184fa61fb3
plugs: add MappedSignatureToIdentityPlug
5 years ago
18d8d12d53
signature: make key_id_to_actor_id() public
5 years ago
88d064d80e
http signature plug: remove redundant checks handled by HTTPSignatures library
...
the redundant checks assumed a POST request, which will not work for signed GETs.
this check was originally needed because the HTTPSignatures adapter assumed that
the requests were also POST requests. but now, the adapter has been corrected.
5 years ago
f9a0014681
Merge branch 'feature/signed-object-fetches' into 'develop'
...
signed object fetches
See merge request pleroma/pleroma!1446
5 years ago
b6b748d3e7
tests for Uploader with webhook
5 years ago
399acd4c42
fetcher: sign object fetches if configured
5 years ago
1e48af9acf
Merge branch 'feature/instance-fetch-actor' into 'develop'
...
instance fetch service actor
See merge request pleroma/pleroma!1440
5 years ago
60b54ee64a
Merge branch 'feature/http-signatures-keyid' into 'develop'
...
http signatures: derive actor from key IDs
See merge request pleroma/pleroma!1442
5 years ago
f84fb340b7
http signatures: derive actor ID from key ID.
...
Almost all AP servers return their key ID as the actor URI with #main-key
added. Hubzilla, which doesn't, uses a URL which refers to the actor
anyway, so worst case, Hubzilla users get refetched.
5 years ago
4bf2bb9cff
Fix password reset for non-test env
...
Fixes `Plug.Conn.NotSentError` that causes a 5xx error in response
instead of 404 and 400.
Fixes pattern matching error caused by different response format
in test and non-test env: `Pleroma.Emails.Mailer.deliver_async` returns
:ok when PleromaJobQueue is enabled and `{:ok, _}` when it's disabled.
In tests, it's disabled.
5 years ago
cf9cb953d5
activitypub: represent internal fetch actor
5 years ago
d930e5d5c3
activitypub: introduce internal fetch service actor
5 years ago
62e5ff624e
user: add is_internal_user? helper function
5 years ago
0a6f6e1b5b
webfinger: allow resolution of usernames with dots in them (internal actors)
5 years ago
a9d6a12bb3
activitypub: controller: rework the way the relay actor is presented so the code can be reused
5 years ago
4885473be2
user: refactor get_or_create_instance_user() into get_or_create_service_actor_by_id()
5 years ago
ce73d5f6a5
Merge branch 'feature/mention-mrf' into 'develop'
...
Add MRF MentionPolicy for dropping posts which mention specific actors
See merge request pleroma/pleroma!1439
5 years ago
96a2890a9e
Add MRF MentionPolicy for dropping posts which mention specific actors
5 years ago
10f82c88b8
mastoapi password reset
...
added rate limit to password reset
configure rate limit in runtime
5 years ago
21e3f9ac69
added tests for Pleroma.Upload.Filter
5 years ago
889dc17abd
[ #1094 ] Rate-limited follow & unfollow actions.
5 years ago
520ee6c591
Add `pleroma.deactivated` to the Account entity (Mastodon API)
5 years ago
c4ca142e14
Add the `blocked_by` attribute to the relationship API (`GET /api/v1/accounts/relationships`)
5 years ago
70439494af
Fix typo
5 years ago
996fd58ac4
Merge branch 'bugfix/poll-id-as-string' into 'develop'
...
Status View: Poll ids are strings.
See merge request pleroma/pleroma!1430
5 years ago
1ed24bcc76
Status View: Poll ids are strings.
...
All ids in mastodon are strings, in general.
5 years ago
9f987dd017
Merge branch 'match-file-name' into 'develop'
...
try to always match the filename for proxy url
See merge request pleroma/pleroma!1405
5 years ago
b74300bc7a
Add more tests for MastodonAPIController and CommonAPI
5 years ago
33fd4c0ed7
query fix
5 years ago
ee5250ae56
Merge branch 'sha512-crypt' into 'develop'
...
detect and use sha512-crypt for stored password hash.
See merge request pleroma/pleroma!1422
5 years ago
1d906ffa82
Merge branch 'develop' into match-file-name
...
# Conflicts:
# lib/pleroma/web/media_proxy/media_proxy_controller.ex
5 years ago
105f437ce9
formatting
5 years ago
03c4ea44ad
Merge branch 'admin-configure-atom-keys' into 'develop'
...
admin configure - atom keys with leading :
See merge request pleroma/pleroma!1424
5 years ago
c32384c1ea
tests for Pleroma.Signature
5 years ago
c66044b923
atom keys with leading :
5 years ago
de13c9bb8f
List messages must be visible for mentioned users
5 years ago
d86a97abfb
Add an explanation comment to Publisher.publish/2
5 years ago
64a946643e
Merge remote-tracking branch 'pleroma/develop' into feature/addressable-lists
5 years ago
a87c313309
Support `list` visibility in StatusView
5 years ago
fa17879c20
added tests for Web.MediaProxy
5 years ago
dce8ebc9ea
Unfollow should also unsubscribe
5 years ago
739bbe0d3b
security: detect object containment violations at the IR level
...
It is more efficient to check for object containment violations at the IR
level instead of in the protocol handlers. OStatus containment is especially
a tricky situation, as the containment rules don't match those of IR and
ActivityPub.
Accordingly, we just always do a final containment check at the IR level
before the object is added to the IR object graph.
5 years ago
f98f7ad1b9
detect and use sha512-crypt for stored password hash.
5 years ago
cef4337f95
Merge branch 'bugfix/llal-object-containment' into 'develop'
...
Object.Fetcher: Handle error on Containment.contain_origin/2
See merge request pleroma/pleroma!1414
5 years ago
2592934480
Object.Fetcher: Keep the with-do block as per kaniini proposition
5 years ago
e1c08a67d6
Object.Fetcher: Fallback to OStatus only if AP actually fails
5 years ago
e7c39b7ac8
Feature/1072 muting notifications
5 years ago
40d0a198e2
Object.Fetcher: Handle error on Containment.contain_origin/2
5 years ago
f4447d82b8
parsers configurable
5 years ago
80c46d6d8b
nodeinfo: implement MRF transparency exclusions
5 years ago
Ariadne Conill