Commit graph

1727 commits

Author SHA1 Message Date
Laura Hausmann
04fa6bef15
[backend] Improved http signature verification checks
This fixes an edge case where federation with split domain instances could fail.
2023-10-21 22:39:03 +02:00
Laura Hausmann
97c733dd72
[backend] Add cache for resolveMentionToUserAndProfile 2023-10-20 20:20:49 +02:00
Laura Hausmann
544b5a1678
[backend] Use a semaphore around populateMentions
This fixes a user-generated DoS payload for giant webring-style trees of mentions in user bios that could cause backend stalls.
2023-10-20 20:16:01 +02:00
Laura Hausmann
5c7a663320
[backend] Remove nsfw detection / tensorflow 2023-10-18 23:18:00 +02:00
Laura Hausmann
6b45b7019c
[backend] Enable authorized fetch by default for new instances
This does not affect existing instances.
2023-10-18 19:19:05 +02:00
Laura Hausmann
8b699248af
[backend] Fix mention host fallback 2023-10-18 17:20:46 +02:00
Laura Hausmann
4748f30214
[mastodon-client] Prevent updateUserInBackground from running excessively 2023-10-18 13:20:20 +02:00
Laura Hausmann
062d256a67
[backend] Update user profile mentions in background 2023-10-18 13:02:13 +02:00
Laura Hausmann
32d471803c
[mastodon-client] Recurse one last time for reblogged quotes in NoteConverter.encode 2023-10-18 01:42:14 +02:00
Laura Hausmann
b48594ef68
[mastodon-client] Switch to isQuote for detecting quotes 2023-10-18 01:30:10 +02:00
Laura Hausmann
44fb31ab13
[mastodon-client] Use new backend service for user (profile) updates
This fixes profile updates not immediately federating when edited through the Mastodon client API.
2023-10-18 00:56:49 +02:00
Laura Hausmann
d42a1eeb63
[backend] Clean up unnecessary code in resolve-user 2023-10-18 00:09:53 +02:00
Laura Hausmann
998bb1ae08
[mastodon-api] Only wait up to 1500 ms for mentions to update on /accounts/update_credentials 2023-10-18 00:03:45 +02:00
Laura Hausmann
b8bd0c9f3b
[backend] Use correct capitalization when rendering mentions 2023-10-17 22:36:28 +02:00
Laura Hausmann
4920b0c768
[backend] Federate outgoing invalid mentions as text 2023-10-17 20:53:36 +02:00
Laura Hausmann
5dcd4c4fff
[mastodon-client] Skip invalid mentions 2023-10-17 20:36:07 +02:00
Laura Hausmann
eadf9acdc3
[backend] Generate VAPID keys during meta bootstrap 2023-10-17 18:45:11 +02:00
Laura Hausmann
6ffe09709e
[backend] Fix error images configuration load 2023-10-17 01:20:58 +02:00
Erin Shepherd
0c9c04f89d
[backend] Refetch user keys when HTTP Signature validation fails
If a user has had a key rotation, and nobody on this server follows
that user, we will not receive the Update activity with the new key

Therefore, when we encounter key validation errors we should check
for an up-to-date key.

References (other implementations):

 * [Mastodon](fc9ab61448/app/controllers/concerns/signature_verification.rb (L96))
 * [Akkoma](https://akkoma.dev/AkkomaGang/http_signatures/src/branch/main/lib/http_signatures/http_signatures.ex#L46)
2023-10-17 00:52:51 +02:00
Laura Hausmann
092462d3a9
[mastodon-client] Add content_type to /statuses/:id/source 2023-10-17 00:45:33 +02:00
Laura Hausmann
2830953862
[mastodon-client] Rework quote rendering 2023-10-17 00:25:24 +02:00
Laura Hausmann
775d8f6e3a
[mastodon-client] Return fqn field for accounts 2023-10-16 23:45:03 +02:00
Laura Hausmann
9c4466035e
[mastodon-client] Set class=hashtag for tags in mfm-to-html 2023-10-16 23:42:18 +02:00
Laura Hausmann
4a6d010724
[mastodon-client] Return text/x.misskeymarkdown as supported_mime_types in /v1/instance 2023-10-16 23:23:25 +02:00
Laura Hausmann
97176e00f9
[mastodon-client] Return content_type for statuses 2023-10-16 23:21:01 +02:00
Laura Hausmann
c64f6b6db6
[backend] Fix populateMentions remote filter 2023-10-16 01:41:14 +02:00
Laura Hausmann
3cdf9eee94
[mastodon-client] Update mentions in background on /i/update 2023-10-16 00:54:57 +02:00
Laura Hausmann
34376b0718
[mastodon-client] Also refresh user profile data on /accounts/:id 2023-10-15 23:22:00 +02:00
Laura Hausmann
7c7c6a09a2
[mastodon-client] Refresh user profile data on /accounts/lookup 2023-10-15 23:13:58 +02:00
Laura Hausmann
75c9873796
[backend] Update user profile mentions on createPerson and updatePerson 2023-10-15 22:34:20 +02:00
Laura Hausmann
82e0ef7414
[backend] Add mentions column to user_profile table 2023-10-15 21:57:59 +02:00
Laura Hausmann
bc08d8c92b
[mastodon-client] Ignore capitalization for hashtag timeline 2023-10-15 21:57:56 +02:00
Laura Hausmann
4176ac20ac
[backend] Fix an old migration 2023-10-15 21:57:55 +02:00
Laura Hausmann
7af7f1c175
[backend] Make constraint creations in ResyncWithOrm migration idempotent too 2023-10-14 21:09:47 +02:00
Laura Hausmann
5f49d62817
[backend] Make index creations in ResyncWithOrm migration idempotent too 2023-10-14 20:59:43 +02:00
Laura Hausmann
f90607146d
[backend] Make ResyncWithOrm migration idempotent 2023-10-14 20:52:12 +02:00
Laura Hausmann
fe165dd4d3
[backend] Cache mention uri in resolveMentionWithFallback 2023-10-14 17:45:59 +02:00
Laura Hausmann
c0d7ecf5c3
[backend] Actually resolve with objectHost 2023-10-14 17:40:06 +02:00
Laura Hausmann
8719a6922e
[backend] More mentions fixes 2023-10-14 17:11:21 +02:00
Laura Hausmann
588a39f17a
[backend] Don't refresh user data in resolveMentionWithFallback 2023-10-14 16:57:04 +02:00
Laura Hausmann
ce29c1dce2
[mastodon-client] Use improved mention parsing in mfm-to-html 2023-10-14 16:48:49 +02:00
Laura Hausmann
349f770166
[backend] Actually try to resolve unknown mentions in mfm-to-html 2023-10-14 16:39:24 +02:00
Laura Hausmann
72f048a24d
[backend] Parse incorrectly formatted mentions in from-html 2023-10-14 16:12:22 +02:00
Laura Hausmann
c02747116d
[backend] Fix typo 2023-10-14 15:37:28 +02:00
Laura Hausmann
b33ca93195
[backend] Fix resync-with-orm migration
Due to a previously missing constraint there could be references to deleted users in the renote_muting table, this cleans that up.
2023-10-14 15:35:52 +02:00
Laura Hausmann
0261a666f1
[backend] Resync migrations with TypeORM
It appears people have been writing manual migrations for a while now, often containing errors that create duplicate or unused indicies, unique constraints on primary key columns, and so on. This commit resolves these, so migrations can be autogenerated again from now on.
2023-10-14 15:23:35 +02:00
Laura Hausmann
c7e0659cfb
[mastodon-client] Fix handling of long redirect URIs in the oauth_token table 2023-10-14 14:41:49 +02:00
Laura Hausmann
e5dc89c1cb
[mastodon-client] Fix type hints in AuthHelpers 2023-10-14 14:07:10 +02:00
Laura Hausmann
7b951f76ed
[mastodon-client] Add additional fields to /v1/apps response
This is undocumented under https://docs.joinmastodon.org/entities/Application/ but some apps expect it anyway.
2023-10-14 13:55:03 +02:00
Laura Hausmann
c46ea29ba3
[mastodon-client] Fix streaming API url
This fixes a regression where some clients were unable to connect to the streaming API.
The /mastodon suffix was previously removed in other parts of the code as too many clients didn't respect it, however it was not removed here, leaving clients that do respect it are unable to connect.
2023-10-14 13:30:31 +02:00
Laura Hausmann
2192d5c668
[mastodon-client] Fix long redirect URIs 2023-10-14 03:22:21 +02:00
Laura Hausmann
d049de2935
[mastodon-client] Fix scopes parsing error in auth helper 2023-10-14 00:58:54 +02:00
Laura Hausmann
1c2b914164
[mastodon-client] Switch from MiAuth to OAuth 2023-10-14 00:19:10 +02:00
Laura Hausmann
b5393e41d0
[mastodon-client] Add support for public:allow_local_only stream 2023-10-13 23:54:55 +02:00
Laura Hausmann
f14b3cec97
[backend] Automatically generate vapid/web-push keys
Co-authored-by: Johann150 (563f3672a9)
2023-10-13 19:23:36 +02:00
Laura Hausmann
1927151aed
[baackend] Move migrations to typescript 2023-10-13 18:44:25 +02:00
Laura Hausmann
ef14e0221b
[backend] Ignore capitalization for remoteuserinfo in mfm-to-html 2023-10-13 02:20:55 +02:00
Laura Hausmann
da5939d1d6
[mastodon-client] Proper user search autocomplete 2023-10-12 21:46:34 +02:00
Laura Hausmann
0e39313ac4
[mastodon-client] Correctly parse invalid remote mentions 2023-10-12 21:39:18 +02:00
Laura Hausmann
0616edffa8
[mastodon-client] Return edit history in correct order 2023-10-12 20:51:35 +02:00
Laura Hausmann
5e61be286c
[mastodon-client] Add max_toot_chars to /v1/instance 2023-10-12 19:27:37 +02:00
Laura Hausmann
ef98c86958
[backend] Correctly return selected protocol for streaming API
This fixes compatibility with mastodon webclients in Google Chrome & derivatives
2023-10-12 17:59:41 +02:00
Laura Hausmann
f843453ca0
[backend] Only render trailing slashes for URLs in profile fields when explicitly specified 2023-10-12 17:07:54 +02:00
Laura Hausmann
9167ba593c
[mastodon-client] Omit paragraph tags for user profile fields 2023-10-12 16:29:48 +02:00
Laura Hausmann
8c93f7eb68
[backend] Format urls in outgoing AP messages properly 2023-10-12 16:01:07 +02:00
Laura Hausmann
19f8c0aafc
[mastodon-client] Improve mfm-to-html handling of links 2023-10-12 15:52:41 +02:00
Laura Hausmann
9f8e1e5579
[mastodon-client] Don't duplicate quote uri if it's already in the note text 2023-10-12 00:29:18 +02:00
Laura Hausmann
44c70df1a6
[mastodon-client] Fix mentions in user bios 2023-10-12 00:23:20 +02:00
Laura Hausmann
1ff5102e34
[backend] Format mentions in outgoing AP messages properly 2023-10-12 00:10:53 +02:00
Laura Hausmann
be28fae40f
[mastodon-client] Fix code block rendering
This doesn't work in all clients, but it works in more than the previous solution & matches what glitch-soc is doing.
2023-10-11 23:58:03 +02:00
Laura Hausmann
8d7d95fd23
[backend] Permit redirects for AP object lookups 2023-10-11 20:59:30 +02:00
Laura Hausmann
695528bed7
[mastodon-client] Log note lookup failures with logger instead of console 2023-10-11 19:55:26 +02:00
Laura Hausmann
1fdea9866a
[mastodon-client] Only display localpart for mentions in mfm-to-html 2023-10-11 19:15:56 +02:00
Laura Hausmann
f5c6cba3a6
[mastodon-client] Correctly render remote mentions of local users 2023-10-11 19:15:32 +02:00
Laura Hausmann
73895e856c
[mastodon-client] Don't return 'next' link pagination header when there are not more results
This fixes clients like toot! showing ghost users
2023-10-11 18:33:33 +02:00
Laura Hausmann
c1354ee5e7
[mastodon-client] Don't return reactions with count=0 2023-10-11 02:36:38 +02:00
Laura Hausmann
4717cc85b5
[mastodon-client] Use execQueryLinkPagination in more places 2023-10-11 01:45:52 +02:00
Laura Hausmann
fef807a165
[mastodon-client] Fix link pagination prev attribute when minId is set 2023-10-11 01:26:29 +02:00
Laura Hausmann
3204bd9d18
[mastodon-client] Fix link pagination middleware oversight 2023-10-11 01:26:29 +02:00
Laura Hausmann
a0adea70f5
[mastodon-client] Improve streaming api isMastodon check 2023-10-09 22:20:44 +02:00
Laura Hausmann
878970d318
[mastodon-client] Implement streaming API 2023-10-09 01:59:19 +02:00
Laura Hausmann
01e6f7edbb
[mastodon-client] Respect ffVisibility for follower/following counts 2023-10-08 02:42:50 +02:00
Laura Hausmann
db95d9a7f3
[mastodon-client] Fix polls param 2023-10-08 01:41:25 +02:00
Laura Hausmann
0f17691f00
[mastodon-client] GET /v1/accounts/search 2023-10-08 01:30:40 +02:00
Laura Hausmann
c7d62223ef
[mastodon-client] Ignore invalid auth requests 2023-10-08 01:13:02 +02:00
Laura Hausmann
4d6111d1a4
[mastodon-client] Fix handling of empty tagged param in getUserStatuses 2023-10-08 01:09:30 +02:00
Laura Hausmann
b3c186a14a
[mastodon-client] Only encode renote once in NoteConverter 2023-10-08 01:00:16 +02:00
Laura Hausmann
23a1114c02
[mastodon-client] Implement glitch reactions 2023-10-08 00:47:35 +02:00
Laura Hausmann
9d24f8aea5
[mastodon-client] Remove ID conversion
BREAKING: Please log out and log back in of any clients in use, as their cache is now invalid
2023-10-07 23:15:14 +02:00
Laura Hausmann
011d7f36c3
[mastodon-client] Set ctx.pagination in helper funcs 2023-10-07 22:05:58 +02:00
Laura Hausmann
cc96b0ba72
[mastodon-client] Use ctx instead of ctx.user as arguments everywhere 2023-10-07 21:46:22 +02:00
Laura Hausmann
79c3e56989
[mastodon-client] Fully move cache into ctx 2023-10-07 20:29:58 +02:00
Laura Hausmann
8428f2efc4
[mastodon-client] Actually enforce NoteConverter.encode recursion prevention 2023-10-07 20:09:17 +02:00
Laura Hausmann
1cdeff9861
[mastodon-client] Generate pagination data in helper function
This also (finally) respects minId sort order.
2023-10-07 20:02:03 +02:00
Laura Hausmann
2899873b26
[mastodon-client] Use MastoApiError everywhere 2023-10-07 19:50:06 +02:00
Laura Hausmann
cfd53259cb
[mastodon-client] Return emojis field for polls 2023-10-07 19:39:01 +02:00
Laura Hausmann
8bec41b554
[mastodon-client] Accept both types and exclude_types at the same time in GET /v1/notifications
This ensures compatibility with Mastodon for Android and its forks
2023-10-07 19:17:51 +02:00
Laura Hausmann
98fe5b3a54
[mastodon-client] Prevent duplicate reblogs 2023-10-07 17:34:22 +02:00
Laura Hausmann
47d9278eae
[mastodon-client] Return IdentifiableError ID if message is empty 2023-10-07 17:30:49 +02:00
Laura Hausmann
f36515a221
[mastodon-client] Fix error when liking the same status twice 2023-10-07 17:27:45 +02:00