Commit graph

87 commits

Author SHA1 Message Date
Thomas Citharel
bdedc41cbc
Fix typo in CSP Report-To header name
The header name was Report-To, not Reply-To.

In any case, that's now being changed to the Reporting-Endpoints HTTP
Response Header.
https://w3c.github.io/reporting/#header
https://github.com/w3c/reporting/issues/177

CanIUse says the Report-To header is still supported by current Chrome
and friends.
https://caniuse.com/mdn-http_headers_report-to

It doesn't have any data for the Reporting-Endpoints HTTP header, but
this article says Chrome 96 supports it.
https://web.dev/reporting-api/

(Even though that's come out one year ago, that's not compatible with
Network Error Logging which's still using the Report-To version of the
API)

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 09:43:13 +01:00
tusooa
84a573877a Merge branch 'fix_erratic_tests' into 'develop'
Fix flaky rate_limiter_test.exs test "it restricts based on config values"

See merge request pleroma/pleroma!3688
2022-08-25 18:39:38 +00:00
Sean King
64e16e6a4b
Document way to do notice compatibility routes with Nginx reverse-proxy instead 2022-07-16 23:44:37 -06:00
Ilja
26080b4b5c Fix rate_limiter_test.exs test "it restricts based on config values"
It used a timer to sleep.
But time also goes on when doing other things, so depending on hardware, the timings could be off.
I slightly changed the tests so we still test what we functionally want.
Instead of waiting until the cache expires I now have a function to expire the test and use that.

That means we're not testing any more if the cache really expires after a certain amount of time,
but that's the responsability of the dependency imo, so shouldn't be a problem.

I also changed `Pleroma.Web.Endpoint, :http, :ip` to `127.0.0.1` because that's the setting people typically have,
and I see no reason to do it differently.
Especially since it's an exernal ip, which may come over as weird or suspicious to people.
2022-07-09 07:19:18 +02:00
Tusooa Zhu
e2d24eda57 Allow to skip cache in Cache plug
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Haelwenn
d7c53da77a Merge branch 'from/upstream-develop/tusooa/translate-pages' into 'develop'
Translate backend-rendered pages

See merge request pleroma/pleroma!3634
2022-03-20 18:14:37 +00:00
Tusooa Zhu
cd42e2bed0
Lint 2022-03-03 09:49:55 -05:00
Tusooa Zhu
aca11fb70e
Support multiple locales from userLanguage cookie 2022-03-03 02:31:36 -05:00
Tusooa Zhu
7ea330b4fe
Support multiple locales formally
elixir gettext current does not fully support fallback to another language [0].
But it might in the future. We adapt it so that all languages in Accept-Language
headers are received by Pleroma.Web.Gettext. User.languages is now a comma-separated
list.

[0]: https://github.com/elixir-gettext/gettext/issues/303
2022-03-03 02:03:44 -05:00
Tusooa Zhu
bc59da96c5
Add test for fallbacking to a general language 2022-03-02 20:04:30 -05:00
Tusooa Zhu
8de573b047
Fallback to a variant if the language in general is not supported
For an example, here, zh is not supported, but zh_Hans and zh_Hant
are. If the user asks for zh, we should choose a variant for them
instead of fallbacking to default.

Some browsers (e.g. Firefox) does not allow users to customize
their language codes. For example, there is no zh-Hans, but only
zh, zh-CN, zh-TW, zh-HK, etc. This provides a workaround for
those users suffering from bad design decisions.
2022-03-02 19:59:11 -05:00
Sean King
17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
Tusooa Zhu
0fd3695b9c
Prefer userLanguage cookie over Accept-Language header in detecting locale
https://git.pleroma.social/pleroma/pleroma-meta/-/issues/60
2022-02-21 18:02:19 -05:00
Alex Gleason
479fc5fff8
EnsureStaffPrivilegedPlug: add tests 2021-12-27 10:39:59 -06:00
Alex Gleason
db2bf55e9b
Merge remote-tracking branch 'origin/develop' into notice-routes 2021-12-25 19:57:53 -06:00
Alex Gleason
9c1cb87eff Merge branch 'erratic-tests' into 'develop'
Skip erratic tests

See merge request pleroma/pleroma!3572
2021-12-22 04:14:31 +00:00
Alex Gleason
2ce7dae6de
Skip erratic tests 2021-12-21 22:04:15 -06:00
Alex Gleason
b0d2b53934 Merge branch 'manifest' into 'develop'
Expose /manifest.json for PWA

Closes #882

See merge request pleroma/pleroma!3544
2021-12-19 18:18:59 +00:00
Alex Gleason
e4f9cb1c1b
Merge remote-tracking branch 'origin/develop' into manifest 2021-12-19 11:33:10 -06:00
Alex Gleason
e1b89fe3aa
Merge remote-tracking branch 'origin/develop' into live-dashboard 2021-12-15 19:05:36 -05:00
Alex Gleason
29d80b39f2
Add Phoenix LiveDashboard
Co-authored-by: Egor Kislitsyn <egor@kislitsyn.com>
2021-12-15 19:05:27 -05:00
Alex Gleason
ba2ed3c255
Fix frontend_status_plug_test.exs 2021-12-03 07:56:26 -06:00
Alex Gleason
720198d569
Merge remote-tracking branch 'pleroma/develop' into manifest 2021-11-24 17:58:58 -06:00
Alex Gleason
cb9359335f
Expose /manifest.json for PWA 2021-11-24 17:50:55 -06:00
Sean King
1841bd8383 Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remove/mastofe 2021-08-06 08:08:20 -06:00
Alex Gleason
44ede0657f
Merge remote-tracking branch 'pleroma/develop' into staff-plug 2021-08-04 11:48:57 -05:00
Alex Gleason
9bc1e79c56
Moderators: add UserIsStaffPlug 2021-07-12 21:57:52 -05:00
Sean King
dc4814f0cd
Fix merge conflicts with upstream 2021-06-04 14:42:44 -06:00
Alex Gleason
c23b81e399
Pleroma.Web.get_api_routes/0 --> Pleroma.Web.Router.get_api_routes/0
Reduce recompilation time by breaking compile-time cycles
2021-05-28 13:51:01 -05:00
Alex Gleason
50e3750758
Add notice compatibility routes for other frontends
Fixes: https://git.pleroma.social/pleroma/pleroma/-/issues/1785
2021-05-05 14:50:10 -05:00
Sean King
8afa3f2d1b
Remove no longer necessary unit tests for MastoFE 2021-04-15 23:12:42 -06:00
Mark Felder
902d4e4a4a Leave a note for future explorers 2021-02-25 13:06:43 -06:00
Mark Felder
2da71a526f No need to filter out Mix.env() from the API routes. 2021-02-25 13:04:08 -06:00
Mark Felder
6b87dfad5d Filter out MIX_ENV from route list and add a test 2021-02-25 09:23:10 -06:00
rinpatch
6d66fadea7 Remove :auth, :enforce_oauth_admin_scope_usage
`admin` scope has been required by default for more than a year now
and all apps that use the API seems to request a proper scope by now.
2021-02-17 20:47:38 +03:00
Egor Kislitsyn
bddb01bded
Add tests 2021-01-27 18:20:07 +04:00
lain
7f07871639 Merge branch 'chore/tests-use-clear_config' into 'develop'
Convert tests to all use clear_config instead of Pleroma.Config.put

See merge request pleroma/pleroma!3282
2021-01-27 11:33:27 +00:00
feld
d7af0294e6 Merge branch 'service-worker-allowed-header' into 'develop'
Ability to set custom HTTP headers per each frontend

See merge request pleroma/pleroma!3247
2021-01-26 18:14:01 +00:00
Mark Felder
e854c35e65 Convert tests to all use clear_config instead of Pleroma.Config.put 2021-01-26 11:58:43 -06:00
eugenijm
7fcaa188a0 Allow to define custom HTTP headers per each frontend 2021-01-21 21:55:23 +03:00
eugenijm
133644dfa2 Ability to set the Service-Worker-Allowed header 2021-01-21 21:55:11 +03:00
Mark Felder
28581e03ad Merge branch 'develop' into refactor/deactivated_user_field 2021-01-18 14:58:21 -06:00
Mark Felder
d36182c088 Change user.confirmation_pending field to user.is_confirmed 2021-01-15 12:44:41 -06:00
Mark Felder
860b5c7804 Change user.deactivated field to user.is_active 2021-01-15 11:24:46 -06:00
Lain Soykaf
39f3683a06 Pbkdf2: Use it everywhere. 2021-01-14 15:06:16 +01:00
lain
9106048c61 Password: Replace Pbkdf2 with Password. 2021-01-13 15:11:11 +01:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
lain
9d5ce82221 Test: More async/sync tweaks. 2020-12-21 15:05:56 +01:00
lain
9ba60f70d2 Tests: Make as many tests as possible async.
In general, tests that match these criteria can be made async:

- Doesn't use real Cachex.
- Doesn't write to the Config / Application Environment.
- Uses Mock. Using Mox is fine.
- Uses the streamer.
2020-12-21 12:21:40 +01:00
lain
95a9bdfc37 Tests: Use NullCache for async tests.
Caching can't work in async tests, so for them it is mocked to a
null cache that is always empty. Synchronous tests are stubbed
with the real Cachex, which is emptied after every test.
2020-12-18 19:53:19 +01:00