Commit Graph

5730 Commits

Author SHA1 Message Date
bd87e66679 Remove WebSub subscriptions (#11303) 2019-07-21 04:08:00 +02:00
4bd58b7f2d Display custom emoji in bio field names (#11350)
Already displayed in public pages, but not WebUI
2019-07-21 03:40:27 +02:00
c37c1da41e Disallow numeric-only hashtags (#11363)
* Add spec covering numeric-only hashtags

* Fix hashtag regex
2019-07-19 23:22:35 +02:00
650459f93c Fix some flash notices/alerts staying on unrelated pages (#11364) 2019-07-19 23:13:21 +02:00
aa22b38fdb Change single-column mode to scroll the whole page (#11359)
Fix #10840
2019-07-19 09:25:22 +02:00
4fa6472523 Fix avatar animation on hover when not logged in (#11349) 2019-07-19 09:18:23 +02:00
8df0022e66 Added logout to dropdown menu (#11353)
* Added logout to dropdown menu

* Triggering build-and-test with empty commit as it seems it failed due to some internal failure

* Looks fine, ready to review

* Added changes from review

* method can be null without any problems

* Also target can be null
2019-07-19 03:58:46 +02:00
fda437a020 Fix sanitizing lists contents (#11354)
* Add test

* Fix code for sanitizing nested lists stripping all tags
2019-07-19 01:44:58 +02:00
730c4053d6 Add ActivityPub actor representing the entire server (#11321)
* Add support for an instance actor

* Skip username validation for local Application accounts

* Add migration script to create instance actor

* Make Codeclimate happy

* Switch to id -99 for instance actor

* Remove unused `icon` and `image` attributes from instance actor

* Use if/elsif/else instead of return + ternary operator

* Add instance actor to fresh installs

* Use instance actor as instance representative

Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.

* Seed database in test environment

* Fix single-user mode

* Fix tests

* Fix specs to accomodate for an extra `Account`

* Auto-reject follows on instance actor

Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.

* Fix webfinger lookup and serialization for instance actor

* Rename instance actor

* Make it clear in the HTML view that the instance actor should not be blocked

* Raise cache time for instance actor as there's no dynamic content

* Re-use /about/more with a flash message for instance actor profile
2019-07-19 01:44:42 +02:00
84e988479e Fix only one middle dot being recognized in hashtags (#11345)
Fix #10934
2019-07-18 03:02:56 +02:00
4906cabc6b Add aac, m4a, 3gp to allowed audio formats (#11342)
Fix #11186
2019-07-18 03:02:30 +02:00
5bfe1e1f05 Change language detection to include hashtags as words (#11341) 2019-07-18 03:02:15 +02:00
87f4aea52a Fix typo in StatusPolicy (#11344) 2019-07-18 00:48:26 +02:00
7e2b6da57f Add setting to disable the anti-spam (#11296)
* Add environment variable to disable the anti-spam

* Move antispam setting to admin settings

* Fix typo

* antispam → spam_check
2019-07-17 21:09:15 +02:00
fccd25cf53 Change terms and privacy policy pages to always be accessible (#11334)
Fix #11328
2019-07-17 19:29:37 +02:00
873828ad2d Fix custom CSS controller (#11336) 2019-07-17 17:14:25 +02:00
5599caef49 Extend AUTHORIZED_FETCH mode to user blocks as well (#11332)
* Extend AUTHORIZED_FETCH mode to user blocks as well

* Move decision to deny access to StatusPolicy
2019-07-17 01:53:37 +02:00
15ddabf95a Fix caching headers in ActivityPub endpoints (#11331)
* Fix reverse-proxy caching in public fetch mode

* Fix caching in ActivityPub-specific controllers
2019-07-17 00:00:39 +02:00
91544a6cb5 Remove unused Account#magic_key (#11327) 2019-07-16 14:25:56 +02:00
9b1d3e4acb Add option to disable real-time updates in web UI (#9984)
Fix #9031
Fix #7913
2019-07-16 06:30:47 +02:00
b3f44aa186 Add periodic removal of older thumbnails for preview cards (#11304) 2019-07-15 07:50:14 +02:00
cecd0c3cb1 New Crowdin translations (#11153)
* New translations activerecord.en.yml (Indonesian)
[ci skip]

* New translations activerecord.en.yml (Italian)
[ci skip]

* New translations simple_form.en.yml (Persian)
[ci skip]

* New translations simple_form.en.yml (Norwegian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations simple_form.en.yml (Finnish)
[ci skip]

* New translations en.yml (Serbian (Cyrillic))
[ci skip]

* New translations en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Tamil)
[ci skip]

* New translations en.yml (Telugu)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Turkish)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Welsh)
[ci skip]

* New translations simple_form.en.yml (Dutch)
[ci skip]

* New translations simple_form.en.yml (Esperanto)
[ci skip]

* New translations simple_form.en.yml (French)
[ci skip]

* New translations simple_form.en.yml (Galician)
[ci skip]

* New translations simple_form.en.yml (Georgian)
[ci skip]

* New translations simple_form.en.yml (German)
[ci skip]

* New translations simple_form.en.yml (Greek)
[ci skip]

* New translations simple_form.en.yml (Hebrew)
[ci skip]

* New translations simple_form.en.yml (Hungarian)
[ci skip]

* New translations simple_form.en.yml (Ido)
[ci skip]

* New translations simple_form.en.yml (Indonesian)
[ci skip]

* New translations simple_form.en.yml (Italian)
[ci skip]

* New translations simple_form.en.yml (Korean)
[ci skip]

* New translations doorkeeper.en.yml (Welsh)
[ci skip]

* New translations simple_form.en.yml (Occitan)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations simple_form.en.yml (Greek)
[ci skip]

* New translations simple_form.en.yml (Czech)
[ci skip]

* New translations simple_form.en.yml (Basque)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations simple_form.en.yml (German)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations simple_form.en.yml (Polish)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations doorkeeper.en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations simple_form.en.yml (Slovak)
[ci skip]

* New translations simple_form.en.yml (Corsican)
[ci skip]

* New translations simple_form.en.yml (Corsican)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Galician)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations doorkeeper.en.yml (Welsh)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations simple_form.en.yml (Welsh)
[ci skip]

* New translations activerecord.en.yml (Welsh)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Albanian)
[ci skip]

* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]

* New translations doorkeeper.en.yml (Serbian (Latin))
[ci skip]

* New translations devise.en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations en.yml (Esperanto)
[ci skip]

* New translations en.yml (Hebrew)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Georgian)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Finnish)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Danish)
[ci skip]

* New translations en.yml (Corsican)
[ci skip]

* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Czech)
[ci skip]

* New translations simple_form.en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Serbian (Cyrillic))
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Norwegian)
[ci skip]

* New translations en.yml (Lithuanian)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Kazakh)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Welsh)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Turkish)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations devise.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations simple_form.en.yml (Basque)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations doorkeeper.en.yml (Basque)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations doorkeeper.en.yml (Slovak)
[ci skip]

* New translations en.yml (Finnish)
[ci skip]

* New translations en.yml (Esperanto)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Danish)
[ci skip]

* New translations en.yml (Corsican)
[ci skip]

* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations en.yml (Asturian)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (Albanian)
[ci skip]

* New translations en.yml (Czech)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (Georgian)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Kazakh)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Lithuanian)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Serbian (Cyrillic))
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Welsh)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations simple_form.en.yml (Russian)
[ci skip]

* New translations simple_form.en.yml (Russian)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations doorkeeper.en.yml (Spanish)
[ci skip]

* New translations doorkeeper.en.yml (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations simple_form.en.yml (Spanish)
[ci skip]

* New translations simple_form.en.yml (Spanish)
[ci skip]

* New translations simple_form.en.yml (Spanish)
[ci skip]

* New translations doorkeeper.en.yml (Spanish)
[ci skip]

* New translations en.json (Slovak)
[ci skip]

* New translations devise.en.yml (Slovak)
[ci skip]

* New translations doorkeeper.en.yml (Slovak)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations activerecord.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* i18n-tasks normalize

* yarn manage:translations
2019-07-15 06:12:05 +02:00
2f813b7ea1 Disable LDSigning when AUTHORIZED_FETCH is set to true (#11295) 2019-07-15 02:29:39 +02:00
3595ce6325 Fix leaking private statuses the admin account follows (#11300)
Now that the request is signed, it can return private toots. Do not leak them.
2019-07-15 02:29:04 +02:00
6ff67be0f6 Add a spam check (#11217)
* Add a spam check

* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance

* Add more tests

* Add exemption when the message is a reply to something that mentions the sender

* Use Nilsimsa Compare Value instead of Levenshtein distance

* Use MD5 for messages shorter than 10 characters

* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account

* Expire spam check data after 3 months

* Add support for local statuses, reduce expiration to 1 week, always create a report

* Add content warnings to the spam check and exempt empty statuses

* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check

* Add all matched statuses into automatic report
2019-07-13 16:45:50 +02:00
402302776c Change the retry limit in error of web push notification (#11292)
- Change the maximum count of retry for web push notification (Default -> 5).
   - In case of high load of subscribe server, the retries will be repeated many times.
   - Because the retries occupy the default queue, maximum retry count should be reduced.
2019-07-12 18:46:21 +02:00
5bf67ca913 Add ActivityPub secure mode (#11269)
* Add HTTP signature requirement for served ActivityPub resources

* Change `SECURE_MODE` to `AUTHORIZED_FETCH`

* Add 'Signature' to 'Vary' header and improve code style

* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
4e1260feaa Fix BlockService trying to reject incorrect follow request (#11288)
Fixes #11148
2019-07-11 14:50:27 +02:00
4e8dcc5dbb Add HTTP signatures to all outgoing ActivityPub GET requests (#11284) 2019-07-11 14:49:55 +02:00
5d3feed191 Refactor fetching of remote resources (#11251) 2019-07-10 18:59:28 +02:00
d04c584159 Drop magic-public-key from webfinger replies as it's only used for OStatus (#11280) 2019-07-10 17:10:43 +02:00
85eb418e1f Fix handling of webfinger redirects in ResolveAccountService (#11279) 2019-07-10 17:10:12 +02:00
6172263a63 Fix activity being rendered within activity due to caching (#11271)
Fix #11270
2019-07-10 00:43:30 +02:00
4e92183227 Refactor domain block checks (#11268) 2019-07-09 03:27:35 +02:00
1e7187f2a8 Fix Status.remote scope matching *all* statuses (#11265) 2019-07-08 18:17:22 +02:00
ef15246397 Remove unused remote unfollow controller (#11250) 2019-07-08 12:04:06 +02:00
63c7fe8e48 Refactor controllers for statuses, accounts, and more (#11249) 2019-07-08 12:03:45 +02:00
87c1ad4ea3 Fix BackupService crashing when an attachment is missing (#11241)
* Fix BackupService crashing when an attachment is missing

For various reasons such as admin error or out-of-sync media and
database backups, it might be possible for local attachments to be lost.

This commit allows the BackupService to continue its work even if some media
file is missing.

* Change error message
2019-07-08 02:24:25 +02:00
b851456139 Remove Atom feeds and old URLs in the form of GET /:username/updates/:id (#11247) 2019-07-07 16:16:51 +02:00
406b46395d Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker (#11231) 2019-07-07 03:37:01 +02:00
58276715be Fix support for HTTP proxies (#11245)
* Disable incorrect check for hidden services in Socket

Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.

Hidden services are already filtered in `Request#initialize`.

* Use our Socket class to connect to HTTP proxies

Avoid the timeout logic being bypassed

* Add support for IP addresses in Request::Socket

* Refactor a bit, no need to keep the DNS resolver around
2019-07-07 02:05:38 +02:00
23aeef52cc Remove Salmon and PubSubHubbub (#11205)
* Remove Salmon and PubSubHubbub endpoints

* Add error when trying to follow OStatus accounts

* Fix new accounts not being created in ResolveAccountService
2019-07-06 23:26:16 +02:00
c07cca4727 Only scroll to the compose form if it's not horizontally in the viewport (#11246)
Avoids jumping the scroll around vertically when giving it focus and
editing long toots.
2019-07-06 18:18:08 +02:00
ae003d54f9 Fix option to send e-mail notification about account action always being true (#11242) 2019-07-06 13:54:32 +02:00
ed544f3166 Fix HTTP requests to IPv6 hosts (#11240) 2019-07-05 22:03:00 +02:00
0c1b1069c9 Remove deprecated REST API GET /api/v1/statuses/:id/card (#11213) 2019-07-05 02:15:24 +02:00
3fd6ab99e6 Remove deprecated REST API GET /api/v1/timelines/direct (#11212) 2019-07-05 02:14:56 +02:00
99924f282f Memoize ancestorIds and descendantIds in detailed status view (#11234) 2019-07-02 16:03:54 +02:00
1a747f7020 Fix statsd UDP sockets not being cleaned up in Sidekiq (#11230) 2019-07-02 01:01:17 +02:00
bc60d794f8 Change ActivityPub::DeliveryWorker to not retry HTTP 501 errors (#11233) 2019-07-02 00:59:53 +02:00