests, which caused object
containment violations.  Fix them by rewriting the object IDs to be in an
appropriate namespace.
2019-07-14 19:29:15 +00:00
Ariadne Conill
6d715b7702 security: detect object containment violations at the IR level
It is more efficient to check for object containment violations at the IR
level instead of in the protocol handlers.  OStatus containment is especially
a tricky situation, as the containment rules don't match those of IR and
ActivityPub.

Accordingly, we just always do a final containment check at the IR level
before the object is added to the IR object graph.
2019-07-14 19:28:47 +00:00
kaniini
0369a5db16 Merge branch 'idempotency-plug' into 'develop'
Add IdempotencyPlug and use it in all of the api

Closes #1003

See merge request pleroma/pleroma!1339
2019-06-27 04:20:17 +00:00
Alexander Strizhakov
c6705144a2 don't delete config settings on admin update 2019-06-27 04:19:44 +00:00
Egor Kislitsyn
889a9c3a3f Polish IdempotencyPlug 2019-06-27 01:53:58 +07:00
Egor Kislitsyn
825077a5b0 Add Idempotency plug 2019-06-26 18:36:58 +07:00
Sergey Suprunenko
d53fb55bb7 Return correct response when reply to a direct message is not direct itself 2019-06-26 10:59:27 +00:00
Maksim Pechnikov
4ad15ad2a9 add ignore hosts and TLDs for rich_media 2019-06-25 22:25:37 +03:00
Maksim Pechnikov
0cb8e710fb add test 2019-06-25 18:06:08 +03:00
Maksim
a0c4ebb4d7 [#184] small refactoring reset password 2019-06-24 19:01:56 +00:00
Sergey Suprunenko
2c63c67512 Rework user deletion 2019-06-24 18:59:12 +00:00
Eugenij
f2c03425b0 Broadcast conversation update when DM is deleted 2019-06-24 07:14:04 +00:00
kaniini
27b9605de0 Merge branch 'rich_media_titles_two' into 'develop'
Rich media titles two

See merge request pleroma/pleroma!1325
2019-06-23 05:43:11 +00:00
Alex S
b37ede5df3 log capturing 2019-06-23 08:16:28 +03:00
Alex S
982cad0268 support for config groups 2019-06-23 08:16:16 +03:00
Alex S
410add1c30 support for tuples with more than 2 values 2019-06-22 17:30:53 +03:00
lain
0e415921cd Rich Media Parser: Do not return just a title if nothing else is there. 2019-06-22 16:22:59 +02:00
lain
58c4d5312b Revert "Revert "Merge branch 'fix/ogp-title' into 'develop'""
This reverts commit b6af80f769.
2019-06-22 15:12:57 +02:00
Alex S
f0fccb7578 fix for int and modules 2019-06-22 09:01:30 +03:00
kaniini
55742d978d Merge branch 'feature/mrf-anti-link-spam' into 'develop'
implement anti link spam MRF

See merge request pleroma/pleroma!1307
2019-06-21 22:56:54 +00:00
kaniini
e3534f5b3c Merge branch 'oauth_secure_redirect' into 'develop'
OAuth security improvements (`redirect_uri` listing enforcement)

See merge request pleroma/pleroma!1302
2019-06-21 22:31:12 +00:00
kaniini
720412bf24 Merge branch 'revert-6f5a0cc1' into 'develop'
Revert "Merge branch 'fix/ogp-title' into 'develop'"

See merge request pleroma/pleroma!1317
2019-06-21 22:28:46 +00:00
feld
b6af80f769 Revert "Merge branch 'fix/ogp-title' into 'develop'"
This reverts merge request !1277
2019-06-21 11:36:32 +00:00
Egor Kislitsyn
fc6e661672 Fix rate limiter tests 2019-06-21 16:47:16 +07:00
Alexander Strizhakov
32320c1ee9 Fixes for dynamic configuration 2019-06-20 17:43:57 +00:00
William Pitcock
21dacd4b15 unbreak polls 2019-06-19 16:33:49 +00:00
William Pitcock
736d8ad6be implement anti link spam MRF 2019-06-19 15:58:32 +00:00
Alexander Strizhakov
e4fa6b99ac aliases for mix tasks
ecto.migrate
ecto.rollback
2019-06-19 10:33:33 +00:00
lain
5c6c4ce634 Merge branch 'fix/rich-media-hashtags-again' into 'develop'
Rich Media: Skip Microformats hashtags

See merge request pleroma/pleroma!1304
2019-06-19 08:48:41 +00:00
rinpatch
035368d363 Rich Media: Skip Microformats hashtags
When fixing this problem I incorrectly assumed a.hashtag is
the proper way for detecting hashtags, but it is just something Pleroma and
Mastodon add. Per microformats it should be detected by the presense of rel=tag.

This MR adds a check for rel=tag, but I still left a.hashtag just in case
2019-06-19 00:46:30 +03:00
Ivan Tashkinov
9f45f93949 Added more redirect_uri checks to prevent redirect to not explicitly listed URI. 2019-06-18 17:00:49 +03:00
rinpatch
c7acca2abb Mastodon API: Sanitize display names
Closes #1000
2019-06-18 14:12:11 +03:00
rinpatch
49a49d3763 Merge branch 'removing-test-errors' into 'develop'
Removing test errors

See merge request pleroma/pleroma!1296
2019-06-17 14:16:23 +00:00
Haelwenn
c34327b22e Merge branch 'fix/sanitize-report-content' into 'develop'
Sanitize HTML in ReportView

Closes #990

See merge request pleroma/pleroma!1293
2019-06-16 18:05:00 +00:00
Alex S
2e2edcb461 capturing errors 2019-06-16 20:10:12 +08:00