Commit Graph

1078 Commits

Author SHA1 Message Date
729723f857 Add option to disable real-time updates in web UI (#9984)
Fix #9031
Fix #7913
2019-07-16 16:11:50 +02:00
9b1d3e4acb Add option to disable real-time updates in web UI (#9984)
Fix #9031
Fix #7913
2019-07-16 06:30:47 +02:00
6ff67be0f6 Add a spam check (#11217)
* Add a spam check

* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance

* Add more tests

* Add exemption when the message is a reply to something that mentions the sender

* Use Nilsimsa Compare Value instead of Levenshtein distance

* Use MD5 for messages shorter than 10 characters

* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account

* Expire spam check data after 3 months

* Add support for local statuses, reduce expiration to 1 week, always create a report

* Add content warnings to the spam check and exempt empty statuses

* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check

* Add all matched statuses into automatic report
2019-07-13 16:45:50 +02:00
5bf67ca913 Add ActivityPub secure mode (#11269)
* Add HTTP signature requirement for served ActivityPub resources

* Change `SECURE_MODE` to `AUTHORIZED_FETCH`

* Add 'Signature' to 'Vary' header and improve code style

* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
4e8dcc5dbb Add HTTP signatures to all outgoing ActivityPub GET requests (#11284) 2019-07-11 14:49:55 +02:00
5d3feed191 Refactor fetching of remote resources (#11251) 2019-07-10 18:59:28 +02:00
4e92183227 Refactor domain block checks (#11268) 2019-07-09 03:27:35 +02:00
63c7fe8e48 Refactor controllers for statuses, accounts, and more (#11249) 2019-07-08 12:03:45 +02:00
b851456139 Remove Atom feeds and old URLs in the form of GET /:username/updates/:id (#11247) 2019-07-07 16:16:51 +02:00
a0b614f10a Fix support for HTTP proxies (#11245)
* Disable incorrect check for hidden services in Socket

Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.

Hidden services are already filtered in `Request#initialize`.

* Use our Socket class to connect to HTTP proxies

Avoid the timeout logic being bypassed

* Add support for IP addresses in Request::Socket

* Refactor a bit, no need to keep the DNS resolver around
2019-07-07 13:53:09 +02:00
7039dca12c Merge commit 'c07cca4727041ea5a5721acbc603d4bfb45a15a6' into glitch-soc/merge-upstream
Unlike upstream, kept the direct timeline endpoint, as it is still of use in
glitch-soc.
2019-07-07 13:49:31 +02:00
406b46395d Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker (#11231) 2019-07-07 03:37:01 +02:00
58276715be Fix support for HTTP proxies (#11245)
* Disable incorrect check for hidden services in Socket

Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.

Hidden services are already filtered in `Request#initialize`.

* Use our Socket class to connect to HTTP proxies

Avoid the timeout logic being bypassed

* Add support for IP addresses in Request::Socket

* Refactor a bit, no need to keep the DNS resolver around
2019-07-07 02:05:38 +02:00
23aeef52cc Remove Salmon and PubSubHubbub (#11205)
* Remove Salmon and PubSubHubbub endpoints

* Add error when trying to follow OStatus accounts

* Fix new accounts not being created in ResolveAccountService
2019-07-06 23:26:16 +02:00
ed544f3166 Fix HTTP requests to IPv6 hosts (#11240) 2019-07-05 22:03:00 +02:00
6ab84c12a7 Merge branch 'master' into glitch-soc/merge-upstream 2019-07-04 16:21:39 +02:00
1a747f7020 Fix statsd UDP sockets not being cleaned up in Sidekiq (#11230) 2019-07-02 01:01:17 +02:00
0d9ffe56fb Add request pool to improve delivery performance (#10353)
* Add request pool to improve delivery performance

Fix #7909

* Ensure connection is closed when exception interrupts execution

* Remove Timeout#timeout from socket connection

* Fix infinite retrial loop on HTTP::ConnectionError

* Close sockets on failure, reduce idle time to 90 seconds

* Add MAX_REQUEST_POOL_SIZE option to limit concurrent connections to the same server

* Use a shared pool size, 512 by default, to stay below open file limit

* Add some tests

* Add more tests

* Reduce MAX_IDLE_TIME from 90 to 30 seconds, reap every 30 seconds

* Use a shared pool that returns preferred connection but re-purposes other ones when needed

* Fix wrong connection being returned on subsequent calls within the same thread

* Reduce mutex calls on flushes from 2 to 1 and add test for reaping
2019-07-02 00:34:38 +02:00
ca17bae904 Use a redis-cached feed for the DM timeline 2019-06-27 16:44:12 +02:00
aaec64a500 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/settings/preferences_controller.rb
- app/lib/user_settings_decorator.rb
- app/models/user.rb
- config/locales/simple_form.en.yml
2019-06-26 23:19:22 +02:00
3086c645fd Add option to disable blurhash previews (#11188)
* Add option to disable blurhash previews

* Update option text

* Change options order
2019-06-26 19:33:04 +02:00
915c619394 Add support for Audio activities (#11189)
Fixes #11127
2019-06-26 19:32:36 +02:00
47ef4a6c7a Apply filters to poll options (#11174)
* Apply filters to poll options in WebUI

Fixes #11128

* Apply filters to poll options server-side

* Add poll options to searchable text
2019-06-25 14:45:14 +02:00
ddd875ad99 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/models/media_attachment.rb
  Upstream added audio attachment support
- app/serializers/initial_state_serializer.rb
  Upstream added audio attachment support and how mimetypes are returned
- app/serializers/rest/instance_serializer.rb
  Upstream added a few fields
- config/application.rb
  Upstream added a different paperclip transcoder
2019-06-24 15:02:59 +02:00
aa9b37822b Fix audio not being downloaded from remote servers (#11145) 2019-06-22 02:50:36 +02:00
707ddf7808 Change domain blocks to automatically support subdomains (#11138)
* Change domain blocks to automatically support subdomains

If a more authoritative domain is blocked (example.com), then the
same block will be applied to a subdomain (foo.example.com)

* Match subdomains of existing accounts when blocking/unblocking domains

* Improve code style
2019-06-22 00:13:10 +02:00
5ea45351a0 Fix rendering of emoji in public pages 2019-06-18 20:14:08 +02:00
103a9f4466 Fix sanitizer making block level elements unreadable (#10836)
Fix #10834
2019-06-16 21:46:36 +02:00
1b0ff4cd69 Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/settings/notifications_controller.rb
- app/javascript/packs/public.js
- app/views/settings/preferences/show.html.haml
- app/views/stream_entries/_simple_status.html.haml
- config/locales/simple_form.en.yml
- config/locales/simple_form.pl.yml
- config/navigation.rb
- config/routes.rb
2019-06-10 18:59:53 +02:00
8746f4d17b Change priority of delete activity forwards for replies and reblogs (#11002)
Fix #11001
2019-06-09 12:47:33 +02:00
34b8346e7f Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/statuses_controller.rb
- app/controllers/stream_entries_controller.rb
2019-06-07 17:00:36 +02:00
6c464cd424 Do not misattribute inlined boosts if attributedTo isn't present (#10967)
* Do not misattribute inlined boosts if `attributedTo` isn't present

Fixes #10950

* Fix tests
2019-06-04 23:24:31 +02:00
f2b743e715 Refactor all ActivityPub deliveries to be serialized and signed through one concern (#10966) 2019-06-04 23:11:18 +02:00
02b56c7e1a Merge remote-tracking branch 'upstream/master' into glitch-soc/merge-upstream 2019-06-04 20:40:19 +02:00
3a84bacf86 Handle blank poll options more gracefully (#10946)
Pleroma currently allows (erroneously imho) empty poll options, that is,
options with an empty (but existing) `name`.
2019-06-03 20:04:00 +02:00
07d4ecfe5e Truncate long URLs while providing alt text for inline images 2019-05-28 19:33:43 +02:00
18b77224d3 Translate incoming remote img tags by a link 2019-05-28 19:33:43 +02:00
20d01a954e Merge branch 'master' into glitch-soc/merge-upstream
Conflicts:
- app/controllers/settings/preferences_controller.rb
- app/lib/user_settings_decorator.rb
- app/models/user.rb

Conflicts due to the addition of a new preference upstream,
“advanced layout”.
2019-05-26 15:41:40 +02:00
1e5532e693 Add responsive panels to the single-column layout (#10820)
* Add responsive panels to the single-column layout

* Fixes

* Fix not being able to save the preference

* Fix code style issues

* Set max-height on the compose textarea and add a link to relationship manager
2019-05-25 21:27:00 +02:00
72bf354e97 Merge pull request #1067 from ThibG/glitch-soc/merge-upstream
Merge upstream changes
2019-05-23 22:01:34 +02:00
d6a7d62dc6 Do not share a single Redcarpet::Markdown object across threads
There are apparently thread-safety issues: https://github.com/vmg/redcarpet/pull/672
2019-05-23 21:19:44 +02:00
bf988123ba Merge branch 'master' into glitch-soc/merge-upstream 2019-05-23 21:18:27 +02:00
9a5561a5b8 Fix possible race condition when processing statuses (#10815) 2019-05-23 20:00:39 +02:00
7c609bdab9 Allow rel=tag in status text
Fixes tag links in local Markdown or HTML-authored statuses
2019-05-23 12:28:33 +02:00
2332b3f146 Fix local text/html toots not being sanitized 2019-05-21 23:12:43 +02:00
9ca21e93cc Minor optimization 2019-05-17 23:51:14 +02:00
dd5bf40b97 Properly escape HTML in code blocks 2019-05-17 23:51:14 +02:00
a6b7c23f6f Add option for default toot content-type 2019-05-17 23:51:14 +02:00
0be93820f3 Fix autolinking, and newlines in code blocks
Autolinking is now performed *after* the Markdown pass, by replacing HTML
tags with zero-width spaces and running the twitter-text extractor as usual,
except it does not auto-link URLs to avoid links in links…
2019-05-17 23:51:14 +02:00
d7520f8175 Add support for HTML-formatted toots 2019-05-17 23:51:14 +02:00