David Leadbeater
69378eac99
Don't allow URLs that contain non-normalized paths to be verified ( #20999 )
...
* Don't allow URLs that contain non-normalized paths to be verified
This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".
Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.
* missing do
2022-11-20 19:28:13 +01:00
lenore gilbert
c373148b3d
Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes ( #20597 )
...
* Allow import/export of instance-level domain blocks/allows (#1754 )
* Allow import/export of instance-level domain blocks/allows.
Fixes #15095
* Pacify circleci
* Address simple code review feedback
* Add headers to exported CSV
* Extract common import/export functionality to
AdminExportControllerConcern
* Add additional fields to instance-blocked domain export
* Address review feedback
* Split instance domain block/allow import/export into separate pages/controllers
* Address code review feedback
* Pacify DeepSource
* Work around Paperclip::HasAttachmentFile for Rails 6
* Fix deprecated API warning in export tests
* Remove after_commit workaround
(cherry picked from commit 94e98864e39c010635e839fea984f2b4893bef1a)
* Add confirmation page when importing blocked domains (#1773 )
* Move glitch-soc-specific strings to glitch-soc-specific locale files
* Add confirmation page when importing blocked domains
(cherry picked from commit b91196f4b73fff91997b8077619ae25b6d04a59e)
* Fix authorization check in domain blocks controller
(cherry picked from commit 75279377583c6e2aa04cc8d7380c593979630b38)
* Fix error strings for domain blocks and email-domain blocks
Corrected issue with non-error message used for Mastodon:NotPermittedError in Domain Blocks
Corrected issue Domain Blocks using the Email Domain Blocks message on ActionContoller::ParameterMissing
Corrected issue with Email Domain Blocks using the not_permitted string from "custom emojii's"
* Ran i18n-tasks normalize to address test failure
* Removed unused admin.export_domain_blocks.not_permitted string
Removing unused string as indicated by Check i18n
* Fix tests
(cherry picked from commit 9094c2f52c24e1c00b594e7c11cd00e4a07eb431)
* Fix domain block export not exporting blocks with only media rejection
(cherry picked from commit 26ff48ee48a5c03a2a4b0bd03fd322529e6bd960)
* Fix various issues with domain block import
- stop using Paperclip for processing domain allow/block imports
- stop leaving temporary files
- better error handling
- assume CSV files are UTF-8-encoded
(cherry picked from commit cad824d8f501b95377e4f0a957e5a00d517a1902)
Co-authored-by: Levi Bard <taktaktaktaktaktaktaktaktaktak@gmail.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2022-11-17 11:05:09 +01:00
Claire
00b2720ef0
Change automatic post deletion configuration to be accessible to redirected users ( #20774 )
...
Fixes #20550
2022-11-17 10:55:23 +01:00
Claire
0cc77263fc
Change batch account suspension to create a strike ( #20897 )
2022-11-17 10:52:51 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted ( #19474 )
...
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API ( #20626 )
...
Fix #19156
2022-11-14 08:06:06 +01:00
Eugen Rochko
5c826c408d
Fix image type not being set after conversion for convertible image types ( #20624 )
2022-11-14 07:13:14 +01:00
Eugen Rochko
2e2ba39abf
Fix rules with same priority being sorted non-deterministically ( #20623 )
2022-11-14 06:28:19 +01:00
Jeong Arm
c4c1bee880
Fix trendable status without review ( #20214 )
2022-11-11 21:24:10 +01:00
Emily Strickland
96f51e593f
Guard against error extracting body
from URL ( #20428 )
...
If `Nokogiri::HTML(value).at_xpath('//body')` fails to find the `body` element, it will return `nil`. We can guard against that with an early return. Avoids calling `children` on `Nilclass` in those cases.
2022-11-11 21:22:28 +01:00
Eugen Rochko
9bc0a6c861
Fix metadata scrubbing removing color profile from images ( #20389 )
2022-11-11 09:20:10 +01:00
Claire
86f6631d28
Remove dead code and refactor status threading code ( #20357 )
...
* Remove dead code
* Remove unneeded/broken parameters and refactor descendant computation
2022-11-10 22:30:00 +01:00
Eugen Rochko
c6c7c6223d
Change verification to only work for https links ( #20304 )
...
Fix #20242
2022-11-10 21:09:03 +01:00
Eugen Rochko
9965a23b04
Change link verification to ignore IDN domains ( #20295 )
...
Fix #3833
2022-11-10 06:27:45 +01:00
James Tucker
78a6b871fe
Improve performance by avoiding regex construction ( #20215 )
...
```ruby
10.times { p /#{FOO}/.object_id }
10.times { p FOO_RE.object_id }
```
2022-11-10 05:49:30 +01:00
Eugen Rochko
0cd0786aef
Revert filtering public timelines by locale by default ( #20294 )
2022-11-10 05:34:42 +01:00
Eugen Rochko
e98833748e
Fix being able to spoof link verification ( #20217 )
...
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2022-11-09 08:24:21 +01:00
Postmodern
ca80beb653
Micro-optimization: use if
/else
instead of Array#compact
and Array#min
( #19906 )
...
* Technically `if`/`else` is faster than using `[value1, value2].compact.min` to find the lesser of two values, one of which may be `nil`.
2022-11-08 03:50:47 +01:00
Claire
bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker ( #20018 )
...
* Fix followers count not being updated when migrating follows
Fixes #19900
* Fix validation error in SynchronizeFeaturedTagsCollectionWorker
Also saves remote user's chosen case for hashtags
* Limit remote featured tags before validation
2022-11-07 22:35:53 +01:00
Postmodern
106648b456
Micro-optimization: only split acct
into two Strings ( #19901 )
...
* Since `acct` is split by `@` and assigned to `username` and `domain`, we only need to split `acct` into two Strings.
2022-11-07 16:17:55 +01:00
nightpool
54f0f1b9ef
Skip Webfinger cache during migrations as well ( #19883 )
2022-11-07 03:31:38 +01:00
Eugen Rochko
3151b260e2
Fix not using GIN index for account search queries ( #19830 )
2022-11-06 06:16:34 +01:00
Claire
c2170991c7
Fix reblogs being discarded after the reblogged status ( #19731 )
2022-11-04 16:31:44 +01:00
Eugen Rochko
b1a219552e
Fix featured tags not saving preferred casing ( #19732 )
2022-11-04 16:08:29 +01:00
Claire
125322718b
Fix inaccurate admin log entry for re-sending confirmation e-mails ( #19674 )
...
Fixes #19593
2022-11-02 18:50:21 +01:00
txt-file
0f5e6dd02b
Add support for AVIF uploads ( #19647 )
2022-11-01 22:08:41 +01:00
Eugen Rochko
ae07cfb868
Add support for HEIC uploads ( #19618 )
2022-11-01 16:26:25 +01:00
Eugen Rochko
15bae3e0e4
Change post-processing to be deferred only for large media types ( #19617 )
2022-11-01 15:27:58 +01:00
Eugen Rochko
d0ba77047e
Change max. thumbnail dimensions to 640x360px (360p) ( #19619 )
2022-11-01 13:01:39 +01:00
Eugen Rochko
26478f461c
Remove language filtering from hashtag timelines ( #19563 )
2022-10-30 21:29:23 +01:00
Eugen Rochko
ac9fb0d654
Add reputation and followers score boost to SQL-only account search ( #19251 )
2022-10-30 13:23:05 +01:00
Eugen Rochko
40c7f3e830
Fix account action type validation ( #19476 )
...
* Fix account action type validation
Fix #19143
* Fix #19145
* Fix code style issues
2022-10-30 02:44:32 +02:00
Eugen Rochko
3b024c563c
Fix not being able to input featured tag with #
( #19535 )
2022-10-30 02:43:20 +02:00
Eugen Rochko
dc5c86add7
Fix account migration form ever using outdated account data ( #18429 )
2022-10-29 01:31:45 +02:00
Claire
d9d722d74b
Change admin announcement edition interface to use datetime-local ( #18321 )
...
* Change admin announcement edition interface to use datetime-local
* Dynamically set announcement stop date as required if start date is set, set minimum date for stop date
* Change `all_day` to not be bound to presence of time-range
* Add pattern and placeholder as minimal fallback for browsers not supporting datetime-local
* Display datetime-local inputs as local time
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-10-28 12:56:32 +02:00
Eugen Rochko
07cc201acc
Fix using wrong policy on status-related actions in admin UI ( #19490 )
2022-10-28 00:48:30 +02:00
Eugen Rochko
5f733ad83a
Remove unused method searchable?
on accounts ( #19489 )
...
It called the wrong methods, but nothing uses it
2022-10-27 19:30:08 +02:00
Eugen Rochko
d2eb726962
Fix notifications about deleted reports not being also deleted ( #19475 )
...
* Fix notifications about deleted reports not being also deleted
* Fix notification with empty report crashing web UI
Fix #18909
2022-10-27 02:10:54 +02:00
zunda
52ebfb7792
Store integer settings as integer ( #19478 )
2022-10-26 22:14:07 +02:00
Eugen Rochko
f8ca3bb2a1
Add ability to view previous edits of a status in admin UI ( #19462 )
...
* Add ability to view previous edits of a status in admin UI
* Change moderator access to posts to be controlled by a separate policy
2022-10-26 13:42:29 +02:00
Eugen Rochko
487d81fb92
Fix IP blocks not having a unique index ( #19456 )
2022-10-25 21:43:44 +02:00
Takeshi Umeda
74ead7d106
Change featured tag updates to add/remove activity ( #19409 )
...
* Change featured tag updates to add/remove activity
* Fix to check for the existence of feature tag
* Rename service and worker
* Merge AddHashtagSerializer with AddSerializer
* Undo removal of sidekiq_options
2022-10-22 18:30:55 +02:00
Takeshi Umeda
53e86747e4
Fix duplicate featured tags ( #19403 )
...
* Fix duplicate featured tags
* Add unique tag name validator
* Fix error message
2022-10-22 14:30:59 +02:00
Takeshi Umeda
1d34eff63f
Add featured tag add/remove activity handler ( #19408 )
2022-10-22 11:49:41 +02:00
Eugen Rochko
7c152acb2c
Change settings area to be separated into categories in admin UI ( #19407 )
...
And update all descriptions
2022-10-22 11:44:41 +02:00
Eugen Rochko
839f893168
Change public accounts pages to mount the web UI ( #19319 )
...
* Change public accounts pages to mount the web UI
* Fix handling of remote usernames in routes
- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict
* Fix missing `multiColumn` prop
* Fix failing test
* Use `discoverable` attribute to control indexing directives
* Fix `<ColumnLoading />` not using `multiColumn`
* Add `noindex` to accounts in REST API
* Change noindex directive to not be rendered by default before a route is mounted
* Add loading indicator for detailed status in web UI
* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Takeshi Umeda
b0e3f0312c
Add synchronization of remote featured tags ( #19380 )
...
* Add LIMIT of featured tag to instance API response
* Add featured_tags_collection_url to Account
* Add synchronization of remote featured tags
* Deliver update activity when updating featured tag
* Remove featured_tags_collection_url
* Revert "Add featured_tags_collection_url to Account"
This reverts commit cff349fc27b104ded2df6bb5665132dc24dab09c.
* Add hashtag sync from featured collections
* Fix tag name normalize
* Add target option to fetch featured collection
* Refactor fetch_featured_tags_collection_service
* Add LIMIT of featured tag to v1/instance API response
2022-10-20 09:15:52 +02:00
Eugen Rochko
f01310dadb
Fix trending statuses returning more than one post by the same author ( #19349 )
2022-10-14 01:44:23 +02:00
Eugen Rochko
1bd00036c2
Change about page to be mounted in the web UI ( #19345 )
2022-10-13 14:42:37 +02:00
Eugen Rochko
b04633a961
Add image processing and generate blurhash for server thumbnail ( #19348 )
...
Remove separate server hero setting
2022-10-13 11:29:19 +02:00