Age | Commit message (Collapse) | Author |
|
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>
Co-authored-by: petrokoriakin1 <116151189+petrokoriakin1@users.noreply.github.com>
Co-authored-by: Effy Elden <effy@effy.space>
|
|
* Remove dead code
* Remove unneeded/broken parameters and refactor descendant computation
|
|
* Change public accounts pages to mount the web UI
* Fix handling of remote usernames in routes
- When logged in, serve web app
- When logged out, redirect to permalink
- Fix `app-body` class not being set sometimes due to name conflict
* Fix missing `multiColumn` prop
* Fix failing test
* Use `discoverable` attribute to control indexing directives
* Fix `<ColumnLoading />` not using `multiColumn`
* Add `noindex` to accounts in REST API
* Change noindex directive to not be rendered by default before a route is mounted
* Add loading indicator for detailed status in web UI
* Fix missing indicator appearing while account is loading in web UI
|
|
|
|
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService
ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account
* Refactor SignatureVerification to allow non-Account actors
* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService
* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors
* Refactor inbound ActivityPub payload processing to accept non-Account actors
* Refactor inbound ActivityPub processing to accept activities relayed through non-Account
* Refactor how Account key URIs are built
* Refactor Request and drop unused key_id_format parameter
* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
|
|
|
|
Fixes #15589
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
Fixes #14092
|
|
|
|
|
|
|
|
Fix #11969
|
|
(#11539)
Regression from #8657
|
|
|
|
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
|
|
|
|
(#11247)
|
|
* Remove skip_session! as it is not supported in Rails 5
* Minor cleanup in StreamEntriesController
* Remove redundant mark_cacheable! calls
|
|
|
|
|
|
Do not start a session if the current user is not logged in for public-facing pages.
Mark pages that don't care about sessions as publicly cacheable.
Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow.
Fixes #9035.
|
|
|
|
* Add test that should currently fail
* Fix depth computation (will still fail if statuses have been filtered out)
* Fix handling of broken threads
|
|
* Set CSP rules in RoR's configuration
* Override CSP setting in the embed controller to allow frames
|
|
* Add animate custom emoji param to embed pages
* Rename param, use it for avatars and gifs
* Fix issues pointed by codeclimate and breaking test
* Ignore brakeman warning
|
|
* Unuse ActiveRecord::Base#cache_key
* Enable cache_versioning
* Call cache_collection
|
|
* Compensate for scrollbar disappearing when media modal visible
Make auth pages backgrounds lighter
* Fix typo
|
|
|
|
* Make embeds cacheable by reverse proxy
* Make follow button on embeds open remote follow modal
Instead of web+mastodon://, also, turn the button blue, and add a
sign up prompt to the remote follow modal
|
|
* Fix URL of "Show more" link in paginated threads (ancestors side)
Increase item limits in threads
Fix #7268
* Fix "Show more" link in paginated threads (descendants side)
|
|
|
|
(#7162)
Fix #7115
|
|
This also limits the statuses returned by API, but pagination is not
implemented in Web API yet. I still expect it brings user experience
better than making a user wait to fetch all ancestor statuses and flooding
the column with them.
|
|
signatures (#6225)
|
|
|
|
|
|
* Allow HTTP caching of json view of public statuses
HTML views are not cached as they can contain private statuses as well
* Disable session cookies for ActivityPub json rendering of public toots
|
|
* Encode custom emojis as resolveable objects in ActivityPub
* Improve code style
|
|
- Use statuses controller for embeds instead of stream entries controller
- Prefer /@:username/:id/embed URL for embeds
- Use /@:username as author_url in OEmbed
- Add follow link to embeds which opens web intent in new window
- Use redis cache in development
- Cache entire embed
|
|
* Process Create / Announce activity in FetchRemoteStatusService
* Use activity URL in ActivityPub for reblogs
* Redirect to the original status on StatusesController#show
|
|
|
|
|
|
* Improve webfinger templates and make tests more flexible
* Clean up AS2 representation of actor
* Refactor outbox
* Create activities representation
* Add representations of followers/following collections, do not redirect /users/:username route if format is empty
* Remove unused translations
* ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better
URL/URI generation
* Add ActivityPub::TagManager#to
* Represent all attachments as Document instead of Image/Video specifically
(Because for remote ones we may not know for sure)
Add mentions and hashtags representation to AP notes
* Add AP-resolvable hashtag URIs
* Use ActiveModelSerializers for ActivityPub
* Clean up unused translations
* Separate route for object and activity
* Adjust cc/to matrices
* Add to/cc to activities, ensure announce activity embeds target status and
not the wrapper status, add "id" to all collections
|
|
|
|
|
|
|
|
|
|
and atom feed generation to some extent, as well as the way mentions are
stored
|
|
|