Commit graph

1855 commits

Author SHA1 Message Date
lain
40d9d2098c Fix user updating from AP. 2018-11-18 22:15:03 +01:00
lain
cafa15131a Mix format. 2018-11-18 21:41:35 +01:00
lain
4c918392c6 Fix most User tests. 2018-11-18 21:40:52 +01:00
lain
e7cd6e9739 Fix setting of keys. 2018-11-18 19:33:43 +01:00
lain
fc3bcf335e Fix following locked users. 2018-11-18 18:53:50 +01:00
lain
d5af41b577 Fix note count update. 2018-11-18 18:52:21 +01:00
lain
6f90ceb2ed Fix follower count test. 2018-11-18 18:49:17 +01:00
lain
812f5b058a Fix blocking. 2018-11-18 18:40:31 +01:00
lain
756764266c Formatting. 2018-11-18 18:27:04 +01:00
lain
b396dba425 Fix follower count setting. 2018-11-18 18:24:16 +01:00
lain
5c8f07f0a8 Fix note counting. 2018-11-18 18:17:56 +01:00
lain
47d883d3ab Fix User deactivation. 2018-11-18 18:06:02 +01:00
lain
50585d051b Add User.Info module
To validate and mutate the user.info field.
2018-11-18 18:04:42 +01:00
William Pitcock
f6be980f4f activitypub: object view: avoid leaking private details 2018-11-17 22:30:53 +00:00
William Pitcock
98795172a7 ostatus controller: respond with AS2 objects instead of activities to notice URIs 2018-11-17 22:10:15 +00:00
William Pitcock
dfcfb184b1 activitypub: transmogrifier: make deletes secure 2018-11-17 21:22:57 +00:00
William Pitcock
0d1375f274 federator: return :ok or :error depending on if an AP doc was accepted or not 2018-11-17 21:00:37 +00:00
William Pitcock
3d9266a8cb federator: do origin containment when processing inbound messages 2018-11-17 20:43:43 +00:00
William Pitcock
c88533209c activitypub: user fetching: use fetch_and_contain_remote_object_from_id() 2018-11-17 20:16:03 +00:00
William Pitcock
daa8ec3d62 activitypub: factor out AP object fetching to it's own function and add ID-based containment 2018-11-17 20:15:59 +00:00
William Pitcock
603fccf175 activitypub: fetch_object_from_id(): prefer actor over attributedTo to avoid spoofing 2018-11-17 18:17:17 +00:00
kaniini
05967472f2 Merge branch 'feature/uploader-mdii' into 'develop'
Feature / MDII Uploader

See merge request pleroma/pleroma!454
2018-11-17 16:41:09 +00:00
hakabahitoyo
59e079f641 fallbacking into local uploader 2018-11-17 20:16:25 +09:00
hakabahitoyo
8fd0556c78 better config reading 2018-11-17 18:14:42 +09:00
lain
f87b315618 TwitterAPI: Fix dm_timeline displaying only half of the conversation. 2018-11-16 19:47:36 +01:00
lambda
2f639ea129 Merge branch 'feature/pleromafe-usersearch' into 'develop'
Add Twitter / Pleroma API user search

See merge request pleroma/pleroma!452
2018-11-16 18:13:47 +00:00
William Pitcock
c07464607d http security: remove form-action from CSP definitions 2018-11-16 17:40:21 +00:00
lain
e8d8c84f79 Add better test for user search functionlity. 2018-11-16 18:31:32 +01:00
hakabahitoyo
55abd8482e better config 2018-11-16 20:41:12 +09:00
hakabahitoyo
52224de39f better extension detection 2018-11-16 20:22:36 +09:00
hakabahitoyo
4fbfacf5e1 debug 2018-11-15 16:08:55 +09:00
hakabahitoyo
8e707aba29 format 2018-11-15 15:11:59 +09:00
Hakaba Hitoyo
ebe658c169 debuf 2018-11-15 14:46:43 +09:00
Hakaba Hitoyo
698cb3587c omplement mdii uploader 2018-11-15 14:38:45 +09:00
Hakaba Hitoyo
58af0787be add mdii uploader 2018-11-15 14:19:10 +09:00
lain
27aa136aac Format. 2018-11-14 20:41:12 +01:00
lain
7b170cd616 Add Pleroma user search api for PleromaFE. 2018-11-14 20:33:23 +01:00
lambda
cc45797f4e Merge branch 'fix-media-proxy-filename' into 'develop'
media_proxy: use path only to retrieve filename

See merge request pleroma/pleroma!450
2018-11-14 18:17:10 +00:00
kaniini
69d557e86d Merge branch 'twitter-api-direct-messages' into 'develop'
Twitter api direct messages

See merge request pleroma/pleroma!449
2018-11-14 08:52:08 +00:00
href
f52a1d1ec5
media_proxy: use path only to retrieve filename 2018-11-13 23:41:33 +01:00
lain
ea9a776d7b TwitterApi: Add direct message endpoint 2018-11-13 20:08:50 +01:00
lain
2cf40237ff MastodonAPI: Add pagination to private messages. 2018-11-13 19:46:34 +01:00
href
9b553a1087
media_proxy: CSP, content-disposition
* Adds CSP headers to the media proxy endpoint

* Sends `content-disposition: attachment; …` for non-image/video/audio
content types

The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.

* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)
2018-11-13 15:58:02 +01:00
shibayashi
87c76a9a2f
Add __Host- prefix when secure flag is enabled 2018-11-13 00:32:38 +01:00
scarlett
0ce5623134 Merge branch 'twitter-api-null-display-name' into 'develop'
Twitter API: Fall back to user.nickname if user has no name

Closes #375

See merge request pleroma/pleroma!444
2018-11-12 17:08:54 +00:00
scarlett
cb6fd73861 Twitter API: Fall back to user.nickname if user has no name 2018-11-12 15:52:13 +00:00
kaniini
54923c2e55 Merge branch 'feature/csp-plug' into 'develop'
migrate CSP management to CSPPlug

See merge request pleroma/pleroma!441
2018-11-12 15:30:42 +00:00
William Pitcock
2829fa4183 sample config: chase http_security change 2018-11-12 15:17:04 +00:00
William Pitcock
ee5932a504 http security: allow referrer-policy to be configured 2018-11-12 15:14:46 +00:00
William Pitcock
fe67665e19 rename CSPPlug to HTTPSecurityPlug. 2018-11-12 15:08:02 +00:00