Commit graph

2036 commits

Author SHA1 Message Date
Hélène
fb3f6e1975
EmojiReactValidator: use new qualification method 2022-07-25 16:49:23 +02:00
Hélène
388bbc4978
EmojiReactValidator: fix emoji qualification
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.

This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.

This commit contains changes to tests proposed by lanodan.

Co-authored-by: Haelwenn <contact+git.pleroma.social@hacktivis.me>
2022-07-24 13:36:06 +02:00
Haelwenn
cfb21d011f Revert "Merge branch 'fix/emoji-react-qualification' into 'develop'"
This reverts merge request !3684
2022-07-22 23:19:49 +00:00
Haelwenn (lanodan) Monnier
eba1666575 AttachmentValidator: fix_media_type/1 fallback to application/octet-stream 2022-07-22 20:30:45 +02:00
Haelwenn (lanodan) Monnier
be98900904 ArticleNotePageValidator: Fix when attachments are a Map (ie. owncast) 2022-07-22 20:30:45 +02:00
Haelwenn
454f892f37 Merge branch 'fix/emoji-react-qualification' into 'develop'
EmojiReactValidator: fix emoji qualification

See merge request pleroma/pleroma!3684
2022-07-21 17:45:47 +00:00
Haelwenn
a15b45a589 Merge branch 'bugfix/mime-validation-no-list' into 'develop'
Bugfix: Validate mediaType only by it's format

See merge request pleroma/pleroma!3597
2022-07-03 21:04:41 +00:00
Hélène
11f9f2ef27
EmojiReactValidator: fix emoji qualification
Tries fully-qualifying emoji when receiving them, by adding the emoji
variation sequence to the received reaction emoji.

This issue arises when other instance software, such as Misskey, tries
reacting with emoji that have unqualified or minimally qualified
variants, like a red heart. Pleroma only accepts fully qualified emoji
in emoji reactions, and refused those emoji. Now, Pleroma will attempt
to properly qualify them first, and reject them if checks still fail.
2022-06-28 21:33:57 +02:00
Hélène
a74ce2d77a
StealEmojiPolicy: fix String rejected_shortcodes
* rejected_shortcodes is defined as a list of strings in the
  configuration description. As such, database-based configuration was
  led to handle those settings as strings, and not as the actually
  expected type, Regex.
* This caused each message passing through this MRF, if a rejected
  shortcode was set and the emoji did not exist already on the instance,
  to fail federating, as an exception was raised, swiftly caught and
  mostly silenced.
* This commit fixes the issue by introducing new behavior: strings are
  now handled as perfect matches for an emoji shortcode (meaning that if
  the emoji-to-be-pulled's shortcode is in the blacklist, it will be
  rejected), while still supporting Regex types as before.
2022-05-18 21:25:10 +02:00
Haelwenn
4605efe272 Merge branch 'improve_anti_followbot_policy' into 'develop'
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy

Closes #2561

See merge request pleroma/pleroma!3498
2022-05-08 18:10:40 +00:00
Ilja
a8093732bd Also use actor_type to determine if an account is a bot in antiFollowbotPolicy 2022-05-08 18:10:40 +00:00
Tusooa Zhu
57c030a0a7 Skip cache when /objects or /activities is authenticated
Ref: fix-local-public
2022-05-06 10:23:26 +02:00
Haelwenn (lanodan) Monnier
83338c25a5 Transmogrifier: Use validating regex for "mediaType" 2022-03-17 22:37:26 +01:00
Haelwenn (lanodan) Monnier
030183b35f AttachmentValidator: Use custom ecto type and regex for "mediaType" 2022-03-17 22:37:26 +01:00
Sean King
17aa3644be
Copyright bump for 2022 2022-02-25 23:11:42 -07:00
marcin mikołajczak
f8f2a17754 Birthdays: Fix outgoing federation of birth dates
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-02-01 12:00:26 +01:00
Alex Gleason
3bf257171f
ForceMentionsInContent: improve display of Markdown posts 2022-01-27 14:15:06 -06:00
Alex Gleason
27cb3d6273
ForceMentionsInContent: don't apply it to top-level posts 2022-01-26 21:24:26 -06:00
bot
a4de79ced0 ForceBotUnlistedPolicy: fix to stop unlisting my posts >:( 2022-01-26 22:53:02 +00:00
Alex Gleason
0604b0dd09
ForceMentionsInContent: don't mention self 2022-01-25 12:33:47 -06:00
Alex Gleason
0f4e0e667e Merge branch 'recipients-inline' into 'develop'
ForceMentionsInContent: wrap mentions in a span, fix the formatting

See merge request pleroma/pleroma!3620
2022-01-25 17:43:39 +00:00
Alex Gleason
65b4d2ce84
ForceMentionsInContent: fix order of mentions 2022-01-25 10:42:34 -06:00
Alex Gleason
267184b70e
ForceMentionsInContentTest: return mentions in a not terrible format 2022-01-24 20:03:43 -06:00
Alex Gleason
c5a20c80c4
ForceMentionsInContent: simplify finding users 2022-01-24 19:44:44 -06:00
Alex Gleason
d5644a52aa
ForceMentionsInContent: wrap inline mentions with span tag 2022-01-24 19:11:45 -06:00
Alex Gleason
1bbc701a3a
ForceMentionsInContent: use to instead of tag 2022-01-24 19:11:14 -06:00
marcin mikołajczak
0266bc3c96 Birthdays: hide_birthday -> show_birthday
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-23 09:13:33 +01:00
Alex Gleason
aaa9314f4c
Merge remote-tracking branch 'origin/develop' into birth-dates 2022-01-22 14:24:50 -06:00
Alex Gleason
66e8c6f90f
Birthdays: birth_date --> birthday 2022-01-22 13:21:55 -06:00
Alex Gleason
6ffe43af70 Merge branch 'private-pins' into 'develop'
Support private pinned posts from Mastodon

See merge request pleroma/pleroma!3611
2022-01-20 23:18:24 +00:00
marcin mikołajczak
88c21b9282 Support private pinned posts from Mastodon
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-20 12:35:32 +01:00
rinpatch
a02cfd7f52 Add ForceMentionsInContentPolicy
Even though latest PleromaFE supports displaying these properly, mobile
apps still exist, so I think we should offer a workaround to those who
want it.
2022-01-19 21:04:57 +03:00
marcin mikołajczak
c180f9276f check if remote bday is valid
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-19 17:19:28 +01:00
marcin mikołajczak
b108b05650 Birth dates, birthday reminders API, allow instance admins to require minimum age
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-01-18 14:57:48 +01:00
marcin mikołajczak
de006443f0 MastoAPI: Profile directory 2021-12-26 02:35:17 +00:00
Alex Gleason
d9746ae4cb Merge branch 'from/develop/tusooa/2802-propagate-reject' into 'develop'
Handle Reject for already-accepted Follows properly

Closes #2766 and #2802

See merge request pleroma/pleroma!3568
2021-12-23 16:00:16 +00:00
Alex Gleason
df5359aa72 Merge branch 'replies-count' into 'develop'
Fix replies count for remote replies

See merge request pleroma/pleroma!3541
2021-12-19 17:36:25 +00:00
Tusooa Zhu
3d41ccc47b
Allow updating accepted follow activities in Web.ActivityPub.Utils.update_follow_state_for_all/2
Mastodon uses the Reject activity also for the purpose of removing
a follower, in addition to reject a follow request. We should
also update the original Follow activity in this case.
2021-12-17 14:17:51 -05:00
Alex Gleason
2c96668a2c
Merge remote-tracking branch 'origin/develop' into fix-attachment-dimensions 2021-12-07 13:41:54 -05:00
Alex Gleason
3f03d71ea6
AttachmentValidator: ingest width and height 2021-12-07 12:59:03 -05:00
Lain Soykaf
ca8c676867 Linting. 2021-12-07 12:12:23 -05:00
Finn Behrens
8af53101fb move result into with guard 2021-12-07 09:18:53 +01:00
marcin mikołajczak
d64d1b1d45 Fix replies count for remote replies
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2021-11-23 11:31:09 +01:00
lain
e2772d6bf1 Merge branch 'block-behavior' into 'develop'
Configurable block visibility, fixes #2123

Closes #2123

See merge request pleroma/pleroma!3242
2021-11-15 14:27:59 +00:00
Haelwenn (lanodan) Monnier
23e91ec8dd activity_pub_controller: Fix misleading debug warning in post_inbox_fallback 2021-11-10 01:11:35 +01:00
Haelwenn (lanodan) Monnier
23161526d4 object_validators: Group common fields in CommonValidations
Notes:
- QuestionValidator didn't have a :name field but that seems like a mistake
- `_fields` functions can't inherit others because of some Validators
- bto/bcc fields were absent in activities, also seems like a mistake
  (Well IIRC we don't or barely support bto/bcc anyway)
2021-10-10 02:50:06 +02:00
Haelwenn (lanodan) Monnier
a17910a6c6
CI: Bump lint stage to elixir-1.12
Elixir 1.12 changed formatting rules, this allows to avoid having to rollback to run `mix format`
2021-10-06 08:11:05 +02:00
Ilja
20084329ea
Selecting MRF policies didn't work as intended any more
* Policies were put under a new module (Pleroma.Web.ActivityPub.MRF.Policy instead of Pleroma.Web.ActivityPub.MRF), but this wasn't changed in the Pleroma.Web.ActivityPub.MRF @mrf_config_descriptions
* I don't have a unit test to prevent similar problems in the future because I don't find a proper way to do it
    * The descriptions in the unit tests are defined in the unit tests, so if someone changes module names in the code, the tests wont see it
    * The list is generated in Pleroma.Docs.Generator.list_behaviour_implementations, but I can't do a check in the when clause of the function to see if the provided module is a behaviour or not.

Backport of: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3509
2021-08-28 18:27:58 +02:00
Sam Therapy
09c42ce13e
Add Admin-FE menu for StealEmojiPolicy
Backport of: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3512
2021-08-28 18:21:59 +02:00
Haelwenn
bc62a35282 Merge branch 'features/ingestion-no-nil' into 'develop'
ObjectValidator.stringify_keys: filter out nil values

See merge request pleroma/pleroma!3506
2021-08-28 16:07:35 +00:00