rinpatch
df2608ebf8
Merge branch 'features/staticfe-sanitization' into 'develop'
...
static_fe: Sanitize HTML
Closes #1614
See merge request pleroma/pleroma!2299
5 years ago
Haelwenn (lanodan) Monnier
8176ca9e40
static_fe: Sanitize HTML in users
5 years ago
Haelwenn (lanodan) Monnier
acb016397e
mix.lock: [minor] last hash appended
5 years ago
Haelwenn (lanodan) Monnier
0ac6e29654
static_fe: Sanitize HTML in posts
...
Note: Seems to have different sanitization with TwitterCard generator giving
the following:
<meta content=\"“alert('xss')”\" property=\"twitter:description\">
5 years ago
lain
fa4ec17c84
Merge branch '1560-non-federating-instances-routes-restrictions' into 'develop'
...
[#1560 ] Restricted AP- & OStatus-related routes for non-federating instances
Closes #1560
See merge request pleroma/pleroma!2235
5 years ago
Ivan Tashkinov
7c8003c3fc
[ #1364 ] Improved control over generation / sending of notifications. Fixed blocking / muting users notifications issue. Added tests.
5 years ago
Haelwenn
d84670b9e1
Merge branch 'f' into 'develop'
...
rip out fetch_initial_posts
Closes #1422 and #1595
See merge request pleroma/pleroma!2297
5 years ago
Haelwenn (lanodan) Monnier
dca21cd1d6
test/earmark_renderer_test.exs: Rename from test/earmark_renderer_test.ex
...
Wasn't in the test suite otherwise
5 years ago
Haelwenn
67a27825b1
Merge branch 'fix/rate-limiter-remoteip-behavior' into 'develop'
...
rate limiter: disable based on if remote ip was found, not on if the plug was enabled
Closes #1620
See merge request pleroma/pleroma!2296
5 years ago
rinpatch
e87a32bcd7
rip out fetch_initial_posts
...
Every time someone tries to use it, it goes mad and tries to scrape the
entire fediverse for no visible reason, it's better to just remove it
than continue shipping it in it's current state.
idea acked by lain and feld on irc
Closes #1595 #1422
5 years ago
rinpatch
85ac909160
Merge branch 'bugfix/pleroma_conversation_api' into 'develop'
...
pleroma_api_controller.ex: Improve conversations error reporting
See merge request pleroma/pleroma!2264
5 years ago
Haelwenn (lanodan) Monnier
8f7bc07ebc
pleroma_api_controller.ex: Improve conversations error reporting
...
Related: https://git.pleroma.social/pleroma/pleroma/issues/1594
5 years ago
Ivan Tashkinov
ecb7809e92
Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
...
# Conflicts:
# lib/pleroma/plugs/static_fe_plug.ex
5 years ago
rinpatch
14ebf8f1e5
Merge branch 'update/admin-fe-20200312' into 'develop'
...
Update AdminFE
See merge request pleroma/pleroma!2292
5 years ago
rinpatch
d88c8a9614
Merge branch 'fix/cache-control-headers' into 'develop'
...
Fix Cache Control headers on media
See merge request pleroma/pleroma!2295
5 years ago
rinpatch
6a28c198af
uploaded media plug: do not inject compile-time params on every request
5 years ago
rinpatch
38f796a5c6
Merge branch 'feature/mastofe-admin-scope' into 'develop'
...
auth_controller.ex: Add admin scope to MastoFE
See merge request pleroma/pleroma!2256
5 years ago
rinpatch
4db88242e5
Merge branch 'docs/direct_conversation_id' into 'develop'
...
pleroma_api.md: direct_conversation_id vs. conversation_id
See merge request pleroma/pleroma!2263
5 years ago
Mark Felder
2966377cb9
Update AdminFE
5 years ago
rinpatch
994ac4357c
Merge branch 'fix/hashtags-streaming' into 'develop'
...
Fix hashtags WebSocket streaming
Closes #1593
See merge request pleroma/pleroma!2294
5 years ago
rinpatch
658f30c0b3
Merge branch 'static-accept-missing' into 'develop'
...
Fix static FE plug to handle missing Accept header.
See merge request pleroma/pleroma!2260
5 years ago
rinpatch
fc4496d4fa
rate limiter: disable based on if remote ip was found, not on if the plug was enabled
...
The current rate limiter disable logic won't trigger when the remote ip
is not forwarded, only when the remoteip plug is not enabled, which is
not the case on most instances since it's enabled by default. This
changes the behavior to warn and disable when the remote ip was not forwarded,
even if the RemoteIP plug is enabled.
Also closes #1620
5 years ago
rinpatch
3e0f05f08e
Merge branch 'bugfix/br-vs-newline' into 'develop'
...
Formatting: Do not use \n and prefer <br> instead
Closes #1374 and #1375
See merge request pleroma/pleroma!2204
5 years ago
Mark Felder
c6eb1c1b92
Merge branch 'develop' into fix/cache-control-headers
5 years ago
Mark Felder
7321429a2e
Lint
5 years ago
Mark Felder
3b1b183b42
Synchronize cache-control header for local media with the mediaproxy
5 years ago
Mark Felder
db36b48180
Remove test verifying we preserve cache-control headers; we don't
5 years ago
Mark Felder
470090471d
Fix test to use new cache-control settings
5 years ago
Mark Felder
413177c8f0
Set correct Cache-Control header for local media
5 years ago
Mark Felder
c62195127d
Update comment to reflect what the code is actually doing
5 years ago
Mark Felder
e04e16bbc0
Do not strip Cache-Control headers from media. Trust the Pleroma backend.
5 years ago
Mark Felder
ad31d0726a
Do not trust remote Cache-Control headers for mediaproxy
5 years ago
rinpatch
096c5c52e0
Merge branch 'revert/cache-control' into 'develop'
...
Revert "Set better Cache-Control header for static content"
Closes #1613
See merge request pleroma/pleroma!2290
5 years ago
Egor Kislitsyn
fffc382f13
Fix hashtags WebSocket streaming
5 years ago
Haelwenn (lanodan) Monnier
d1379c4de8
Formatting: Do not use \n and prefer <br> instead
...
It moves bbcode to bbcode_pleroma as the former is owned by kaniini
and transfering ownership wasn't done in a timely manner.
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1374
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1375
5 years ago
Alexander Strizhakov
98ed0d1c4b
more clean up
5 years ago
feld
802b991814
Merge branch 'exclude-posts-visible-to-admin' into 'develop'
...
Exclude private and direct statuses visible to the admin when using godmode
Closes #1599
See merge request pleroma/pleroma!2272
5 years ago
Alexander Strizhakov
39ed608b13
Merge branch 'develop' into gun
5 years ago
Alexander Strizhakov
1306b92997
clean up
5 years ago
Ivan Tashkinov
bd40880fa0
Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions
...
# Conflicts:
# test/web/activity_pub/activity_pub_controller_test.exs
5 years ago
rinpatch
00d1752031
Merge branch 'docs/new_user' into 'develop'
...
CLI_tasks/user.md: Fix `pleroma.user new` documentation
Closes #1621
See merge request pleroma/pleroma!2286
5 years ago
feld
2019f3b3ff
Merge branch 'fix/signup-without-email' into 'develop'
...
Allow account registration without an email
See merge request pleroma/pleroma!2246
5 years ago
rinpatch
7cdabdc0df
Merge branch 'fix/1610-release-compilation-config-fix' into 'develop'
...
Merging default release config on app start
Closes #1610
See merge request pleroma/pleroma!2288
5 years ago
feld
f92c447bbc
Merge branch 'relay-list-change' into 'develop'
...
Relay list shows hosts without accepted follow
See merge request pleroma/pleroma!2240
5 years ago
rinpatch
c3b9fbd3a7
Revert "Set better Cache-Control header for static content"
...
On furher investigation it seems like all that did was cause unintuitive
behavior. The emoji request flood that was the reason for introducing it
isn't really that big of a deal either, since Plug.Static only needs to
read file modification time and size to determine the ETag.
Closes #1613
5 years ago
Alexander Strizhakov
fce090c1de
using Pleroma.Config instead of ets
5 years ago
Alexander Strizhakov
193d67cde5
compile fix
5 years ago
Alexander Strizhakov
282a93554f
merging release default config on app start
5 years ago
Haelwenn (lanodan) Monnier
863ec33ba2
Add support for funkwhale Audio activity
...
reel2bits fixture not included as it lacks the Actor fixture for it.
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1624
Closes: https://git.pleroma.social/pleroma/pleroma/issues/764
5 years ago
Ivan Tashkinov
5b696a8ac1
[ #1560 ] Enforced authentication for non-federating instances in StaticFEController.
5 years ago