akkoma
6 years agofederator: return :ok or :error depending on if an AP doc was accepted or not
William Pitcock [Sat, 17 Nov 2018 21:00:37 +0000 (21:00 +0000)]
federator: return :ok or :error depending on if an AP doc was accepted or not

6 years agofederator: do origin containment when processing inbound messages
William Pitcock [Sat, 17 Nov 2018 20:43:43 +0000 (20:43 +0000)]
federator: do origin containment when processing inbound messages

6 years agotests: add a test to verify the general fake direction protection works in all cases
William Pitcock [Sat, 17 Nov 2018 20:31:20 +0000 (20:31 +0000)]
tests: add a test to verify the general fake direction protection works in all cases

6 years agotests: add a testcase for user collision
William Pitcock [Sat, 17 Nov 2018 20:20:45 +0000 (20:20 +0000)]
tests: add a testcase for user collision

6 years agoactivitypub: user fetching: use fetch_and_contain_remote_object_from_id()
William Pitcock [Sat, 17 Nov 2018 20:13:38 +0000 (20:13 +0000)]
activitypub: user fetching: use fetch_and_contain_remote_object_from_id()

6 years agotests: add tests for contain_origin_from_id()
William Pitcock [Sat, 17 Nov 2018 20:07:49 +0000 (20:07 +0000)]
tests: add tests for contain_origin_from_id()

6 years agoactivitypub: factor out AP object fetching to it's own function and add ID-based...
William Pitcock [Sat, 17 Nov 2018 20:02:02 +0000 (20:02 +0000)]
activitypub: factor out AP object fetching to it's own function and add ID-based containment

6 years agoMerge branch 'security/actor-containment' into 'develop'
lambda [Sat, 17 Nov 2018 18:33:09 +0000 (18:33 +0000)]
Merge branch 'security/actor-containment' into 'develop'

security hotfix: actor containment

See merge request pleroma/pleroma!460

6 years agotests: add a second spoofing variant
William Pitcock [Sat, 17 Nov 2018 18:24:58 +0000 (18:24 +0000)]
tests: add a second spoofing variant

6 years agoactivitypub: fetch_object_from_id(): prefer `actor` over `attributedTo` to avoid...
William Pitcock [Sat, 17 Nov 2018 18:17:17 +0000 (18:17 +0000)]
activitypub: fetch_object_from_id(): prefer `actor` over `attributedTo` to avoid spoofing

6 years agotest: fix more test defects
William Pitcock [Sat, 17 Nov 2018 18:16:55 +0000 (18:16 +0000)]
test: fix more test defects

6 years agotests: add additional spoofing tests
William Pitcock [Sat, 17 Nov 2018 18:12:11 +0000 (18:12 +0000)]
tests: add additional spoofing tests

6 years agotransmogrifier tests: fix defective spoofing test
William Pitcock [Sat, 17 Nov 2018 18:11:31 +0000 (18:11 +0000)]
transmogrifier tests: fix defective spoofing test

6 years agotest: httpoison mock: add second spoofing activity test
William Pitcock [Sat, 17 Nov 2018 17:42:47 +0000 (17:42 +0000)]
test: httpoison mock: add second spoofing activity test

6 years agoMerge branch 'feature/uploader-mdii' into 'develop'
kaniini [Sat, 17 Nov 2018 16:41:09 +0000 (16:41 +0000)]
Merge branch 'feature/uploader-mdii' into 'develop'

Feature / MDII Uploader

See merge request pleroma/pleroma!454

6 years agofallbacking into local uploader
hakabahitoyo [Sat, 17 Nov 2018 11:16:25 +0000 (20:16 +0900)]
fallbacking into local uploader

6 years agobetter config reading
hakabahitoyo [Sat, 17 Nov 2018 09:14:42 +0000 (18:14 +0900)]
better config reading

6 years agoMerge branch 'bugfix/dm-timeline-scope' into 'develop'
kaniini [Fri, 16 Nov 2018 23:34:43 +0000 (23:34 +0000)]
Merge branch 'bugfix/dm-timeline-scope' into 'develop'

TwitterAPI: Fix dm_timeline displaying only half of the conversation.

See merge request pleroma/pleroma!457

6 years agoTwitterAPI: Fix dm_timeline displaying only half of the conversation.
lain [Fri, 16 Nov 2018 18:47:36 +0000 (19:47 +0100)]
TwitterAPI: Fix dm_timeline displaying only half of the conversation.

6 years agoMerge branch 'feature/pleromafe-usersearch' into 'develop'
lambda [Fri, 16 Nov 2018 18:13:47 +0000 (18:13 +0000)]
Merge branch 'feature/pleromafe-usersearch' into 'develop'

Add Twitter / Pleroma API user search

See merge request pleroma/pleroma!452

6 years agoMerge branch 'bugfix/csp-remove-form-action' into 'develop'
kaniini [Fri, 16 Nov 2018 17:47:22 +0000 (17:47 +0000)]
Merge branch 'bugfix/csp-remove-form-action' into 'develop'

http security: remove form-action from CSP definitions

Closes #379

See merge request pleroma/pleroma!456

6 years agohttp security: remove form-action from CSP definitions
William Pitcock [Fri, 16 Nov 2018 17:40:21 +0000 (17:40 +0000)]
http security: remove form-action from CSP definitions

6 years agoAdd better test for user search functionlity.
lain [Fri, 16 Nov 2018 17:31:32 +0000 (18:31 +0100)]
Add better test for user search functionlity.

6 years agoMerge branch 'fix/test' into 'develop'
lambda [Fri, 16 Nov 2018 15:52:38 +0000 (15:52 +0000)]
Merge branch 'fix/test' into 'develop'

Reset http security settings to fix plug test

See merge request pleroma/pleroma!455

6 years agoReset http security settings to fix plug test
AkiraFukushima [Fri, 16 Nov 2018 15:45:21 +0000 (00:45 +0900)]
Reset http security settings to fix plug test

6 years agobetter config
hakabahitoyo [Fri, 16 Nov 2018 11:41:12 +0000 (20:41 +0900)]
better config

6 years agobetter extension detection
hakabahitoyo [Fri, 16 Nov 2018 11:22:36 +0000 (20:22 +0900)]
better extension detection

6 years agodebug
hakabahitoyo [Thu, 15 Nov 2018 07:08:55 +0000 (16:08 +0900)]
debug

6 years agoformat
hakabahitoyo [Thu, 15 Nov 2018 06:11:59 +0000 (15:11 +0900)]
format

6 years agodebuf
Hakaba Hitoyo [Thu, 15 Nov 2018 05:46:43 +0000 (14:46 +0900)]
debuf

6 years agoomplement mdii uploader
Hakaba Hitoyo [Thu, 15 Nov 2018 05:38:45 +0000 (14:38 +0900)]
omplement mdii uploader

6 years agoadd mdii uploader
Hakaba Hitoyo [Thu, 15 Nov 2018 05:19:10 +0000 (14:19 +0900)]
add mdii uploader

6 years agoMerge remote-tracking branch 'official/develop' into develop
Hakaba Hitoyo [Thu, 15 Nov 2018 05:04:09 +0000 (14:04 +0900)]
Merge remote-tracking branch 'official/develop' into develop

6 years agoRevert "update pleroma frontend"
Hakaba Hitoyo [Thu, 15 Nov 2018 05:03:52 +0000 (14:03 +0900)]
Revert "update pleroma frontend"

This reverts commit 025301546702a6fe9167e49453c3a9b44607fb75.

6 years agoFormat.
lain [Wed, 14 Nov 2018 19:41:12 +0000 (20:41 +0100)]
Format.

6 years agoAdd Pleroma user search api for PleromaFE.
lain [Wed, 14 Nov 2018 19:33:23 +0000 (20:33 +0100)]
Add Pleroma user search api for PleromaFE.

6 years agoMerge branch 'fix-media-proxy-filename' into 'develop'
lambda [Wed, 14 Nov 2018 18:17:10 +0000 (18:17 +0000)]
Merge branch 'fix-media-proxy-filename' into 'develop'

media_proxy: use path only to retrieve filename

See merge request pleroma/pleroma!450

6 years agoMerge branch 'update/pleroma-fe-20181114' into 'develop'
kaniini [Wed, 14 Nov 2018 16:10:27 +0000 (16:10 +0000)]
Merge branch 'update/pleroma-fe-20181114' into 'develop'

update pleroma frontend

See merge request pleroma/pleroma!451

6 years agoupdate pleroma frontend
William Pitcock [Wed, 14 Nov 2018 16:08:22 +0000 (16:08 +0000)]
update pleroma frontend

6 years agoMerge branch 'twitter-api-direct-messages' into 'develop'
kaniini [Wed, 14 Nov 2018 08:52:08 +0000 (08:52 +0000)]
Merge branch 'twitter-api-direct-messages' into 'develop'

Twitter api direct messages

See merge request pleroma/pleroma!449

6 years agomedia_proxy: use path only to retrieve filename
href [Tue, 13 Nov 2018 22:41:33 +0000 (23:41 +0100)]
media_proxy: use path only to retrieve filename

6 years agoTwitterApi: Add direct message endpoint
lain [Tue, 13 Nov 2018 19:08:50 +0000 (20:08 +0100)]
TwitterApi: Add direct message endpoint

6 years agoMastodonAPI: Add pagination to private messages.
lain [Tue, 13 Nov 2018 18:46:34 +0000 (19:46 +0100)]
MastodonAPI: Add pagination to private messages.

6 years agoMerge branch 'media-proxy-safety' into 'develop'
lambda [Tue, 13 Nov 2018 15:15:05 +0000 (15:15 +0000)]
Merge branch 'media-proxy-safety' into 'develop'

media_proxy: CSP, content-disposition

See merge request pleroma/pleroma!448

6 years agomedia_proxy: CSP, content-disposition
href [Tue, 13 Nov 2018 14:58:02 +0000 (15:58 +0100)]
media_proxy: CSP, content-disposition

* Adds CSP headers to the media proxy endpoint

* Sends `content-disposition: attachment; …` for non-image/video/audio
content types

The default list can be overwritten with `:media_proxy,
:safe_content_types` in the configuration.

* Also now appends the filename to the proxy URL (fixes some mobile apps,
it was requested a while ago)

6 years agoMerge branch 'security/cookie-hardening' into 'develop'
lambda [Tue, 13 Nov 2018 13:23:04 +0000 (13:23 +0000)]
Merge branch 'security/cookie-hardening' into 'develop'

Add __Host- prefix when secure flag is enabled

See merge request pleroma/pleroma!446

6 years agoMerge branch 'add-MIX_ENV-to-systemd-example' into 'develop'
lambda [Tue, 13 Nov 2018 12:24:29 +0000 (12:24 +0000)]
Merge branch 'add-MIX_ENV-to-systemd-example' into 'develop'

Add MIX_ENV=prod to systemd example file

See merge request pleroma/pleroma!445

6 years agoMerge branch 'whalebird' into 'develop'
lambda [Tue, 13 Nov 2018 12:22:41 +0000 (12:22 +0000)]
Merge branch 'whalebird' into 'develop'

Add Whalebird as a client application in README

See merge request pleroma/pleroma!447

6 years agoAdd __Host- prefix when secure flag is enabled
shibayashi [Mon, 12 Nov 2018 23:32:38 +0000 (00:32 +0100)]
Add __Host- prefix when secure flag is enabled

6 years agoAdd MIX_ENV=prod
shibayashi [Mon, 12 Nov 2018 22:01:06 +0000 (23:01 +0100)]
Add MIX_ENV=prod

6 years agoMerge branch 'twitter-api-null-display-name' into 'develop'
scarlett [Mon, 12 Nov 2018 17:08:54 +0000 (17:08 +0000)]
Merge branch 'twitter-api-null-display-name' into 'develop'

Twitter API: Fall back to user.nickname if user has no name

Closes #375

See merge request pleroma/pleroma!444

6 years agoTwitter API: Add tests for nil names.
scarlett [Mon, 12 Nov 2018 16:40:34 +0000 (16:40 +0000)]
Twitter API: Add tests for nil names.

6 years agoAdd Whalebird as a client application in README
AkiraFukushima [Mon, 12 Nov 2018 16:02:49 +0000 (01:02 +0900)]
Add Whalebird as a client application in README

6 years agoTwitter API: Fall back to user.nickname if user has no name
scarlett [Mon, 12 Nov 2018 15:38:39 +0000 (15:38 +0000)]
Twitter API: Fall back to user.nickname if user has no name

6 years agoMerge branch 'feature/csp-plug' into 'develop'
kaniini [Mon, 12 Nov 2018 15:30:42 +0000 (15:30 +0000)]
Merge branch 'feature/csp-plug' into 'develop'

migrate CSP management to CSPPlug

See merge request pleroma/pleroma!441

6 years agosample config: chase http_security change
William Pitcock [Mon, 12 Nov 2018 15:17:04 +0000 (15:17 +0000)]
sample config: chase http_security change

6 years agohttp security: allow referrer-policy to be configured
William Pitcock [Mon, 12 Nov 2018 15:14:46 +0000 (15:14 +0000)]
http security: allow referrer-policy to be configured

6 years agorename CSPPlug to HTTPSecurityPlug.
William Pitcock [Mon, 12 Nov 2018 15:08:02 +0000 (15:08 +0000)]
rename CSPPlug to HTTPSecurityPlug.

6 years agoMerge branch 'update-readme' into 'develop'
Haelwenn [Sun, 11 Nov 2018 16:44:04 +0000 (16:44 +0000)]
Merge branch 'update-readme' into 'develop'

Update README.md

See merge request pleroma/pleroma!443

6 years agoUpdate README.md
shibayashi [Sun, 11 Nov 2018 16:31:16 +0000 (17:31 +0100)]
Update README.md

6 years agoMerge branch 'fix-list-streaming' into 'develop'
kaniini [Sun, 11 Nov 2018 13:41:48 +0000 (13:41 +0000)]
Merge branch 'fix-list-streaming' into 'develop'

Mastodon API: Fix list streaming

See merge request pleroma/pleroma!442

6 years agoMastodon API: Fix list streaming
KokaKiwi [Sun, 11 Nov 2018 03:33:14 +0000 (04:33 +0100)]
Mastodon API: Fix list streaming

6 years agoconfig docs: typo fix
William Pitcock [Sun, 11 Nov 2018 07:27:36 +0000 (07:27 +0000)]
config docs: typo fix

6 years agotests: add tests for CSPPlug
William Pitcock [Sun, 11 Nov 2018 07:26:31 +0000 (07:26 +0000)]
tests: add tests for CSPPlug

6 years agoexample configs: kill STS/CT headers
William Pitcock [Sun, 11 Nov 2018 06:56:46 +0000 (06:56 +0000)]
example configs: kill STS/CT headers

6 years agocsp plug: add support for certificate transparency
William Pitcock [Sun, 11 Nov 2018 06:53:42 +0000 (06:53 +0000)]
csp plug: add support for certificate transparency

6 years agocsp plug: add sts support
William Pitcock [Sun, 11 Nov 2018 06:50:28 +0000 (06:50 +0000)]
csp plug: add sts support

6 years agosample config: document how to make CSPPlug send STS headers (off by default to allow...
William Pitcock [Sun, 11 Nov 2018 06:42:14 +0000 (06:42 +0000)]
sample config: document how to make CSPPlug send STS headers (off by default to allow for SSL debugging)

6 years agoconfig: add default parameters for CSPPlug
William Pitcock [Sun, 11 Nov 2018 06:37:18 +0000 (06:37 +0000)]
config: add default parameters for CSPPlug

6 years agoexample configs: remove obsolete CSP configuration
William Pitcock [Sun, 11 Nov 2018 06:12:26 +0000 (06:12 +0000)]
example configs: remove obsolete CSP configuration

6 years agoplugs: add CSPPlug
William Pitcock [Sun, 11 Nov 2018 06:10:21 +0000 (06:10 +0000)]
plugs: add CSPPlug

6 years agoMerge branch 'bugfix/corsplug-config' into 'develop'
kaniini [Sun, 11 Nov 2018 05:49:49 +0000 (05:49 +0000)]
Merge branch 'bugfix/corsplug-config' into 'develop'

properly configure CORSPlug

See merge request pleroma/pleroma!440

6 years agonginx example config: remove CORS headers, now managed by CORSPlug.
William Pitcock [Sun, 11 Nov 2018 05:42:30 +0000 (05:42 +0000)]
nginx example config: remove CORS headers, now managed by CORSPlug.

6 years agoconfig: properly configure CORSPlug.
William Pitcock [Sun, 11 Nov 2018 05:40:55 +0000 (05:40 +0000)]
config: properly configure CORSPlug.

6 years agoMerge branch 'bugfix/oauth-padding' into 'develop'
kaniini [Sun, 11 Nov 2018 05:34:45 +0000 (05:34 +0000)]
Merge branch 'bugfix/oauth-padding' into 'develop'

hotfix: oauth: fix token decode regression

Closes #373

See merge request pleroma/pleroma!439

6 years agooauth: fix token decode regression
William Pitcock [Sun, 11 Nov 2018 05:11:27 +0000 (05:11 +0000)]
oauth: fix token decode regression

6 years agoMerge branch 'bugfix/json-ld-object-sanitization' into 'develop'
lambda [Sat, 10 Nov 2018 12:37:18 +0000 (12:37 +0000)]
Merge branch 'bugfix/json-ld-object-sanitization' into 'develop'

JSON-LD: object sanitization

See merge request pleroma/pleroma!438

6 years agoMerge branch 'feature/documentation' into 'develop'
kaniini [Sat, 10 Nov 2018 12:25:08 +0000 (12:25 +0000)]
Merge branch 'feature/documentation' into 'develop'

Add ex_doc documentation to Pleroma

See merge request pleroma/pleroma!416

6 years agotests: add test for internal data stripping
William Pitcock [Sat, 10 Nov 2018 12:16:10 +0000 (12:16 +0000)]
tests: add test for internal data stripping

6 years agoactivitypub: transmogrifier: sanitize internal representation details from outgoing...
William Pitcock [Sat, 10 Nov 2018 12:08:53 +0000 (12:08 +0000)]
activitypub: transmogrifier: sanitize internal representation details from outgoing objects

this causes JSON-LD parsers to get upset and has also lead to developer confusion from outside
projects which tried to parse our internal data.  accordingly, it seems better to just remove
it.

6 years agolib/mix/tasks: s/@doc/@moduledoc/
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 14:28:50 +0000 (15:28 +0100)]
lib/mix/tasks: s/@doc/@moduledoc/

6 years agolib/mix/tasks/unsubscribe_user.ex: Fix syntax from bad line copy
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 14:26:11 +0000 (15:26 +0100)]
lib/mix/tasks/unsubscribe_user.ex: Fix syntax from bad line copy

6 years agolib/mix/tasks: Add remaining documentation for mix tasks
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 14:21:09 +0000 (15:21 +0100)]
lib/mix/tasks: Add remaining documentation for mix tasks

6 years agoconfig/config.md: Add lines inspired/copied from CONFIGURATION.md
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 13:59:44 +0000 (14:59 +0100)]
config/config.md: Add lines inspired/copied from CONFIGURATION.md

6 years agoREADME.md: Add note about config/config.md
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 13:47:04 +0000 (14:47 +0100)]
README.md: Add note about config/config.md

6 years agoREADME.md: Put the systemd’s .service note to the relevant section
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 13:45:22 +0000 (14:45 +0100)]
README.md: Put the systemd’s .service note to the relevant section

6 years agoREADME.md: Add note for OpenRC
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 13:43:42 +0000 (14:43 +0100)]
README.md: Add note for OpenRC

6 years agoconfig/config.md: scope_options_enabled also addresses subject
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 13:33:05 +0000 (14:33 +0100)]
config/config.md: scope_options_enabled also addresses subject

6 years agoconfig/config.md: Fill all the blanks
Haelwenn (lanodan) Monnier [Thu, 8 Nov 2018 13:27:21 +0000 (14:27 +0100)]
config/config.md: Fill all the blanks

6 years agoconfig/config.md: Complete it [WIP]
Haelwenn (lanodan) Monnier [Fri, 2 Nov 2018 09:32:43 +0000 (10:32 +0100)]
config/config.md: Complete it [WIP]

6 years agoconfig/config.md: Create
Haelwenn (lanodan) Monnier [Fri, 2 Nov 2018 09:13:29 +0000 (10:13 +0100)]
config/config.md: Create

6 years agoDocument the mix tasks in ex_doc instead
Haelwenn (lanodan) Monnier [Fri, 2 Nov 2018 08:32:48 +0000 (09:32 +0100)]
Document the mix tasks in ex_doc instead

6 years agoDocument mix tasks
Haelwenn (lanodan) Monnier [Thu, 12 Jul 2018 23:02:18 +0000 (01:02 +0200)]
Document mix tasks

6 years agoAdd ex_doc
Haelwenn (lanodan) Monnier [Thu, 12 Jul 2018 22:05:05 +0000 (00:05 +0200)]
Add ex_doc

6 years agoactivitypub: object view: sanitize both the activity and the object when an activity...
William Pitcock [Sat, 10 Nov 2018 12:04:09 +0000 (12:04 +0000)]
activitypub: object view: sanitize both the activity and the object when an activity is given for rendering

6 years agoMerge branch 'bugfix/ostatus-as2-reflection' into 'develop'
kaniini [Sat, 10 Nov 2018 11:50:02 +0000 (11:50 +0000)]
Merge branch 'bugfix/ostatus-as2-reflection' into 'develop'

ostatus: only federate activities concerning note objects

See merge request pleroma/pleroma!437

6 years agoMerge branch 'bugfix/local-jsonld-context' into 'develop'
kaniini [Sat, 10 Nov 2018 11:37:44 +0000 (11:37 +0000)]
Merge branch 'bugfix/local-jsonld-context' into 'develop'

Host LitePub JSON-LD context locally

See merge request pleroma/pleroma!435

6 years agoendpoint: move CORSPlug in front of Plug.Static
William Pitcock [Sat, 10 Nov 2018 11:23:50 +0000 (11:23 +0000)]
endpoint: move CORSPlug in front of Plug.Static

6 years agoendpoint: fix formatting
William Pitcock [Sat, 10 Nov 2018 11:18:25 +0000 (11:18 +0000)]
endpoint: fix formatting

6 years agoMerge branch 'tests/prismo-url-map' into 'develop'
kaniini [Sat, 10 Nov 2018 11:17:12 +0000 (11:17 +0000)]
Merge branch 'tests/prismo-url-map' into 'develop'

Test that prismo url-map transforms into a string

See merge request pleroma/pleroma!414