Commit graph

8518 commits

Author SHA1 Message Date
Mark Felder
f3253c0c6a
Implement RFC2822 timestamp formatting 2022-12-19 01:44:46 +05:00
faried nawaz
3f0783c0a5
fix atom and rss feeds for users and tags
Changes:
  - make the XML closer to spec (RSS does not pass w3c's validator, but works)
  - fix dates (RFC3339 for Atom, doc says RFC822 for RSS but RFC1123 is closer)
  - fix attachment/enclosure links (but see below)
  - set feed item title to post's "summary" if present
  - pruned several elements that validators did not like
    - examples: ap_enabled, user banner urls.

Specs:
  - https://www.rssboard.org/rss-specification
  - https://validator.w3.org/feed/docs/atom.html
  - https://www.intertwingly.net/wiki/pie/Rss20AndAtom10Compared

Validators:
  - https://validator.w3.org/feed/
  - https://rssatom.com/feedvalidator.php

Attachment/enclosure links should have a "length" field (mandatory
according to the spec).  This is not present in the object's data
map.
2022-12-19 01:44:41 +05:00
tusooa
a3985aac91 Merge branch 'fix-2856' into 'develop'
Uploading an avatar media exceeding max size returns a 413

Closes #2856

See merge request pleroma/pleroma!3804
2022-12-16 16:15:36 +00:00
lain
301eb86b35 Merge branch 'update-deps' into 'develop'
Update to Phoenix 1.6, Elixir 1.11, and chase dependencies

See merge request pleroma/pleroma!3766
2022-12-16 00:36:59 +00:00
Lain Soykaf
bb27e4134b AudioVideoValidator: Fix embedded attachment requirements 2022-12-15 18:06:28 -05:00
Lain Soykaf
4a32b584e1 StatusView: Fix warning 2022-12-15 18:02:33 -05:00
Lain Soykaf
9838790a7d AttachmentValidator: Actually require url 2022-12-15 17:46:20 -05:00
Lain Soykaf
63d00f8123 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into update-deps 2022-12-15 17:19:36 -05:00
tusooa
2554028097
Make SimplePolicy Update-aware
This is inspired by d5828f1c5e
2022-12-15 11:57:45 -05:00
tusooa
dc7efcd08b
Make TagPolicy Update-aware
This is inspired by d5828f1c5e
2022-12-15 11:08:24 -05:00
tusooa
62c27e0164
Fix failure when registering a user with no email when approval required 2022-12-14 01:04:42 -05:00
duponin
9876742358 Return 413 when an actor's banner or background exceeds the size limit 2022-12-11 23:15:08 +01:00
duponin
452595baed Uploading an avatar media exceeding max size returns a 413
Until now it was returning a 500 because the upload plug were going
through the changeset and ending in the JSON encoder, which raised
because struct has to @derive the encoder.
2022-12-11 22:54:47 +01:00
Haelwenn
204fd6faae Merge branch 'from/upstream-develop/tusooa/report-fake' into 'develop'
Report an Object, not a Create Activity

Closes #2986

See merge request pleroma/pleroma!3788
2022-12-09 14:25:24 +00:00
ave
0f88c2bca4 Change follow_operation schema to use type BooleanLike 2022-11-28 00:13:34 +00:00
Hélène
542bb17258 ArticleNotePageValidator: fix replies fixing
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-11-27 04:54:19 +01:00
FloatingGhost
747311f623 fix resolution of GTS user keys 2022-11-27 04:54:18 +01:00
Tusooa Zhu
11d5ad24c5 Make local-only posts stream in local timeline 2022-11-27 04:39:32 +01:00
Tusooa Zhu
e46c3a0595 Do not stream out Create of ChatMessage 2022-11-27 04:39:32 +01:00
Tusooa Zhu
09ab51eebb Make mutes and blocks behave the same as other lists 2022-11-27 04:21:58 +01:00
Haelwenn (lanodan) Monnier
7ec3469bea Transmogrifier: Use validating regex for "mediaType" 2022-11-27 04:21:31 +01:00
Haelwenn (lanodan) Monnier
8640d217b1 AttachmentValidator: Use custom ecto type and regex for "mediaType" 2022-11-27 04:21:31 +01:00
Haelwenn (lanodan) Monnier
da71092003 EctoType: Add MIME validator 2022-11-27 04:21:31 +01:00
Ilja
4504c81080 Delete report notifs when demoting from superuser
When someone isn't a superuser any more, they shouldn't see the reporsts any more either.
Here we delete the report notifications from a user when that user gets updated from being a superuser to a non-superuser.
2022-11-27 04:20:11 +01:00
Haelwenn
7f0b3161ea Merge branch 'akoma/deactivated-users' into 'develop'
Timeline query performance improvements

See merge request pleroma/pleroma!3779
2022-11-20 23:40:58 +00:00
tusooa
9d99e76a3a
Fix unit tests 2022-11-20 00:57:04 -05:00
tusooa
0e0c316c76
Fix report api 2022-11-20 00:35:52 -05:00
tusooa
a69e9ae2ef
Flag an Object, not an Activity 2022-11-19 23:51:43 -05:00
HJ
a31d3589ed Update http_security_plug.ex 2022-11-17 12:03:01 -05:00
HJ
79bd363a68 Update lib/pleroma/web/plugs/http_security_plug.ex 2022-11-17 12:03:01 -05:00
Henry Jameson
db76ea578a try to fix ruffle on chrome 2022-11-17 12:03:01 -05:00
feld
a9d991d31e Merge branch 'develop' into 'akoma/deactivated-users'
# Conflicts:
#   CHANGELOG.md
2022-11-14 14:03:11 +00:00
lain
0e1356ef9c Merge branch 'akkoma/delete-improvements' into 'develop'
Alter priority of Delete activities to be lowest

See merge request pleroma/pleroma!3782
2022-11-14 07:24:46 +00:00
lain
76ed0da09f Merge branch 'bugfix/reset-unreachable-on-fetch' into 'develop'
Object.Fetcher: Set reachable on successful fetch

See merge request pleroma/pleroma!3780
2022-11-14 07:22:33 +00:00
Mark Felder
2e0089dd5c Alter priority of Delete activities to be lowest
This will prevent a user with a large number of posts from negatively affecting performance of the outgoing federation queue if they delete their account.
2022-11-13 14:11:48 -05:00
Haelwenn
a2db64b12b Merge branch 'fix-typo-in-csp-report-to-header-name' into 'develop'
Fix typo in CSP Report-To header name

See merge request pleroma/pleroma!3768
2022-11-13 18:53:59 +00:00
Mark Felder
47b9847edd Deletes do not generate notifications of any kind, so skip trying 2022-11-13 12:25:52 -05:00
Haelwenn (lanodan) Monnier
b2713357b9 Object.Fetcher: Set reachable on successful fetch 2022-11-13 16:51:12 +01:00
Mark Felder
edaf0a05f8 Add same optimized join for excluding invisible users 2022-11-12 18:06:28 -05:00
Mark Felder
749445dd50 Fix reports which do not have a user
The check for deactivated users was being applied to report activities.
2022-11-12 17:54:11 -05:00
FloatingGhost
4d321be05c Extract deactivated users query to a join 2022-11-12 17:52:28 -05:00
feld
3d1828f43b Merge branch 'oban-timeouts' into 'develop'
Define sane Oban Worker timeouts

See merge request pleroma/pleroma!3777
2022-11-12 22:13:28 +00:00
tusooa
1b0e47b79b Merge branch 'from/upstream-develop/tusooa/no-strip-report' into 'develop'
Give admin the choice to not strip reported statuses

Closes #2887

See merge request pleroma/pleroma!3773
2022-11-12 17:55:50 +00:00
Mark Felder
8be7f87e1f Define sane Oban Worker timeouts 2022-11-11 13:46:27 -05:00
Mark Felder
6b87b3f2ea Remove Quack logging backend 2022-11-11 12:36:29 -05:00
tusooa
717c5901f8
Render a generated reported activity properly 2022-11-09 23:02:27 -05:00
tusooa
6f047cc308
Do not strip reported statuses when configured not to 2022-11-09 22:36:57 -05:00
Haelwenn (lanodan) Monnier
648e012022 ObjectAgePolicy: Make strip_followers behavior for followers-only explicit 2022-11-07 14:58:47 +01:00
Thomas Citharel
bdedc41cbc
Fix typo in CSP Report-To header name
The header name was Report-To, not Reply-To.

In any case, that's now being changed to the Reporting-Endpoints HTTP
Response Header.
https://w3c.github.io/reporting/#header
https://github.com/w3c/reporting/issues/177

CanIUse says the Report-To header is still supported by current Chrome
and friends.
https://caniuse.com/mdn-http_headers_report-to

It doesn't have any data for the Reporting-Endpoints HTTP header, but
this article says Chrome 96 supports it.
https://web.dev/reporting-api/

(Even though that's come out one year ago, that's not compatible with
Network Error Logging which's still using the Report-To version of the
API)

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 09:43:13 +01:00
Mark Felder
7c64f705f6 Update to Phoenix 1.6 and chase dependencies
Also bump minimum Elixir to 1.11
2022-11-03 16:13:07 +00:00
Alexander Strizhakov
8407e26b0c rebase fix 2022-11-03 10:06:36 -04:00
Alexander Strizhakov
5a9ea98baf XML WebFinger user representation correct domain 2022-11-03 09:48:59 -04:00
Alexander Strizhakov
4121bca895 expanding WebFinger 2022-11-03 09:48:24 -04:00
Haelwenn
da0ef154a6 Merge branch 'from/upstream-develop/tusooa/2930-get-or-fetch' into 'develop'
Fix User.get_or_fetch/1 with usernames starting with http

Closes #2930

See merge request pleroma/pleroma!3751
2022-10-30 00:38:21 +00:00
tusooa
9fbf01f7a9 Merge branch 'push-updates' into 'develop'
Push.Impl: support edits

See merge request pleroma/pleroma!3760
2022-10-27 12:51:29 +00:00
feld
7a519b6a66 Merge branch 'fix-deprecation-text' into 'develop'
Fix deprecation warning for Gun timeout

See merge request pleroma/pleroma!3759
2022-10-24 14:22:49 +00:00
Haelwenn (lanodan) Monnier
16b06160ac CommonAPI: generate ModerationLog for all admin/moderator deletes
As a side-effect it also changes the ChatMessage delete ID to an
Activity.id rather than MessageReference.id

Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/2958
2022-10-14 18:51:08 +02:00
Tusooa Zhu
dd82fd234f
Merge branch 'release/2.4.4' into mergeback/2.4.4 2022-10-08 22:15:09 -04:00
marcin mikołajczak
1b238a4fad Push.Impl: support edits
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-10-01 23:28:02 +02:00
Mark Felder
1958f23fe7 Fix deprecation warning for Gun timeout 2022-09-30 12:22:06 -04:00
Haelwenn
3f1c31b7cd Merge branch 'fix/exclude-deactivated-in-search' into 'develop'
User: search: exclude inactive users from user search

See merge request pleroma/pleroma!3755
2022-09-27 23:58:45 +00:00
Ilja
2d7ea263a1 Add extra routes to :users_manage_credentials privilege 2022-09-24 13:52:28 +02:00
tusooa
1a7107f4a5 Merge branch 'remove_from_followers' into 'develop'
MastoAPI: POST /api/v1/accounts/:id/remove_from_followers

See merge request pleroma/pleroma!3647
2022-09-16 23:24:13 +00:00
a1batross
7f63b4c315 User: search: exclude deactivated users from user search
This way we don't pollute search results with deactivated and deleted users
2022-09-16 00:49:16 +03:00
Tusooa Zhu
ea60c4e709
Fix wrong relationship direction 2022-09-14 20:24:04 -04:00
Hélène
0b19625bfb
ObjectView: do not fetch an object for its ID
Non-Create/Listen activities had their associated object field
normalized and fetched, but only to use their `id` field, which is both
slow and redundant. This also failed on Undo activities, which delete
the associated object/activity in database.

Undo activities will now render properly and database loads should
improve ever so slightly.
2022-09-11 04:54:04 +02:00
Tusooa Zhu
50923f5438
Fix User.get_or_fetch/1 with usernames starting with http 2022-09-08 11:58:17 -04:00
Haelwenn
b8d6cb5845 Merge branch 'from/upstream-develop/tusooa/2892-backup-scope' into 'develop'
Make backups require its own scope

Closes #2892

See merge request pleroma/pleroma!3721
2022-09-05 15:42:02 +00:00
Haelwenn
346c130ddc Merge branch 'fix/user-private-key-generation' into 'develop'
User: generate private keys on user creation

See merge request pleroma/pleroma!3737
2022-09-05 15:38:15 +00:00
tusooa
f7c2073103 Merge branch 'bump/min-elixir-1.10' into 'develop'
Bump minimum Elixir version to 1.10

See merge request pleroma/pleroma!3741
2022-09-05 15:19:34 +00:00
tusooa
9874b4c985 Merge branch 'develop' into 'from/upstream-develop/tusooa/2892-backup-scope'
# Conflicts:
#   CHANGELOG.md
2022-09-05 15:00:19 +00:00
Hélène
cd237d22f1
User: generate private keys on user creation
This fixes a race condition bug where keys could be regenerated
post-federation, causing activities and HTTP signatures from an user to
be dropped due to key differences.
2022-09-05 03:51:17 +02:00
tusooa
f8afba95b2 Merge branch 'fix/gts-federation' into 'develop'
GoToSocial federation fixes

See merge request pleroma/pleroma!3725
2022-09-05 01:10:34 +00:00
tusooa
20347898e2 Merge branch 'fix/federation-context-issues' into 'develop'
Fix reply context fixing (Pleroma replies to Misskey threads) and removal of context objects

See merge request pleroma/pleroma!3717
2022-09-04 18:43:36 +00:00
Haelwenn
c63cf954de Merge branch 'from/upstream-develop/tusooa/streaming-fix' into 'develop'
Streaming fix

Closes #2796

See merge request pleroma/pleroma!3738
2022-09-03 18:24:28 +00:00
Hélène
4477c6baff
Metadata/Utils: use summary as description if set
When generating OpenGraph and TwitterCard metadata for a post, the
summary field will be used first if it is set to generate the post
description.
2022-09-03 17:17:48 +02:00
Haelwenn
257601d67d Merge branch 'ssh-bbs-improvements' into 'develop'
BBS: add functionnalities and readability

See merge request pleroma/pleroma!3675
2022-09-03 11:15:07 +00:00
Haelwenn
299255b9bb Merge branch 'from/upstream-develop/tusooa/assoc-object-id' into 'develop'
Add function to calculate associated object id

Closes #2307

See merge request pleroma/pleroma!3692
2022-09-03 02:50:40 +00:00
Haelwenn
e40c221c31 Merge branch 'from/upstream-develop/tusooa/edits' into 'develop'
Editing

Closes #1429, #2859, and #2288

See merge request pleroma/pleroma!3678
2022-09-03 02:16:42 +00:00
Haelwenn
07ef72f493 Merge branch 'from/develop/tusooa/2807-remote-xact-post' into 'develop'
Remote interaction with posts

Closes #2807 and #978

See merge request pleroma/pleroma!3587
2022-09-03 02:03:48 +00:00
Haelwenn (lanodan) Monnier
21ab7369ca Bump minimum Elixir version to 1.10
With the release of Elixir 1.14, Elixir 1.9 is now end-of-life.

Elixir 1.10 Release Notes:
https://github.com/elixir-lang/elixir/releases/tag/v1.10.0
2022-09-02 22:53:54 +02:00
Tusooa Zhu
20a0dd6516
Exclude Announce instead of restricting to Create in visibility_tags 2022-08-31 22:14:54 -04:00
Tusooa Zhu
ffd379456b
Do not stream out Announces to public timelines 2022-08-31 15:57:06 -04:00
Tusooa Zhu
f9b86c3c22
Make local-only posts stream in local timeline 2022-08-27 19:34:56 -04:00
Tusooa Zhu
3afa1903ee
Do not stream out Create of ChatMessage 2022-08-27 17:51:41 -04:00
tusooa
a546e6f042 Merge branch 'feature/emoji-15-support' into 'develop'
emoji-test: update to latest 15.0 draft

See merge request pleroma/pleroma!3726
2022-08-27 00:59:22 +00:00
tusooa
59109f8f74 Merge branch 'fix_flaky_test_user_relationship_test.exs_81' into 'develop'
fix flaky test_user_relationship_test.exs:81

See merge request pleroma/pleroma!3697
2022-08-24 15:24:07 +00:00
Ilja
47e3a72b6e fix flaky test_user_relationship_test.exs:81 2022-08-24 15:24:07 +00:00
Hélène
439c1baf25
OAuthPlug: use user cache instead of joining
As this plug is called on every request, this should reduce load on the
database by not requiring to select on the users table every single
time, and to instead use the by-ID user cache whenever possible.
2022-08-24 03:40:05 +02:00
Tusooa Zhu
c59ee1f172
Expose availability of GET /main/ostatus via instance 2022-08-20 21:19:31 -04:00
Tusooa Zhu
4ec9eeb3f8
Make remote interaction page translatable 2022-08-20 21:14:26 -04:00
Tusooa Zhu
1218adacc5
Display status link in remote interaction form 2022-08-20 21:13:52 -04:00
Tusooa Zhu
b7c75db0f7
Lint 2022-08-20 21:13:51 -04:00
Tusooa Zhu
779457d9a4
Add GET endpoints for remote subscription forms
There are two reasons for adding a GET endpoint:

0: Barely displaying the form does not change anything on the server.

1: It makes frontend development easier as they can now use a link,
instead of a form, to allow remote users to interact with local ones.
2022-08-20 21:13:51 -04:00
Tusooa Zhu
a243a217a7
Fix form item name in status_interact.html 2022-08-20 21:13:51 -04:00
Tusooa Zhu
2701628786
Add remote interaction ui for posts 2022-08-20 21:13:51 -04:00
Tusooa Zhu
3885ee182a
Switch to associated_object_id index 2022-08-20 20:43:46 -04:00
Tusooa Zhu
a31d6bb52c
Execute session disconnect in background 2022-08-19 20:24:24 -04:00
Tusooa Zhu
f459c1260b
Lint 2022-08-19 20:24:24 -04:00
Tusooa Zhu
c62a4f1c17
Disconnect streaming sessions when token is revoked 2022-08-19 20:22:45 -04:00