Commit graph

89 commits

Author SHA1 Message Date
Floatingghost
05f8179d08 check if data is visible before embedding it in OG tags
previously we would uncritically take data and format it into
tags for static-fe and the like - however, instances can be
configured to disallow unauthenticated access to these resources.

this means that OG tags as a vector for information leakage.

_technically_ this should only occur if you have both
restrict_unauthenticated *AND* you run static-fe, which makes no
sense since static-fe is for unauthenticated people in particular,
but hey ho.
2024-04-12 05:16:47 +01:00
FloatingGhost
6cb40bee26 Migrate to phoenix 1.7 (#626)
Closes #612

Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
Walter Huf
7ff9c356f4 Merge remote-tracking branch 'upstream/develop' into metadata_webfinger 2023-07-27 07:43:17 -07:00
kPherox
8fb235e71b fix: append field values to bio before parsing 2023-06-14 19:44:07 +00:00
kPherox
d6271e7613 feat: build rel me tags with profile fields 2023-06-14 19:44:07 +00:00
Mark Felder
997551bac9 Fix TwitterCard meta tags
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".

Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.

> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]

[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Walter Huf
54fdf3a5de Use any custom WebFinger domain for page metadata 2023-01-22 16:26:41 -08:00
floatingghost
07a48b9293 giant massive dep upgrade and dialyxir-found error emporium (#371)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/371
2022-12-14 12:38:48 +00:00
Hélène
8683252fc5 Metadata/Utils: use summary as description if set
When generating OpenGraph and TwitterCard metadata for a post, the
summary field will be used first if it is set to generate the post
description.
2022-09-11 19:55:38 +01:00
floatingghost
bc6bfe383f Add configurable theme color (#53)
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/53
2022-07-06 20:00:43 +00:00
Mark Felder
202ee5fd77 Add note about video thumbnails for code spelunkers unfamiliar with Media Preview Proxy 2021-06-10 09:56:43 -05:00
Mark Felder
6aa7fc15df Formatting of the comment 2021-06-09 11:58:51 -05:00
Mark Felder
5f7901cc48 Credo 2021-06-09 11:09:14 -05:00
Mark Felder
2a47156b87 Lint 2021-06-09 11:06:53 -05:00
Mark Felder
86bcb87e6c Fix incorrectly ordered arguments to the function and not properly merging lists. 2021-06-09 11:05:24 -05:00
Mark Felder
2cf648d419 Add a video thumbnail to the OpenGraph metadata if Media Preview Proxy is enabled. 2021-06-09 10:02:41 -05:00
Mark Felder
19a49dd757 Remove Metadata.Utils.attachment_url/1
This was a wasteful shortcut to MediaProxy.preview_url/1 and we don't
always want the preview_url in the metadata anyway.
2021-06-09 09:58:29 -05:00
Mark Felder
9cb8960284 Switch OGP default type from "website" to "article"
This is what Mastodon uses and might fix some link preview bugs I've encountered
2021-06-08 17:14:30 -05:00
Mark Felder
d70db63084 Set the correct height/width if the data is available when generating opengraph metadata 2021-06-08 16:58:33 -05:00
Mark Felder
aa8cc4e86e Only use fallback for videos and only add this metadata for images if we really have it. 2021-06-08 16:31:12 -05:00
Mark Felder
d4ac9445cd Twittercard metadata for images should also include dimensions if available 2021-06-08 16:19:12 -05:00
Mark Felder
5de65ce3e8 Set the correct height/width if the data is available when generating twittercard metadata 2021-06-08 15:59:55 -05:00
Mark Felder
264458531a Formatting 2021-06-07 15:47:50 -05:00
io
2c401dafa1 Improve opengraph embeds
This brings them more in line with Mastodon.
- Deduplicates display name from the title and content
- Removes arbitrary limits on the size of the embedded image
- Removes angled double quotes from embed descriptions. These would normally just indicate that the content is a quote, but that is already implied by the content being in an embed.
2021-06-04 05:33:35 +00:00
Alex Gleason
3ff9c5e2a6
Break out activity-specific HTML functions into Pleroma.Activity.HTML
Fixes cycles in lib/pleroma/ecto_type/activity_pub/object_validators/safe_text.ex
2021-05-29 12:29:11 -05:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Ivan Tashkinov
e164c37139 [#2301] Proper handling of User.is_discoverable: users appear in in-service search but are hidden from external services like search bots. 2020-11-19 19:30:02 +03:00
Mark Felder
4ead0d564f Merge branch 'develop' into refactor/discoverable_user_field 2020-10-13 09:54:11 -05:00
Mark Felder
8bacdc3680 Change user.discoverable field to user.is_discoverable 2020-10-13 09:45:08 -05:00
Alexander Strizhakov
0374df1d12
other files consistency 2020-10-13 16:38:19 +03:00
Alexander Strizhakov
e8e4034c48
metadata providers consistency 2020-10-13 16:38:18 +03:00
Ivan Tashkinov
a428800405 Merge remote-tracking branch 'remotes/origin/develop' into media-preview-proxy-nostream
# Conflicts:
#	CHANGELOG.md
2020-09-17 22:22:59 +03:00
stwf
38b2db297b search indexing metadata respects discoverable flag 2020-09-14 13:18:11 -04:00
rinpatch
0d2814ec8e Metadata: Move restriction check from Feed provider to activated_providers 2020-09-08 20:21:34 +03:00
Mark Felder
a85ed6defb Do not serve RSS/Atom feeds when instance is private 2020-09-08 20:21:34 +03:00
Mark Felder
85446cc30c Merge branch 'develop' into media-preview-proxy 2020-09-03 10:34:06 -05:00
rinpatch
126461942b User table: ensure bio is always a string
Gets rid of '|| ""' in multiple places and fixes #2067
2020-09-01 10:45:42 +03:00
Mark Felder
98f8851f29 Use the image thumbnail for rich metadata (OGP/Twittercards) 2020-08-22 15:12:11 -05:00
rinpatch
bfec45bf74 Merge branch 'fix/1601-add-new-meta-tag' into 'develop'
Restrict remote users from indexing

Closes #1601

See merge request pleroma/pleroma!2341
2020-04-01 12:55:52 +00:00
Alexander Strizhakov
94ddbe4098
restrict remote users from indexing 2020-04-01 09:57:12 +03:00
Haelwenn (lanodan) Monnier
185520d1b4
Provide known-good user.uri, remove User.profile_url/1 2020-03-31 23:55:29 +02:00
Mark Felder
05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Haelwenn (lanodan) Monnier
6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
rinpatch
472132215e Use floki's new APIs for parsing fragments 2020-02-16 01:55:26 +03:00
feld
237b2068f9 Revert "Merge branch 'feat/floki-fasthtml' into 'develop'"
This reverts merge request !2194
2020-02-11 16:55:18 +00:00
rinpatch
ea1631d7e6 Make Floki use fast_html 2020-02-11 16:17:21 +03:00
Maksim Pechnikov
c9f45edeac Merge branch 'develop' into feature/tag_feed 2020-01-14 21:29:14 +03:00
Maksim Pechnikov
fa7d8e77e6 fixed Metadata.Utils.scrub_html_and_truncate 2020-01-03 16:28:13 +03:00
Mark Felder
06ae56a3ae Posts without media attachments should get the Summary TwitterCard 2019-12-20 16:32:04 -06:00
Maksim Pechnikov
b53573a837 add tag feeds 2019-12-18 09:19:37 +03:00