Commit graph

14 commits

Author SHA1 Message Date
Floatingghost
05f8179d08 check if data is visible before embedding it in OG tags
previously we would uncritically take data and format it into
tags for static-fe and the like - however, instances can be
configured to disallow unauthenticated access to these resources.

this means that OG tags as a vector for information leakage.

_technically_ this should only occur if you have both
restrict_unauthenticated *AND* you run static-fe, which makes no
sense since static-fe is for unauthenticated people in particular,
but hey ho.
2024-04-12 05:16:47 +01:00
FloatingGhost
6cb40bee26 Migrate to phoenix 1.7 (#626)
Closes #612

Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
Mark Felder
997551bac9 Fix TwitterCard meta tags
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".

Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.

> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]

[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Mark Felder
6aa7fc15df Formatting of the comment 2021-06-09 11:58:51 -05:00
Mark Felder
5f7901cc48 Credo 2021-06-09 11:09:14 -05:00
Mark Felder
2a47156b87 Lint 2021-06-09 11:06:53 -05:00
Mark Felder
19a49dd757 Remove Metadata.Utils.attachment_url/1
This was a wasteful shortcut to MediaProxy.preview_url/1 and we don't
always want the preview_url in the metadata anyway.
2021-06-09 09:58:29 -05:00
Mark Felder
aa8cc4e86e Only use fallback for videos and only add this metadata for images if we really have it. 2021-06-08 16:31:12 -05:00
Mark Felder
d4ac9445cd Twittercard metadata for images should also include dimensions if available 2021-06-08 16:19:12 -05:00
Mark Felder
5de65ce3e8 Set the correct height/width if the data is available when generating twittercard metadata 2021-06-08 15:59:55 -05:00
Mark Felder
264458531a Formatting 2021-06-07 15:47:50 -05:00
io
2c401dafa1 Improve opengraph embeds
This brings them more in line with Mastodon.
- Deduplicates display name from the title and content
- Removes arbitrary limits on the size of the embedded image
- Removes angled double quotes from embed descriptions. These would normally just indicate that the content is a quote, but that is already implied by the content being in an embed.
2021-06-04 05:33:35 +00:00
Haelwenn (lanodan) Monnier
c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Alexander Strizhakov
e8e4034c48
metadata providers consistency 2020-10-13 16:38:18 +03:00
Renamed from lib/pleroma/web/metadata/twitter_card.ex (Browse further)