Ariadne Conill
739bbe0d3b
security: detect object containment violations at the IR level
...
It is more efficient to check for object containment violations at the IR
level instead of in the protocol handlers. OStatus containment is especially
a tricky situation, as the containment rules don't match those of IR and
ActivityPub.
Accordingly, we just always do a final containment check at the IR level
before the object is added to the IR object graph.
5 years ago
Moonman
f98f7ad1b9
detect and use sha512-crypt for stored password hash.
5 years ago
kaniini
93701c3399
Merge branch 'chore/remove-cc-by-nc-nd-license' into 'develop'
...
remove CC-BY-NC-ND license.
See merge request pleroma/pleroma!1415
5 years ago
Ariadne Conill
26f265fb0e
remove CC-BY-NC-ND license.
...
we moved branding assets (mascot etc) to CC-BY-SA a while back.
5 years ago
kaniini
cef4337f95
Merge branch 'bugfix/llal-object-containment' into 'develop'
...
Object.Fetcher: Handle error on Containment.contain_origin/2
See merge request pleroma/pleroma!1414
5 years ago
Haelwenn (lanodan) Monnier
2592934480
Object.Fetcher: Keep the with-do block as per kaniini proposition
5 years ago
Haelwenn (lanodan) Monnier
a2c601acb5
FetcherTest: Containment refute called(OStatus.fetch_activity_from_url)
5 years ago
Haelwenn (lanodan) Monnier
e1c08a67d6
Object.Fetcher: Fallback to OStatus only if AP actually fails
5 years ago
kaniini
1589b170e8
Merge branch 'feature/1072-muting-notifications' into 'develop'
...
Feature/1072 muting notifications
Closes #1072
See merge request pleroma/pleroma!1398
5 years ago
Alexander Strizhakov
e7c39b7ac8
Feature/1072 muting notifications
5 years ago
Haelwenn (lanodan) Monnier
40d0a198e2
Object.Fetcher: Handle error on Containment.contain_origin/2
5 years ago
Haelwenn (lanodan) Monnier
f00562ed6b
HttpRequestMock: Add 404s on OStatus fetching for info.pleroma.site
5 years ago
Haelwenn (lanodan) Monnier
efa9a13d4e
HttpRequestMock: Add missing mocks for object containment tests
5 years ago
kaniini
9f211838ec
Merge branch 'rich_media_parsers_configurable' into 'develop'
...
parsers configurable
See merge request pleroma/pleroma!1400
5 years ago
Alex S
7af27c143d
changelog & docs
5 years ago
Alex S
f4447d82b8
parsers configurable
5 years ago
rinpatch
0c2dcb4c69
Add follow information refetching after following/unfollowing
5 years ago
rinpatch
183da33e00
Add tests for fetch_follow_information_for_user and check object type
...
when fetching the page
5 years ago
Maxim Filippov
418ae6638d
Merge branch 'develop' into feature/admin-api-user-statuses
5 years ago
Maxim Filippov
a9459ff98f
Admin API: Endpoint for fetching latest user's statuses
5 years ago
rinpatch
d06d1b751d
Use atoms when updating user info
5 years ago
rinpatch
e5b850a991
Refactor fetching follow information to a separate function
5 years ago
kaniini
592411e4fe
Merge branch 'feature/mrf-transparency-filter' into 'develop'
...
nodeinfo: implement MRF transparency exclusions
See merge request pleroma/pleroma!1412
5 years ago
Ariadne Conill
0cc638b968
docs: note that exclusions usage will be included in the transparency metrics if used
5 years ago
Ariadne Conill
80c46d6d8b
nodeinfo: implement MRF transparency exclusions
5 years ago
rinpatch
e8fa477793
Refactor Follows/Followers counter syncronization
...
- Actually sync counters in the database instead of info cache (which got
overriden after user update was finished anyway)
- Add following count field to user info
- Set hide_followers/hide_follows for remote users based on http status
codes for the first collection page
5 years ago
kaniini
f4c001062e
Merge branch '1041-status-actions-rate-limit' into 'develop'
...
Rate-limited status actions (per user and per user+status).
Closes #1041
See merge request pleroma/pleroma!1410
5 years ago
Ivan Tashkinov
d72876c57d
[ #1041 ] Minor refactoring.
5 years ago
Ivan Tashkinov
b74d11e20a
[ #1041 ] Added documentation on existing rate limiters.
5 years ago
Haelwenn
9497d14f09
Merge branch 'fix/hackney-global-options' into 'develop'
...
Merge the default options with custom ones in ReverseProxy and Pleroma.HTTP and workaround for remote server certificate chain issues
See merge request pleroma/pleroma!1409
5 years ago
Ivan Tashkinov
369e9bb42f
[ #1041 ] Rate-limited status actions (per user and per user+status).
5 years ago
rinpatch
29ffe81c2e
Add a changelog entry for tolerating incorrect chain order
5 years ago
Haelwenn
02cdedbf9f
Merge branch 'fix/ap-hide-follows' into 'develop'
...
ActivityPub Controller: Change how hiding follows/followers is represented
See merge request pleroma/pleroma!1406
5 years ago
rinpatch
fa7e0c4262
Workaround for remote server certificate chain issues
5 years ago
rinpatch
b001b8891a
Merge the default options with custom ones in ReverseProxy and
...
Pleroma.HTTP
5 years ago
rinpatch
f40004e746
Add changelog entries for follower/following collection behaviour changes
5 years ago
rinpatch
095117a58c
Merge branch 'develop' into fix/ap-hide-follows
5 years ago
rinpatch
97b79efbcd
ActivityPub Controller: Actually pass for_user to following/followers
...
views and give 403 errors when trying to request hidden follower pages
when unauthenticated
5 years ago
Sachin Joshi
f8e3ae6154
try to always match the filename for proxy url
5 years ago
kaniini
5999780e82
Merge branch 'tests/web_metadata' into 'develop'
...
Pleroma.Web.Metadata - tests
See merge request pleroma/pleroma!1401
5 years ago
Maksim
92055941bd
Pleroma.Web.Metadata - tests
5 years ago
rinpatch
1f6ac7680d
ActivityPub User view: Following/Followers refactoring
...
- Render the collection items if the user requesting == the user
rendered
- Do not render the first page if hide_{followers,follows} is set, just
give the URI to it
5 years ago
kaniini
71cc0d5c17
Merge branch 'fix/pleroma-extensions' into 'develop'
...
Move new endpoints to pleroma namespace in Mastodon API
See merge request pleroma/pleroma!1404
5 years ago
Mark Felder
360e4cdaa2
Move these to pleroma namespace in Mastodon API
5 years ago
rinpatch
27ed260eed
AP user view: Add a test for hiding totalItems in following/followers
5 years ago
kaniini
b6567c9f4e
Merge branch 'url-parser-proxy' into 'develop'
...
preserve the original path/filename (no encoding/decoding) for proxy
See merge request pleroma/pleroma!1403
5 years ago
Sachin Joshi
6a6c4d134b
preserve the original path/filename (no encoding/decoding) for proxy
5 years ago
Roman Chvanikov
0384459ce5
Update mix.lock
5 years ago
Roman Chvanikov
eae991b06a
merge develop
5 years ago
kaniini
db75288b71
Merge branch 'search-limit-offset-type' into 'develop'
...
Add account_id, type, limit, and offset to GET /api/v1/search and /api/v2/search
See merge request pleroma/pleroma!1386
5 years ago