rinpatch
29ff6d414b
HTTP security plug: Harden img-src and media-src when MediaProxy is enabled
4 years ago
rinpatch
455a402c8a
HTTP Security plug: rewrite &csp_string/0
...
- Directives are now separated with ";" instead of " ;",
according to https://www.w3.org/TR/CSP2/#policy-parsing
the space is optional
- Use an IO list, which at the end gets converted to a binary as
opposed to ++ing a bunch of arrays with binaries together and joining
them to a string. I doubt it gives any significant real world advantage,
but the code is cleaner and now I can sleep at night.
- The static part of csp is pre-joined to a single binary at compile time.
Same reasoning as the last point.
4 years ago
rinpatch
8f6d428880
AccountView: Use mediaproxy URLs for emojis
...
Also use atom keys in emoji maps instead of binaries
Closes #1810
4 years ago
rinpatch
78c46fb7ba
MediaProxy test: use config macros instead of directly putting values
...
They were not properly cleaned later and caused trouble for another tests
4 years ago
kPherox
48fd9be65a
Exclude post actor from to of relay announce
4 years ago
rinpatch
d35be02e70
Merge branch 'refactor-add-mention-step-one' into 'develop'
...
Fix ObjectView calling into strange functions
Closes #1807
See merge request pleroma/pleroma!2580
4 years ago
rinpatch
91f73a7592
Merge branch 'notification-fixes' into 'develop'
...
Notification performance fixes
See merge request pleroma/pleroma!2595
4 years ago
lain
73f222d76a
Migrations: Make user_id index on notifications better for query.
4 years ago
Alexander Strizhakov
047a11c48f
Apply suggestion to lib/pleroma/web/admin_api/controllers/admin_api_controller.ex
4 years ago
Egor Kislitsyn
c6290be682
Fix typo
4 years ago
lain
b8e029b5ea
Notification: Actually preload objects.
4 years ago
lain
b9e2678b9e
Merge branch 'fav-speedup' into 'develop'
...
ActivityPub: Change ordering to `nulls last` in favorites query
See merge request pleroma/pleroma!2594
4 years ago
lain
7e13200869
ActivityPub: Change ordering to `nulls last` in favorites query
...
This makes it use our existing index and speeds up the query.
4 years ago
Alexander Strizhakov
3249141588
validate actor type
4 years ago
rinpatch
cf139b06a3
Merge branch 'fav-speedup' into 'develop'
...
Fix favorites query performance
See merge request pleroma/pleroma!2591
4 years ago
rinpatch
3601c0015c
Merge branch '1808-pleroma-sucks' into 'develop'
...
Resolve "Don't fail message ingestions when we can't update a user"
Closes #1808
See merge request pleroma/pleroma!2576
4 years ago
rinpatch
5ad28ff405
Merge branch 'apps-index' into 'develop'
...
Migrations: Add index on client_id and client_secret for apps.
See merge request pleroma/pleroma!2589
4 years ago
rinpatch
ed08da9135
Merge branch '1813-throttling' into 'develop'
...
Mastodon API Controllers: Use the correct params for rate limiting.
Closes #1813
See merge request pleroma/pleroma!2586
4 years ago
lain
d8d99fd4cf
Activity.Queries: Use correct actor restriction.
4 years ago
lain
acba7043be
Migrations: Add index on client_id and client_secret for apps.
...
Greatly speeds up app lookup.
4 years ago
lain
5083558ecd
Merge branch 'restore-new-image' into 'develop'
...
Config: Restore old new background image
See merge request pleroma/pleroma!2588
4 years ago
lain
337ca33e5e
Config: Restore old new background image
...
Became lost in a settings restructure
4 years ago
lain
b233c8e55c
Merge branch 'fix/oban-warnings' into 'develop'
...
Fix Oban warnings
See merge request pleroma/pleroma!2587
4 years ago
Egor Kislitsyn
2069ec5006
Fix Oban warnings
4 years ago
lain
51bc6674f6
Mastodon API Controllers: Use the correct params for rate limiting.
4 years ago
Egor Kislitsyn
fca48154a2
Add AdminAPI.InviteView
4 years ago
Egor Kislitsyn
2a4f965191
Add OpenAPI spec for AdminAPI.InviteTokenController
4 years ago
Egor Kislitsyn
95ebfb9190
Move invite actions to AdminAPI.InviteTokenController
4 years ago
lain
644195e31e
Merge branch '1501-include-unlisted-posts-in-user-feed' into 'develop'
...
[#1501 ] Made user feed contain public and unlisted activities
Closes #1501
See merge request pleroma/pleroma!2584
4 years ago
Alexander Strizhakov
8f08384d80
another view for account in admin-fe status_show
4 years ago
lain
c8803965af
Merge branch 'skip-crypt-test' into 'develop'
...
Skip failing `:crypt` test on mac
See merge request pleroma/pleroma!2583
4 years ago
Ivan Tashkinov
d7a57004ef
[ #1501 ] Made user feed contain public and unlisted activities.
4 years ago
Egor Kislitsyn
e32b7ae044
Skip failing `:crypt` test on mac
4 years ago
Egor Kislitsyn
0ba1f2631a
Add OpenAPI spec for AdminAPI.OAuthAppContoller
4 years ago
lain
09d8b9cb55
Merge branch '1471-tuning-advice' into 'develop'
...
Docs: Document reasonable Postgres settings.
See merge request pleroma/pleroma!2581
4 years ago
lain
af3568a6d9
Docs: sql -> SQL
4 years ago
lain
f7cb3f4cfc
Apply suggestion to docs/installation/otp_en.md
4 years ago
lain
dbd07d29a3
Streamer: Don't crash on streaming chat notifications
4 years ago
lain
2c25087d20
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remake-remodel-dms
4 years ago
lain
6a85fe1f9d
Docs: Document reasonable Postgres settings.
4 years ago
lain
6bd7070b00
Transmogrifier: Use a simpler way to get mentions.
4 years ago
lain
5fef405208
User: Change signature of get_users_from_set
4 years ago
Egor Kislitsyn
cbcd592300
Add OpenAPI spec for AdminAPI.RelayController
4 years ago
lain
f20dff451e
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into 1808-pleroma-sucks
4 years ago
lain
6783d544b2
Merge branch 'flaky-tests' into 'develop'
...
Flaky tests
See merge request pleroma/pleroma!2578
4 years ago
lain
5d5db7e5b7
StealEmojiPolicyTest: Clean up.
4 years ago
lain
2dff376041
StealEmojiPolicyTest: Fix flaky test.
4 years ago
lain
ee35bb5ac2
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into remake-remodel-dms
4 years ago
lain
aeb0875025
StealEmojiPolicyTest: Fix flaky test.
4 years ago
lain
ec470c4c77
Merge branch 'openapi/admin/status' into 'develop'
...
Add OpenAPI spec for AdminAPI.StatusController
See merge request pleroma/pleroma!2566
4 years ago