feld
48f7e12e6c
Merge branch 'ostatus-controller-no-auth-check-on-non-federating-instances' into 'develop'
...
OStatus / Static FE access control fixes
See merge request pleroma/pleroma!3053
2020-11-05 16:23:56 +03:00
Alexander Strizhakov
c6baa811d6
EnsureAuthenticatedPlug module name
2020-10-13 16:43:57 +03:00
Alexander Strizhakov
8c993c5f63
FederatingPlug module name
2020-10-13 16:43:55 +03:00
Egor Kislitsyn
317e2b8d61
Use atoms as keys in ActivityPub.fetch_*
functions options
2020-06-04 21:36:26 +04:00
Ivan Tashkinov
2c4844237f
Refactoring of :if_func / :unless_func plug options (general availability). Added tests for Pleroma.Web.Plug.
2020-04-30 18:19:51 +03:00
Egor Kislitsyn
5a34dca8ed
Add emoji support in statuses in staticfe
2020-03-23 14:03:31 +04:00
Haelwenn (lanodan) Monnier
8176ca9e40
static_fe: Sanitize HTML in users
2020-03-15 20:44:04 +01:00
Haelwenn (lanodan) Monnier
0ac6e29654
static_fe: Sanitize HTML in posts
...
Note: Seems to have different sanitization with TwitterCard generator giving
the following:
<meta content=\"“alert('xss')”\" property=\"twitter:description\">
2020-03-15 20:44:04 +01:00
Ivan Tashkinov
5b696a8ac1
[ #1560 ] Enforced authentication for non-federating instances in StaticFEController.
2020-03-11 14:05:56 +03:00
Mark Felder
05da5f5cca
Update Copyrights
2020-03-03 16:44:49 -06:00
Phil Hagelberg
3c60adbc1f
Support redirecting by activity UUID in static FE as well.
2019-11-13 08:22:11 -08:00
Phil Hagelberg
0867cb083e
Support redirecting by object ID in static FE.
...
This matches the behavior of pleroma-fe better.
Fixes #1412 .
2019-11-13 08:02:02 -08:00
Phil Hagelberg
62f3a93049
For remote notices, redirect to the original instead of 404.
...
We shouldn't treat these like local statuses, but I don't think a 404
is the right choice either here, because within pleroma-fe, these are
valid URLs. So with remote notices you have the awkward situation
where clicking a link will behave differently depending on whether you
open it in a new tab or not; the new tab will 404 if it hits static-fe.
This new redirecting behavior should improve that situation.
2019-11-12 09:40:29 -08:00
Phil Hagelberg
ef7c3bdc7a
Add some further test cases.
...
Including like ... private visibility, cos that's super important.
2019-11-09 18:08:45 -08:00
Phil Hagelberg
4729027f91
Prevent non-local notices from rendering.
2019-11-09 18:08:45 -08:00
Phil Hagelberg
b0080fa730
Render errors in HTML, not with JS.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
bfd5d79826
Include metadata in static FE conversations and profiles.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
828259fb65
Catch 404s.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
df2f59be91
Pagination for user profiles.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
8969c5522d
Make many of the improvements suggested in review.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
dc3b87d153
Move static FE routing into its own plug.
...
Previously it was piggybacking on FallbackRedirectController for users
and OStatusController for notices; now it's all in one place.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
c6c706161e
Make sure notice link is remote if the post is remote.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
274cc18e8a
Visually separate header.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
2ac1ece652
Fix a bug where reblogs were displayed under the wrong user.
2019-11-09 18:08:08 -08:00
Phil Hagelberg
e4b9784c39
Show counts for replies, likes, and announces for selected notice.
...
Using text instead of an icon, for now.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
918e1353f6
Add header to profile/notice pages linking to pleroma-fe.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
33a26b61c3
Remove activity/user representer; move logic to controller.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
41fde63def
Get rid of @data in views and use separate fields.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
2d1897e8a7
Apply all suggested changes from reviewers.
2019-11-09 18:07:50 -08:00
Phil Hagelberg
cc1b07132f
Notices should show entire thread from context.
2019-11-09 18:07:08 -08:00
Phil Hagelberg
e79d8985ab
Don't show 404 in static-fe controller unless it's actually not found.
2019-11-09 18:06:51 -08:00
William Pitcock
2b5bd5236d
static fe: add user profile rendering
2019-11-09 18:06:51 -08:00
William Pitcock
8f08da750a
static fe: use a generic activity representer to render activities
2019-11-09 18:06:51 -08:00
William Pitcock
ff8d0902f3
static fe: formatting
2019-11-09 18:06:51 -08:00
William Pitcock
a4d3a8ec03
static fe: proof of concept
2019-11-09 18:06:51 -08:00