William Pitcock
cd13fa17fd
html: allow scrubbing policies to be stackable
6 years ago
William Pitcock
342ed84446
MRF: add policy for normalizing HTML markup (local and remote) to a specific policy
6 years ago
William Pitcock
95376ac1fe
html: add the ability to override the default scrub policy
6 years ago
kaniini
c2650f0ffb
Merge branch 'feature/html-scrub-policy' into 'develop'
...
html scrub policy
See merge request pleroma/pleroma!339
6 years ago
shadowfacts
39aed5348a
Add visible_in_picker to status emojis
6 years ago
William Pitcock
d3248e13e3
activitypub: transmogrifier: allow profile updates from bots
6 years ago
William Pitcock
e0b8c0ccba
MRF: reject non-public: use pattern match to remove unnecessary if block
6 years ago
William Pitcock
88094c266d
MRF: simple policy: refactor module to use guards and pattern matching
6 years ago
William Pitcock
97253df3ee
MRF: simple policy: contain media removal/nsfw ops to create activities only
6 years ago
William Pitcock
e82ce2a4b3
formatting
6 years ago
William Pitcock
358f88e10a
html: allow inline images by default (because of custom emoji)
6 years ago
William Pitcock
40e2f6e500
html: add default scrubbing profile and configuration knobs
6 years ago
William Pitcock
ac486fc59b
everywhere: use Pleroma.HTML module instead of HtmlSanitizeEx directly
6 years ago
William Pitcock
255f46d7ab
html: new module providing a configurable markup scrubbing policy
6 years ago
Dominique Feyer
801d645c6b
TASK: Fix formatting
6 years ago
Dominique Feyer
b79c126ee0
Add missing URL encoding in create authorization redirect
6 years ago
Hakaba Hitoyo
4e1bb7bccb
make limit for /api/v1/suggestions
6 years ago
lambda
045953225e
Merge branch 'moonman/pleroma-sha512-crypt' into 'develop'
...
auth overhaul and legacy GS auth
See merge request pleroma/pleroma!331
6 years ago
kaniini
530561a091
Merge branch 'add-secure-and-samesite-cookie-flags' into 'develop'
...
Add Secure and SameSite cookie flags
See merge request pleroma/pleroma!302
6 years ago
kaniini
3e4f39116b
Merge branch 'feature/custom_media_url' into 'develop'
...
[Pleroma.Uploaders.Local]: Add configuration for custom url path
See merge request pleroma/pleroma!318
6 years ago
Martin Kühl
c1d07da4e1
Mastodon API: Fake support for loading filters
6 years ago
Martin Kühl
619f67768a
Mastodon API: Add unsupported attributes to relationship responses
...
These attributes are documented as required by the Mastodon API.
Since we don’t support them (I think?), respond with default values.
6 years ago
lain
70163aec9b
Add LegacyAuthenticationPlug to router.
6 years ago
lain
44b094908c
Update legacy passwords automatically.
6 years ago
lain
3aba585e7a
Add Plugs to router.
6 years ago
lain
e601165426
Add UserEnabledPlug.
6 years ago
lain
5ce1ebb179
Add SetUserSessionIdPlug.
6 years ago
Haelwenn
4a3dbd9d4e
Merge branch 'fix/sign-in-with-toot' into 'develop'
...
Fix sign-in and sign-out with Toot!
See merge request pleroma/pleroma!306
6 years ago
lain
636ad3e155
Add new plugs to router.
6 years ago
lain
12bc73dd28
Add EnsureUserKeyPlug, smaller fixes
6 years ago
lain
32465b9939
Simplify AuthenticationPlug
6 years ago
lain
9a96c93be7
Add SessionAuthenticationPlug.
6 years ago
lain
a3f54fca4d
Add LegacyAuthenticationPlug
6 years ago
lain
3cf17dc402
Add EnsureAuthenticatedPlug
6 years ago
lain
faf5347748
Add UserFetcherPlug.
6 years ago
lain
42bd985e66
Add BasicAuthDecoderPlug
6 years ago
Moon Man
8b020e03a6
change cond to if else
6 years ago
Moon Man
1a8bc26e52
auth against sha512-crypt password hashes, upgrade to pbkdf2
6 years ago
kaniini
76c67a41c1
Merge branch 'develop' into 'feature/staff-discovery-api'
...
# Conflicts:
# lib/pleroma/web/nodeinfo/nodeinfo_controller.ex
6 years ago
William Pitcock
9a21ff5f61
nodeinfo: add staffAccounts field to metadata
6 years ago
kaniini
1c9e539b47
Merge branch 'feature/mastodon_api_2.4.x' into 'develop'
...
Add/Fix Mastodon endpoints for 2.4.3 compatibility
See merge request pleroma/pleroma!266
6 years ago
Hakaba Hitoyo
b1124f1605
report chat and gopher support at /nodeinfo/2.0.json
6 years ago
William Pitcock
b61430163b
user: add moderator_user_query()
6 years ago
kaniini
7ca2a2ddea
Merge branch 'nil-bio-emojis' into 'develop'
...
add nil clause for Formatter.get_emoji/1 to return an empty result
Closes #274
See merge request pleroma/pleroma!315
6 years ago
shadowfacts
35515cfa66
Update mastodon_api_controller.ex
6 years ago
shadowfacts
26f8697400
Update mastodon_api_controller.ex
6 years ago
shadowfacts
2b2bd0e047
Render notification IDs as strings, not numbers
6 years ago
Thurloat
4257f784bc
sloop around get_emoji/1 to check is_binary and have a fallthrough
...
default that returns empty
6 years ago
Haelwenn (lanodan) Monnier
754deb26dd
[Pleroma.Uploaders.Local]: Add configuration for custom url path
...
One use-case being an external caching proxy
6 years ago
kaniini
b7923aa304
Merge branch 'hotfix_broken_likes' into 'develop'
...
hotfix for broken like completely breaking the notifications API
See merge request pleroma/pleroma!284
6 years ago
William Pitcock
834515fb51
formatter: don't add XSS emoji
6 years ago
kaniini
3c7280934e
Merge branch 'security/activitypub-spoofing' into 'develop'
...
security: activitypub spoofing
See merge request pleroma/pleroma!321
6 years ago
William Pitcock
03e92977cb
transmogrifier: fix peertube/plume actor handling
6 years ago
William Pitcock
0b2c051a04
activitypub: fix possibility of spoofing by containing remote objects to the same domain as their actor
6 years ago
William Pitcock
e2ce0e9e05
run `mix format`.
6 years ago
Martin Kühl
84d84e4ca4
OAuth: Support /revoke endpoint for revoking tokens
...
(for compatibility with Mastodon)
6 years ago
Martin Kühl
ad2a7972e7
OAuth: Set `created_at` in token exchange response
...
(for compatibility with Mastodon)
6 years ago
Martin Kühl
b60d232719
AccountView: `sensitive` is supposed to be a boolean, not a string
6 years ago
William Pitcock
c921d99898
config: add ability to disable Pleroma FE config management ( closes #276 )
6 years ago
kaniini
2e2f458705
Merge branch 'lanodan/code-dup_in_mastoapi_search' into 'develop'
...
Clean code duplication in MastoAPI search(v1/v2)
See merge request pleroma/pleroma!316
6 years ago
Will Pearson
0c2a0e3551
Specify default scope in verify_credentials
...
Certain Mastodon/Pleroma front ends call verify_credentials to get the
default scope of a new toot.
Currently, Pleroma hardcodes this value to "public".
This patch changes it to the user's default_scope value.
6 years ago
Haelwenn (lanodan) Monnier
8885d16e1b
[Pleroma.Web.MastodonAPI.MastodonAPIController].search(2)?: Remove code duplication
6 years ago
Thurloat
a9c0f395cb
add nil clause for Formatter.get_emoji/1 to return an empty result
6 years ago
lambda
58539e1357
Revert "Merge branch 'feature/rich-text' into 'develop'"
...
This reverts merge request !309
6 years ago
William Pitcock
856b5e1ca4
config: chase pleroma-fe updates from MR pleroma-fe!324.
6 years ago
kaniini
a26d5e6b2a
Merge branch 'feature/rich-text' into 'develop'
...
rich text support
See merge request pleroma/pleroma!309
6 years ago
William Pitcock
6aa65b68b8
common api: add support for formatting messages outside of twitter-style plain text
6 years ago
kaniini
e838969495
Merge branch 'use-media-proxy-in-suggestions-api' into 'develop'
...
use media proxy for the suggestions api
See merge request pleroma/pleroma!305
6 years ago
kaniini
65e8d47cfb
Merge branch 'backendhack' into 'develop'
...
Flexible Storage Backends
See merge request pleroma/pleroma!304
6 years ago
Thurloat
adffad5502
increase uploader behaviour documentation accuracy.
6 years ago
Thurloat
af01f0196a
Add backend failure handling with :ok | :error so the uploader can handle it.
...
defaulting to :ok, since that's the currently level of error handling.
6 years ago
William Pitcock
29b5e30c46
activity: drop recipients_to/recipients_cc fields
6 years ago
William Pitcock
de9acebbf3
activitypub: use jsonb query for containment instead of recipients_to/recipients_cc.
6 years ago
href
ddc6f32b75
Fix Mastodon API when actor's nickname is null
6 years ago
William Pitcock
cce9d008f9
streamer: contain list updates in the same way as we do with the database query
6 years ago
William Pitcock
ded9091206
mastodon api: use bounded AP object graph query to enforce containment of private statuses
6 years ago
William Pitcock
643fae6e36
activitypub: allow querying the activity/object graph bounded to a specific to/cc set
6 years ago
William Pitcock
81673b8136
activity: add recipients_to and recipients_cc fields
6 years ago
Thurloat
2ff25ac0ce
A hobbldey-working swift client.
...
apparently, all elixir openstack libraries are trash
luckily, the APIs are stupid easy.
6 years ago
Thurloat
9fc20ed572
works now, tested with profile photo upload on local backend.
6 years ago
Thurloat
dad39b24a1
add the behaviour, work on actually making it work.
6 years ago
shibayashi
18ad8aaecf
Explicitly set 'http_only' to true
6 years ago
Thurloat
8d2d7a8859
Implement uploader behaviour
...
run formatter <#
6 years ago
shibayashi
4656a07e9e
Set SameSite flag to 'Strict'
6 years ago
Hakaba Hitoyo
6cbfb5ab5d
use media proxy for suggestions api
6 years ago
Thurloat
0df558a6a5
cleaning up a bit.
6 years ago
Thurloat
709816a0f8
example of flexible storage backends
6 years ago
William Pitcock
d22f66655b
upload: formatting
6 years ago
William Pitcock
1596185ac6
upload: add the S3 support itself
6 years ago
William Pitcock
86c007ddd2
upload: strip exif data before finalizing the file path
6 years ago
shibayashi
0c4493f144
Fix formatting
6 years ago
shibayashi
b9a642da1e
Add Secure and SameSite cookie flags
6 years ago
Henry Jameson
0f1c629d65
better solution, added test.
6 years ago
Haelwenn (lanodan) Monnier
6973b77e94
[Pleroma.Web.MastodonAPI.FilterView] fix expires_at being a unsafe variable
6 years ago
Haelwenn (lanodan) Monnier
9bddb39ff0
[Pleroma.Web.MastodonAPI.FilterView]: expires_at should be null when N/A
6 years ago
Haelwenn (lanodan) Monnier
d571a571fe
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.4.3
6 years ago
Haelwenn (lanodan) Monnier
6e030129fb
[MastodonAPI] Add filters
6 years ago
Haelwenn (lanodan) Monnier
a5adb251ab
[Pleroma.Web.MastodonAPI.AccountView]: Add fields support
6 years ago
Haelwenn (lanodan) Monnier
d008f2d69c
[Pleroma.Web.MastodonAPI.AccountView]: Add bot field
6 years ago
Haelwenn (lanodan) Monnier
97e20d2932
[MastodonAPI] the tag field isn’t fixed to a static type in pleroma
6 years ago