Commit graph

1410 commits

Author SHA1 Message Date
Claire
3ab722a79c Fix cached posts including stale stats (#26409) 2023-09-19 17:01:32 +02:00
Emelia Smith
d3e97e8c23 Allow reports with long comments from remote instances, but truncate (#25028) 2023-09-05 18:51:01 +02:00
Daniel M Brasil
db8db60244 Fix /api/v1/timelines/tag/:hashtag allowing for unauthenticated access when public preview is disabled (#26237) 2023-09-05 18:51:01 +02:00
Claire
fc4a93b937 Fix CSP headers being unintendedly wide (#26105) 2023-07-21 16:07:35 +02:00
Claire
93a87b96c7 Fix processing of media files with unusual names (#25788) 2023-07-07 19:36:12 +02:00
Claire
2119aadf0a
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Renaud Chaput
94c67e8bfd Allow carets in URL search params (#25216) 2023-07-06 13:45:58 +02:00
Claire
5e55ca25d6 Fix ResolveURLService not resolving local URLs for remote content (#25637) 2023-07-06 13:45:58 +02:00
Claire
0bcb4f73f1 Change /api/v1/statuses/:id/history to always return at least one item (#25510) 2023-07-06 13:45:58 +02:00
Daniel M Brasil
c285f9d1a1 Fix incorrect pagination headers in /api/v2/admin/accounts (#25477) 2023-07-06 13:45:58 +02:00
Claire
660845f781 Change profile updates to be sent to recently-mentioned servers (#24852) 2023-07-06 13:45:58 +02:00
Claire
ebe009ff09 Fix /api/v1/conversations sometimes returning empty accounts (#25499) 2023-07-06 13:45:58 +02:00
Claire
2617c33fc3 Fix ArgumentError when loading newer Private Mentions (#25399) 2023-07-06 13:45:58 +02:00
Claire
2c3cb903ad Fix misleading error code when receiving invalid WebAuthn credentials (#23568) 2023-03-16 11:58:46 +01:00
Christian Schmidt
4ea4c3f49c Unescape HTML entities (#24019) 2023-03-14 10:00:13 +01:00
Claire
e2103c9175 Fix “Remove all followers from the selected domains” being more destructive than it claims (#23805) 2023-03-14 09:50:57 +01:00
Eugen Rochko
21fd25a269
Fix rate limiting for paths with formats (#20675) 2022-11-14 20:26:31 +01:00
trwnh
b59ce0a60f
Move V2 Filter methods under /api/v2 prefix (#20622)
* Move V2 Filter methods under /api/v2 prefix

* move over the tests too
2022-11-14 08:34:07 +01:00
Eugen Rochko
552d69ad96
Fix error when invalid domain name is submitted (#19474)
Fix #19175
2022-11-14 08:07:14 +01:00
Eugen Rochko
b31afc6294
Fix error when passing unknown filter param in REST API (#20626)
Fix #19156
2022-11-14 08:06:06 +01:00
Hampton Lintorn-Catlin
147d8bd8fc
Support UTF-8 Characters in Domains During CSV Import (#20592)
* Support UTF-8 Characters in Domains During Import

* Update Changelong
2022-11-14 05:52:13 +01:00
Emily Strickland
c2231539c7
Test blank account field verifiability (#20458)
* Test blank account field verifiability

This change tests the need for #20428, which ensures that we guard against a situation in which `at_xpath` returns `nil`.

* Test verifiability of blank fields for remote account profiles

This adds a counterpart test for remote account profiles' fields' verifiability when those fields are blank. I previously added the same test for local accounts.
2022-11-13 21:02:09 +01:00
F
d4f973227c
Test the native_locale_name of a non-standard locale (#20284)
`:en` is English for both `standard_locale_name` and
`native_locale_name`, and so makes for a poor test candidate for
differentiating between them.
2022-11-11 00:06:18 +01:00
Eugen Rochko
9965a23b04
Change link verification to ignore IDN domains (#20295)
Fix #3833
2022-11-10 06:27:45 +01:00
Eugen Rochko
e98833748e
Fix being able to spoof link verification (#20217)
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2022-11-09 08:24:21 +01:00
luzpaz
6ba52306f9
Fix typos (#19849)
Found via `codespell -q 3 -S ./yarn.lock,./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,followings,keypair,medias,pattens,pixelx,rememberable,ro,te`
2022-11-08 17:32:03 +01:00
Roni Laukkarinen
36b0ff57b7
Fix grammar (#20106) 2022-11-08 16:35:42 +01:00
Claire
bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018)
* Fix followers count not being updated when migrating follows

Fixes #19900

* Fix validation error in SynchronizeFeaturedTagsCollectionWorker

Also saves remote user's chosen case for hashtags

* Limit remote featured tags before validation
2022-11-07 22:35:53 +01:00
Claire
3114c826a7
Fix filter handling in status cache hydration (#19963) 2022-11-07 19:47:48 +01:00
Claire
5925a31b78
Fix followers count not being updated when migrating follows (#19998)
Fixes #19900
2022-11-07 15:38:55 +01:00
Claire
bb89f83cc0
Fix additional issues with status cache hydration (#19747)
* Spare one SQL query when hydrating polls

* Improve tests

* Fix more discrepancies

* Fix possible crash when the status has no application set
2022-11-04 20:01:33 +01:00
Claire
03b991de6c
Fix various issues with store hydration (#19746)
- Improve tests
- Fix possible crash when application of a reblogged post isn't set
- Fix discrepancies around favourited and reblogged attributes
- Fix discrepancies around pinned attribute
- Fix polls not being hydrated
2022-11-04 19:33:16 +01:00
Eugen Rochko
5f9e47be34
Add caching for payload serialization during fan-out (#19642) 2022-11-04 13:21:06 +01:00
Claire
4fb0aae636
Change mentions of blocked users to not be processed (#19725)
Fixes #19698
2022-11-04 13:19:12 +01:00
Claire
9387beb3b3
Change flaky AccountSearchService test (#19650) 2022-11-03 23:12:08 +01:00
Claire
1dca08b76f
Fix admin action logs page (#19649)
* Add tests

* Fix crash when trying to display orphaned action logs

* Add migration for older admin action logs
2022-11-03 16:06:42 +01:00
pea-sys
c68e6b52d9
png optimization(loss less) (#19630) 2022-11-01 15:06:52 +01:00
Eugen Rochko
d0ba77047e
Change max. thumbnail dimensions to 640x360px (360p) (#19619) 2022-11-01 13:01:39 +01:00
Eugen Rochko
40c7f3e830
Fix account action type validation (#19476)
* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
2022-10-30 02:44:32 +02:00
Eugen Rochko
f8ca3bb2a1
Add ability to view previous edits of a status in admin UI (#19462)
* Add ability to view previous edits of a status in admin UI

* Change moderator access to posts to be controlled by a separate policy
2022-10-26 13:42:29 +02:00
Eugen Rochko
bf0ab3e0fa
Fix vacuum scheduler missing lock, locks never expiring (#19458)
Remove vacuuming of orphaned preview cards
2022-10-26 12:10:48 +02:00
Eugen Rochko
1ae508bf2f
Change unauthenticated search to not support pagination in REST API (#19326)
- Only exact search matches for queries with < 5 characters
- Do not support queries with `offset` (pagination)
- Return HTTP 401 on truthy `resolve` instead of overriding to false
2022-10-26 12:10:02 +02:00
Eugen Rochko
7c152acb2c
Change settings area to be separated into categories in admin UI (#19407)
And update all descriptions
2022-10-22 11:44:41 +02:00
Yamagishi Kazutoshi
94feb2b93f
Fix FetchFeaturedCollectionService spec (#19401)
Regression from #19380
2022-10-21 11:48:22 +02:00
Eugen Rochko
839f893168
Change public accounts pages to mount the web UI (#19319)
* Change public accounts pages to mount the web UI

* Fix handling of remote usernames in routes

- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict

* Fix missing `multiColumn` prop

* Fix failing test

* Use `discoverable` attribute to control indexing directives

* Fix `<ColumnLoading />` not using `multiColumn`

* Add `noindex` to accounts in REST API

* Change noindex directive to not be rendered by default before a route is mounted

* Add loading indicator for detailed status in web UI

* Fix missing indicator appearing while account is loading in web UI
2022-10-20 14:35:29 +02:00
Eugen Rochko
1bd00036c2
Change about page to be mounted in the web UI (#19345) 2022-10-13 14:42:37 +02:00
Eugen Rochko
b04633a961
Add image processing and generate blurhash for server thumbnail (#19348)
Remove separate server hero setting
2022-10-13 11:29:19 +02:00
Yamagishi Kazutoshi
7afc6a630c
Redirect non-logged-in user to owner statuses on single user mode (#19333) 2022-10-12 21:07:30 +02:00
Eugen Rochko
45ebdb72ca
Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
Eugen Rochko
93f340a4bf
Remove setting that disables account deletes (#17683) 2022-10-06 10:16:47 +02:00