Commit Graph

1839 Commits

Author SHA1 Message Date
kaniini
e3534f5b3c Merge branch 'oauth_secure_redirect' into 'develop'
OAuth security improvements (`redirect_uri` listing enforcement)

See merge request pleroma/pleroma!1302
2019-06-21 22:31:12 +00:00
kaniini
720412bf24 Merge branch 'revert-6f5a0cc1' into 'develop'
Revert "Merge branch 'fix/ogp-title' into 'develop'"

See merge request pleroma/pleroma!1317
2019-06-21 22:28:46 +00:00
feld
b6af80f769 Revert "Merge branch 'fix/ogp-title' into 'develop'"
This reverts merge request !1277
2019-06-21 11:36:32 +00:00
Egor Kislitsyn
fc6e661672 Fix rate limiter tests 2019-06-21 16:47:16 +07:00
Alexander Strizhakov
32320c1ee9 Fixes for dynamic configuration 2019-06-20 17:43:57 +00:00
Alexander Strizhakov
e4fa6b99ac aliases for mix tasks
ecto.migrate
ecto.rollback
2019-06-19 10:33:33 +00:00
lain
5c6c4ce634 Merge branch 'fix/rich-media-hashtags-again' into 'develop'
Rich Media: Skip Microformats hashtags

See merge request pleroma/pleroma!1304
2019-06-19 08:48:41 +00:00
rinpatch
035368d363 Rich Media: Skip Microformats hashtags
When fixing this problem I incorrectly assumed a.hashtag is
the proper way for detecting hashtags, but it is just something Pleroma and
Mastodon add. Per microformats it should be detected by the presense of rel=tag.

This MR adds a check for rel=tag, but I still left a.hashtag just in case
2019-06-19 00:46:30 +03:00
Ivan Tashkinov
9f45f93949 Added more redirect_uri checks to prevent redirect to not explicitly listed URI. 2019-06-18 17:00:49 +03:00
rinpatch
c7acca2abb Mastodon API: Sanitize display names
Closes #1000
2019-06-18 14:12:11 +03:00
rinpatch
49a49d3763 Merge branch 'removing-test-errors' into 'develop'
Removing test errors

See merge request pleroma/pleroma!1296
2019-06-17 14:16:23 +00:00
Haelwenn
c34327b22e Merge branch 'fix/sanitize-report-content' into 'develop'
Sanitize HTML in ReportView

Closes #990

See merge request pleroma/pleroma!1293
2019-06-16 18:05:00 +00:00
Alex S
2e2edcb461 capturing errors 2019-06-16 20:10:12 +08:00
Alex S
0f59265a50 salmon fix
removed some ownership sandbox error
2019-06-16 20:10:12 +08:00
Maksim
a04bf131e0 [#570] add user:notification stream 2019-06-16 10:33:25 +00:00
rinpatch
bf6aa6f1a8 Fix report content stopping to be nullable 2019-06-16 13:06:12 +03:00
rinpatch
44de34d170 Credo fixes 2019-06-16 01:35:45 +03:00
rinpatch
e943905bd7 Add tests for report view 2019-06-16 01:30:14 +03:00
kaniini
52b1b0e45d Merge branch '963_oob_oauth_redirect_fix' into 'develop'
[#963] No redirect on OOB OAuth authorize request with existing authorization

See merge request pleroma/pleroma!1276
2019-06-15 13:45:50 +00:00
lain
a440cf856d Mastodon API: Return the token needed for the chat. 2019-06-15 10:59:35 +02:00
rinpatch
62ffc00a5d Merge branch 'feature/add-background-image-to-mastoapi' into 'develop'
AccountView: Add user background.

See merge request pleroma/pleroma!1280
2019-06-14 16:49:28 +00:00
Alexander Strizhakov
c2ca1f22a2 it is changed in compile time
we can't change module attributes and endpoint settings in runtime
2019-06-14 15:45:05 +00:00
lain
7f48b90bfb Merge branch 'fix/hashtag-rich-media' into 'develop'
Fix hashtags being picked up by rich media parser

Closes #989

See merge request pleroma/pleroma!1288
2019-06-14 11:52:04 +00:00
Maksim
ee4ed87fb4 [#948] /api/v1/account_search added optional parameters (limit, offset, following) 2019-06-14 11:39:57 +00:00
rinpatch
d0ebc0edf3 Fix hashtags being picked up by rich media parser
Closes #989
2019-06-14 14:34:42 +03:00
lain
eac298083f MastodonAPI: Add a way to update the background image. 2019-06-14 11:19:22 +02:00
lain
5965efb216 AccountView: Add user background. 2019-06-13 19:08:05 +02:00
lain
6f5a0cc14e Merge branch 'fix/ogp-title' into 'develop'
Rich Media Parser: Attempt to use <title> from HTML as a fallback

Closes #979

See merge request pleroma/pleroma!1277
2019-06-13 13:26:39 +00:00
Egor Kislitsyn
30e54fd7e2 Handle HTTP 404 response 2019-06-13 17:13:35 +07:00
Egor Kislitsyn
afae3ada22 Handle HTTP "410 Gone" response 2019-06-13 16:34:03 +07:00
Egor Kislitsyn
a12f8e13c8 Improve <title> fallback; Add a test 2019-06-13 15:02:46 +07:00
Ivan Tashkinov
4b2c29016c [#963] No redirect on OOB OAuth authorize request with existing authorization. OAuth-related refactoring. 2019-06-12 21:30:06 +03:00
Egor Kislitsyn
6f29865d43 Add option to restrict all users to local content 2019-06-11 21:25:53 +07:00
lain
63ab3c30eb Merge branch 'feature/rate-limiter' into 'develop'
Feature/Rate Limiter

Closes #943

See merge request pleroma/pleroma!1266
2019-06-11 11:32:01 +00:00
Egor Kislitsyn
ad04d12de6 Replace MastodonAPIController.account_register/2 rate limiter 2019-06-11 16:06:03 +07:00
Egor Kislitsyn
2e5affce61 Add RateLimiter 2019-06-11 14:27:41 +07:00
kaniini
f2d72b1fe4 Merge branch 'preload-changes' into 'develop'
Conversations: Fetch users in one query.

See merge request pleroma/pleroma!1258
2019-06-11 02:37:08 +00:00
Sergey Suprunenko
365268d522 Add more tests for using media_proxy and whitelists 2019-06-10 11:34:11 +00:00
rinpatch
dffc9f060a replace missing mock with a 404 2019-06-07 20:48:25 +03:00
rinpatch
d020f68e87 Transmogrifier: Do not crash if inReplyTo does not exist and can't be fetched 2019-06-07 20:40:38 +03:00
lain
970f71e222 Conversations: Fetch users in one query. 2019-06-07 17:51:47 +02:00
lain
cb2bcee842 User Search: Boost friends more strongly. 2019-06-06 16:18:27 +02:00
lain
7e9f7ea0c2 MastodonAPI: Add test for user search. 2019-06-06 16:16:22 +02:00
Egor
f82382de22 [#943] Make the unauthenticated users limitation optional 2019-06-06 12:17:49 +00:00
kaniini
3f6da9c45a Merge branch 'bugfix/377-stuck-follow-request' into 'develop'
Bugfix/377 stuck follow request

Closes #377

See merge request pleroma/pleroma!1250
2019-06-05 15:52:40 +00:00
kaniini
a511d2f900 Merge branch 'improve-search' into 'develop'
[#943] Contain search for unauthenticated users

See merge request pleroma/pleroma!1220
2019-06-05 15:51:32 +00:00
lain
ad19bfc7fe Utils: Split update_follow_state and update_follow_state_for_all. 2019-06-05 16:43:35 +02:00
lain
827a51e777 CommonAPI: Add test for accept_follow_request. 2019-06-05 15:45:16 +02:00
lain
076c9ae40e User: Remove superfluous maybe_follow. 2019-06-05 14:24:31 +02:00
lain
3115b64cfe Transmogrifier: Add tests for incoming follows to locked accounts. 2019-06-05 14:10:46 +02:00