tusooa
3801c47aaa
Sanitize filenames when uploading
2023-03-08 11:37:09 -06:00
marcin mikołajczak
c6c724cea1
Merge branch 'merge-pleroma' into 'develop'
...
merge pleroma
See merge request soapbox-pub/rebased!229
2023-02-04 22:39:35 +00:00
83bdebcaea
Do not expose privileges for other users
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2023-02-02 21:30:38 +01:00
Alex Gleason
e8f414b3d0
Use WhatsApp user-agent for rich media by default
...
Related https://gitlab.com/soapbox-pub/rebased/-/issues/180
2023-01-21 18:05:53 -06:00
marcin mikołajczak
9e3468c833
Merge branch 'develop' into 'internal-webhooks'
...
# Conflicts:
# lib/pleroma/webhook.ex
2023-01-11 09:58:50 +00:00
a9e3ff9af9
Merge remote-tracking branch 'pleroma/develop' into merge-pleroma
2023-01-10 13:39:39 +01:00
Lain Soykaf
fe00fbfd54
B StripLocation: Add test, work for all svgs.
2023-01-05 11:29:06 -05:00
Dmytro Poltavchenko
5b4962165e
Added SVG to formats not compatible with exiftool
2023-01-05 11:26:57 -05:00
lain
e853cfe7c3
Revert "Merge branch 'copyright-bump' into 'develop'"
...
This reverts merge request !3825
2023-01-02 20:38:50 +00:00
10886eeaa2
Bump copyright year
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2023-01-01 12:13:06 +01:00
0b91bfc047
Merge remote-tracking branch 'soapbox/develop' into merge-pleroma
2022-12-30 21:16:10 +01:00
Atsuko Karagi
08db6765c8
Respect restrict_unauthenticated in /api/v1/accounts/lookup
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-29 23:30:04 +01:00
9a3369f724
Actually fix CSP
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-25 10:04:29 +01:00
Alex Gleason
7796bd4037
Bump version to v3.0
2022-12-24 16:59:22 -06:00
91f311c33f
Try to use the new privileges system for mastodon admin api
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-23 19:49:43 +01:00
e3970f730c
Merge remote-tracking branch 'pleroma/develop' into merge-pleroma
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-23 19:45:55 +01:00
7ee63904ec
Merge remote-tracking branch 'pleroma/develop' into merge-pleroma
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-22 19:20:52 +01:00
Sean King
90681c720d
Make lint happy
2022-12-21 23:40:39 -07:00
Sean King
351b5a9df4
Use crazy hack to finally get pleroma:report notifications not visible after revoking privileges
2022-12-21 23:35:39 -07:00
Sean King
d5d4c7c11d
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into fine_grained_moderation_privileges
2022-12-19 18:48:26 -07:00
lain
c6dff687c0
Merge branch 'from/upstream/develop/tusooa/mrf-updates' into 'develop'
...
MRFs with Updates
See merge request pleroma/pleroma!3808
2022-12-20 00:51:41 +00:00
Sean King
1d95012758
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into fine_grained_moderation_privileges
2022-12-19 17:48:11 -07:00
lain
3dfa009ec3
Merge branch 'develop' into 'fix/2980-rss-feed-generation'
...
# Conflicts:
# CHANGELOG.md
2022-12-19 23:43:23 +00:00
1f981686cd
Allow to enable translations for unauthenticated or disable translating remote content
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-19 23:55:09 +01:00
Mark Felder
72d4d1b392
Fix TwitterCard meta tags
...
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".
Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.
> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]
[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2022-12-19 17:23:12 -05:00
Sean King
c58eb873dd
Fix CommonAPI delete function to use User.privileged? instead of User.superuser?
2022-12-18 22:05:07 -07:00
Sean King
60df2d8a97
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into fine_grained_moderation_privileges
2022-12-18 22:03:48 -07:00
faried nawaz
0f67eab384
remove pub_date() -- use to_rfc2822 instead
...
_tag_activity.xml.eex used activity_content() instead
of activity_description(), and did not escape html properly.
2022-12-19 01:44:46 +05:00
faried nawaz
3f63caee2a
fix: add xmlns:thr for in-reply-to refs
2022-12-19 01:44:46 +05:00
faried nawaz
8d500977a6
fix: feed item title was escaped twice
2022-12-19 01:44:46 +05:00
Mark Felder
f3253c0c6a
Implement RFC2822 timestamp formatting
2022-12-19 01:44:46 +05:00
faried nawaz
3f0783c0a5
fix atom and rss feeds for users and tags
...
Changes:
- make the XML closer to spec (RSS does not pass w3c's validator, but works)
- fix dates (RFC3339 for Atom, doc says RFC822 for RSS but RFC1123 is closer)
- fix attachment/enclosure links (but see below)
- set feed item title to post's "summary" if present
- pruned several elements that validators did not like
- examples: ap_enabled, user banner urls.
Specs:
- https://www.rssboard.org/rss-specification
- https://validator.w3.org/feed/docs/atom.html
- https://www.intertwingly.net/wiki/pie/Rss20AndAtom10Compared
Validators:
- https://validator.w3.org/feed/
- https://rssatom.com/feedvalidator.php
Attachment/enclosure links should have a "length" field (mandatory
according to the spec). This is not present in the object's data
map.
2022-12-19 01:44:41 +05:00
tusooa
a3985aac91
Merge branch 'fix-2856' into 'develop'
...
Uploading an avatar media exceeding max size returns a 413
Closes #2856
See merge request pleroma/pleroma!3804
2022-12-16 16:15:36 +00:00
214e8d7172
Include unspecified variants in target languages list for DeepL
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-16 15:55:28 +01:00
lain
301eb86b35
Merge branch 'update-deps' into 'develop'
...
Update to Phoenix 1.6, Elixir 1.11, and chase dependencies
See merge request pleroma/pleroma!3766
2022-12-16 00:36:59 +00:00
Lain Soykaf
bb27e4134b
AudioVideoValidator: Fix embedded attachment requirements
2022-12-15 18:06:28 -05:00
Lain Soykaf
4a32b584e1
StatusView: Fix warning
2022-12-15 18:02:33 -05:00
Lain Soykaf
9838790a7d
AttachmentValidator: Actually require url
2022-12-15 17:46:20 -05:00
Lain Soykaf
63d00f8123
Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into update-deps
2022-12-15 17:19:36 -05:00
tusooa
2554028097
Make SimplePolicy Update-aware
...
This is inspired by d5828f1c5e
2022-12-15 11:57:45 -05:00
tusooa
dc7efcd08b
Make TagPolicy Update-aware
...
This is inspired by d5828f1c5e
2022-12-15 11:08:24 -05:00
tusooa
62c27e0164
Fix failure when registering a user with no email when approval required
2022-12-14 01:04:42 -05:00
Alex Gleason
63757fd1fa
Approve & confirm users created through the CLI
2022-12-13 17:07:53 -06:00
duponin
9876742358
Return 413 when an actor's banner or background exceeds the size limit
2022-12-11 23:15:08 +01:00
duponin
452595baed
Uploading an avatar media exceeding max size returns a 413
...
Until now it was returning a 500 because the upload plug were going
through the changeset and ending in the JSON encoder, which raised
because struct has to @derive the encoder.
2022-12-11 22:54:47 +01:00
a30ac650bc
Merge remote-tracking branch 'soapbox/develop' into post-languages
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-10 23:17:44 +01:00
8447fbfba2
InstanceView: Move supported languages to pleroma.metadata
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-12-10 21:21:38 +01:00
Haelwenn
204fd6faae
Merge branch 'from/upstream-develop/tusooa/report-fake' into 'develop'
...
Report an Object, not a Create Activity
Closes #2986
See merge request pleroma/pleroma!3788
2022-12-09 14:25:24 +00:00
Alex Gleason
ab2d8817a9
Merge remote-tracking branch 'pleroma/2061-chat-deletion' into delete-chat
2022-12-08 11:06:12 -06:00
marcin mikołajczak
c100dc84da
Update http_security_plug.ex
2022-12-08 15:38:42 +00:00
