Commit graph

1095 commits

Author SHA1 Message Date
Oneric
6d003e1acd test/steal_emoji: consolidate configuration setup 2024-03-18 22:33:10 -01:00
Oneric
d1ce5fd911 test/steal_emoji: reduce code duplication with mock macro 2024-03-18 22:33:10 -01:00
Oneric
ee5ce87825 test: use pack functions to check for emoji
The hardocded path and filenames assumptions
will be broken with the next commit.
2024-03-18 22:33:10 -01:00
Oneric
a8c6c780b4 StealEmoji: use Content-Type and reject non-images
E.g. *key’s emoji URLs typically don’t have file extensions, but
until now we just slapped ".png" at its end hoping for the best.

Furthermore, this gives us a chance to actually reject non-images,
which before was not feasible exatly due to those extension-less URLs
2024-03-18 22:33:10 -01:00
Oneric
11ae8344eb Sanitise Content-Type of media proxy URLs
Just as with uploads and emoji before, this can otherwise be used
to place counterfeit AP objects or other malicious payloads.
In this case, even if we never assign a priviliged type to content,
the remote server can and until now we just mimcked whatever it told us.

Preview URLs already handle only specific, safe content types
and redirect to the external host for all else; thus no additional
sanitisiation is needed for them.

Non-previews are all delegated to the modified ReverseProxy module.
It already has consolidated logic for building response headers
making it easy to slip in sanitisation.

Although proxy urls are prefixed by a MAC built from a server secret,
attackers can still achieve a perfect id match when they are able to
change the contents of the pointed to URL. After sending an posts
containing an attachment at a controlled destination, the proxy URL can
be read back and inserted into the payload. After injection of
counterfeits in the target server the content can again be changed
to something innocuous lessening chance of detection.
2024-03-18 22:33:10 -01:00
Oneric
0ec62acb9d Always insert Dedupe upload filter
This actually was already intended before to eradict all future
path-traversal-style exploits and to fix issues with some
characters like akkoma#610 in 0b2ec0ccee. However, Dedupe and
AnonymizeFilename got mixed up. The latter only anonymises the name
in Content-Disposition headers GET parameters (with link_name),
_not_ the upload path.

Even without Dedupe, the upload path is prefixed by an UUID,
so it _should_ already be hard to guess for attackers. But now
we actually can be sure no path shenanigangs occur, uploads
reliably work and save some disk space.

While this makes the final path predictable, this prediction is
not exploitable. Insertion of a back-reference to the upload
itself requires pulling off a successfull preimage attack against
SHA-256, which is deemed infeasible for the foreseeable futures.

Dedupe was already included in the default list in config.exs
since 28cfb2c37a, but this will get overridde by whatever the
config generated by the "pleroma.instance gen" task chose.

Upload+delete tests running in parallel using Dedupe might be flaky, but
this was already true before and needs its own commit to fix eventually.
2024-03-18 22:33:10 -01:00
Helge
5d89e0c917 Allow for url to be a list
This solves interoperability issues, see:
- https://git.pleroma.social/pleroma/pleroma/-/issues/3253
- https://socialhub.activitypub.rocks/t/fep-fffd-proxy-objects/3172/30?u=helge
- https://data.funfedi.dev/0.1.1/#url-parameter
2024-03-03 09:11:45 +01:00
floatingghost
7d61fb0906 Merge pull request 'Fix static-fe Twitter metadata / URL previews' (#700) from Oneric/akkoma:staticfe-metadata into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/700
2024-02-24 13:42:55 +00:00
Oneric
c08f49d88e Add tests for static-fe metadata tags 2024-02-21 00:33:32 +00:00
Haelwenn (lanodan) Monnier
7d94476dd6 StealEmojiPolicy: Sanitize shortcodes
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3245
2024-02-20 11:19:00 +01:00
Oneric
1a7839eaf2 Prune old Update activities
Once processed they serve no purpose anymore afaict.
Therefor, lets prune them like other transient activities
to not unnecessarily bloat the table.
2024-02-17 16:57:40 +01:00
floatingghost
289f93f5a2 Merge pull request 'Return last_status_at as date, not datetime' (#681) from katafrakt/akkoma:fix-last-status-at into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/681
2024-02-17 11:37:19 +00:00
Oneric
e99e2407f3 Add background_removal to SimplePolicy MRF 2024-02-16 16:36:45 +01:00
Oneric
7622aa27ca Federate user profile background
Currently our own frontend doesn’t show backgrounds of other users, this
property is already publicly readable via REST API and likely was always
intended to be shown and federated.

Recently Sharkey added support for profile backgrounds and
immediately made them federate and be displayed to others.
We use the same AP field as Sharkey here which should make
it interoperable both ways out-of-the-box.

Ref.: 4e64397635
2024-02-16 16:35:51 +01:00
FloatingGhost
0ed815b8a1 Merge branch 'followback' into develop 2024-02-16 13:27:40 +00:00
floatingghost
c5dcd07e08 Merge pull request 'Fix OpenAPI spec for preferred_frontend endpoint' (#680) from katafrakt/akkoma:fix-openapi-spec-for-preferred-frontend into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/680
2024-02-16 12:21:00 +00:00
Oneric
376f6b15ca Add ability to auto-approve followbacks
Resolves: https://akkoma.dev/AkkomaGang/akkoma/issues/148
2024-02-13 15:42:37 +01:00
Paweł Świątkowski
df21b61829
Return last_status_at as date, not datetime 2024-02-05 21:42:15 +01:00
floatingghost
e97d08ee98 Merge pull request 'MRF transparency: don’t forget to obfuscate short domains' (#676) from Oneric/akkoma:mrf-obfuscation into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/676
2024-02-05 08:43:43 +00:00
Paweł Świątkowski
d7d159c49f
Fix OpenAPI spec for preferred_frontend endpoint
The spec was copied from another endpoint, including the operation id,
leading to scrubbing the valid parameters from the request and simply
not working.
2024-02-03 14:27:45 +01:00
Oneric
e47c50666d Fix obfuscation of short domains
Fixes https://akkoma.dev/AkkomaGang/akkoma/issues/645
2024-02-02 14:50:13 +00:00
Aria
77000b8ffd update tests for oauth consumer 2023-12-17 21:48:19 +00:00
Lain Soykaf
c3098e9c56 UserViewTest: Add basice service actor test. 2023-12-15 16:31:51 +00:00
FloatingGhost
6cc523bd23 Correct email links to be absolute URLs 2023-11-02 11:49:03 +00:00
FloatingGhost
033b7b04e0 update captcha version 2023-10-20 13:30:29 +01:00
FloatingGhost
c8e08e9cc3 fix issue with API cascading domain blocks but not honouring them 2023-08-25 11:00:49 +01:00
FloatingGhost
063e3c0d34 Disallow nil hosts in should_federate 2023-08-15 23:12:04 +01:00
FloatingGhost
6cb40bee26 Migrate to phoenix 1.7 (#626)
Closes #612

Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
Joshua Goins
c22ecac567 mastodon_api: Add /api/v1/preferences endpoint
Implements the preferences endpoint in the Mastodon API, but returns
default values for most of the preferences right now. The only supported
preference we can access is default post visibility, and a relevant test
is added as well.
2023-08-12 09:28:24 -04:00
FloatingGhost
0c21341156 Fix signature checking 2023-08-07 16:17:17 +01:00
FloatingGhost
7825798e32 Add XML matcher 2023-08-07 11:12:14 +01:00
FloatingGhost
650c0c0f62 Allow max_id to be at the end of the querystring 2023-08-06 16:44:25 +01:00
FloatingGhost
7956cfb091 Another keyword.equal? check 2023-08-06 16:36:18 +01:00
FloatingGhost
215b550317 Fix keyword ordering reliance 2023-08-06 16:27:15 +01:00
FloatingGhost
866672b6a7 Add unordered list equality matcher 2023-08-06 15:58:11 +01:00
FloatingGhost
ef422a8385 Put matchers in matchers subpackage 2023-08-06 15:53:04 +01:00
FloatingGhost
9723264fe5 Add URI matchers 2023-08-06 15:51:21 +01:00
mae
d868348fac Completely disable xml entity resolution 2023-08-05 12:32:05 +00:00
FloatingGhost
b4399574ca Merge remote-tracking branch 'norm/config-permissions' into develop 2023-08-04 22:31:11 +01:00
FloatingGhost
9c7409808f Add unit test for external entity loading 2023-08-04 22:24:32 +01:00
Haelwenn (lanodan) Monnier
749e9f2229
release_runtime_provider_test: chmod config for hardened permissions
Git doesn't manages file permissions precisely enough for us.

Original: 65ef8f19c5
2023-08-04 14:14:04 -04:00
FloatingGhost
0b2ec0ccee Enable AnonymizeFilenames on all uploads 2023-08-04 15:37:15 +01:00
FloatingGhost
723bd123a0 Correct ordering for block/mutes 2023-08-04 15:18:07 +01:00
FloatingGhost
1dc8cc731c Merge branch 'elixir1.15' into develop 2023-08-04 15:16:14 +01:00
FloatingGhost
64e233ca20 Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
Mark Felder
7e45343f81 Resolve information disclosure vulnerability through emoji pack archive download endpoint 2023-08-04 11:34:19 +01:00
FloatingGhost
f4fe4fcbcc More static stuff 2023-08-03 23:00:30 +01:00
FloatingGhost
02071ab9b4 bah 2023-08-03 18:40:13 +01:00
FloatingGhost
98cb255d12 Support elixir1.15
OTP builds to 1.15

Changelog entry

Ensure policies are fully loaded

Fix :warn

use main branch for linkify

Fix warn in tests

Migrations for phoenix 1.17

Revert "Migrations for phoenix 1.17"

This reverts commit 6a3b2f15b7.

Oban upgrade

Add default empty whitelist

mix format

limit test to amd64

OTP 26 tests for 1.15

use OTP_VERSION tag

baka

just 1.15

Massive deps update

Update locale, deps

Mix format

shell????

multiline???

?

max cases 1

use assert_recieve

don't put_env in async tests

don't async conn/fs tests

mix format

FIx some uploader issues

Fix tests
2023-08-03 17:44:09 +01:00
FloatingGhost
b65aafe1e3 Fix tests breaking on config changes 2023-08-02 12:05:30 +01:00
Walter Huf
c38f1aefb1 Add unit tests for Utils.user_name_string 2023-07-28 07:35:00 -07:00
Walter Huf
1377ec33fe Add a unit test for custom WebFinger domain 2023-07-27 09:01:46 -07:00
Weblate
eba3cce77b Update translation files
Updated by "Squash Git commits" hook in Weblate.

Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/
2023-07-27 13:14:05 +00:00
floatingghost
6db8ab7c94 Merge pull request 'Varied selection of Pleroma cherry-picks' (#567) from XxXCertifiedForkliftDriverXxX/akkoma:cherry-picks into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/567
2023-07-27 12:53:56 +00:00
FloatingGhost
c63ae73bc0 Add embed controller tests 2023-07-17 19:18:21 +01:00
FloatingGhost
8fe29bf5d2 Exclude deactivated users from emoji reaction lists 2023-07-17 17:53:03 +01:00
Mark Felder
5144d6f4ba Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
XxXCertifiedForkliftDriverXxX
07b478dc49 Implement blocklists for MediaProxy 2023-06-26 15:18:31 +02:00
tusooa
c0a01e73cf Enforce unauth restrictions for public streaming endpoints 2023-06-14 22:45:19 +00:00
tusooa
fee6e2aac4 Fix deleting banned users' statuses 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
8669a0abcb UploadedMedia: Increase readability via ~s sigil 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
37b0d774fa UploadedMedia: Add missing disposition_type to Content-Disposition
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.

Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
tusooa
1def80c2e7 Fix existing tests 2023-06-14 22:45:19 +00:00
tusooa
3095251e6c Dedupe poll options 2023-06-14 22:45:19 +00:00
tusooa
79a18f761b Allow with_relationships param for blocks 2023-06-14 22:45:19 +00:00
kPherox
8fb235e71b fix: append field values to bio before parsing 2023-06-14 19:44:07 +00:00
kPherox
d6271e7613 feat: build rel me tags with profile fields 2023-06-14 19:44:07 +00:00
Alexander Tumin
5adce547d0 Require related object for notifications to filter on content 2023-06-14 19:41:48 +00:00
tusooa
05e80d1879 Fix block_from_stranger setting 2023-06-14 19:41:44 +00:00
tusooa
651979217a Fix failure when registering a user with no email when approval required 2023-06-14 19:33:58 +00:00
Mark Felder
997551bac9 Fix TwitterCard meta tags
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".

Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.

> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]

[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Tusooa Zhu
2a290cb331 Lint 2023-06-14 17:20:55 +00:00
Tusooa Zhu
dfd6c96808 Fix SideEffectsTest 2023-06-14 17:20:55 +00:00
Tusooa Zhu
fd38756e92 Do not stream out Announces to public timelines 2023-06-14 17:20:55 +00:00
Tusooa Zhu
5ef7c15d92 Make local-only posts stream in local timeline 2023-06-14 17:18:26 +00:00
Hélène
3227ebf1e1 CommonFixes: more predictable context generation
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2023-06-14 16:22:26 +00:00
XxXCertifiedForkliftDriverXxX
1b560d547a Stop exposing if a user blocks you over the API. 2023-05-28 23:42:27 +02:00
Haelwenn (lanodan) Monnier
70b0f93865 Apply oembed patch 2023-05-26 20:45:57 +01:00
FloatingGhost
8c208f751d Fix filtering out incorrect addresses 2023-05-23 13:46:25 +01:00
FloatingGhost
037f881187 Fix create processing in direct message disabled 2023-05-23 13:16:20 +01:00
FloatingGhost
ab34680554 switch to using an enum system for DM acceptance 2023-05-23 10:29:08 +01:00
FloatingGhost
d310f99d6a Add MRFs for direct message manipulation 2023-05-22 23:53:44 +01:00
floatingghost
f72d773cc3 Merge pull request 'Make UserNote comment default to the empty string.' (#530) from provable_ascent/akkoma:provable_ascent-patch-1 into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/530
2023-05-22 21:33:01 +00:00
provable_ascent
9c4203632d Add user_note_test.exs. 2023-05-12 02:18:24 +00:00
midnight
f1e66b39c7 Return empty string in the event of no detected language 2023-05-08 18:52:19 -04:00
FloatingGhost
b86b3a9e29 Support public key URIs that incomprehensibly have GET args
Fixes #528
2023-04-25 13:30:20 +01:00
FloatingGhost
f2b4e7f86b Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop 2023-04-14 17:56:56 +01:00
FloatingGhost
522221f7fb Mix format 2023-04-14 17:56:34 +01:00
Atsuko Karagi
1fa3c0b485 Remove support for outdated Create format 2023-04-14 17:46:22 +01:00
Atsuko Karagi
d2b0d86471 HTTP signatures respect allowlist federation 2023-04-14 17:46:06 +01:00
floatingghost
8c86a06ed1 Merge pull request 'Remove "default" image description' (#493) from ilja/akkoma:remove_default_image_description into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/493
2023-04-14 16:27:41 +00:00
FloatingGhost
4c9c959bb3 Merge branch 'develop' into frontend-switcher-9000 2023-04-14 16:56:10 +01:00
FloatingGhost
1b2c24a19e fix tests 2023-04-14 15:20:55 +01:00
FloatingGhost
dd44387f1a Add timeline visibility options 2023-03-17 15:33:28 +00:00
FloatingGhost
2c9e02429a mix format 2023-03-15 22:19:52 +00:00
FloatingGhost
9464d50562 Add publicTimelineVisibility to nodeinfo 2023-03-15 22:13:18 +00:00
floatingghost
377d1483b6 Merge pull request 'Apply security patch from pleroma to prevent nested file names being uploaded to the server.' (#507) from foxing/akkoma:foxing-patch-2 into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/507
2023-03-13 00:29:51 +00:00
foxing
3f76de76da Apply Patch 2023-03-12 19:13:56 +00:00
flisk
0c77be9308 don't crash on malformed avatar and banner values
weird values in href will cause base64 encoding to fail later down the
line, so let's make sure the value we're passing on is somewhat sane, or
at the very least a binary

this fixes #482
2023-03-12 18:14:05 +01:00
ilja
6c396fcab4 Remove "default" image description
When no image description is filled in, Pleroma allowed fallbacks.
Those were (based on a setting) either the filename, or a fixed description.
Neither are good options for image descriptions imo, so here we remove this.

Note that there's two tests removed who supposedly tested something else.
But examining closer, they didn't seem to test what they claimed to test,
so I removed them rather than try to "fix" them.
2023-03-12 08:42:33 +01:00