about summary refs log tree commit diff
path: root/app/lib/formatter.rb
AgeCommit message (Collapse)Author
2020-02-07Fix malformed HTML causing uncaught error (#13042)Eugen Rochko
Fix OEmbed preview API leaking existence of private statuses (see #12930)
2020-01-23Add support for magnet: URIs (#12905)ThibG
2020-01-11Add support for linking XMPP URIs in toots (#12709)ThibG
* Fix wrong grouping in Twitter valid_url regex * Add support for xmpp URIs Fixes #9776 The difficult part is autolinking, because Twitter-text's extractor does some pretty ad-hoc stuff to find things that “look like” URLs, and XMPP URIs do not really match the assumptions of that lib, so it doesn't sound wise to try to shoehorn it into the existing regex. This is why I used a specific regex (very close, although slightly more permissive than the RFC), and a specific scan function (a simplified version of the generalized one from Twitter). * Remove leading “xmpp:” from auto-linked text
2019-10-24Add noopener and/or noreferrer (#12202)BSKY
2019-09-09Add account bio to account admin view (#11473)ThibG
* Add account bio to account admin view * Change styling to make bio fields / content more readable
2019-08-07Fix non-lowercase hashtags not being picked up by the streaming API (#11508)Eugen Rochko
Regression from f371b32 Fix hashtag links always being lowercase
2019-07-21Play animated custom emoji on hover (#11348)ThibG
* Play animated custom emoji on hover in status * Play animated custom emoji on hover in display names * Play animated custom emoji on hover in bios/bio fields * Add support for animation on hover on public pages emojis too * Fix tests * Code style cleanup
2019-07-07Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ↵Eugen Rochko
(#11247)
2019-05-15Minor performance improvements and cleanup in formatter (#10765)ThibG
2019-03-28Rename :poll to :preloadable_poll and :owned_poll to :poll on Status (#10401)Eugen Rochko
Also, fix some n+1 queries Resolve #10365
2019-03-20Add support for custom emojis in poll options (#10322)ThibG
* Backend changes for custom emoji support in poll options * Serialize poll emojis in REST API * Render custom emojis in poll options * Render custom emoji in poll options on public pages
2019-03-05Fix newlines in OStatus and RSS serializations (#10183)ThibG
2019-03-05When serializing polls over OStatus, serialize poll options to text (#10160)ThibG
* When serializing polls over OStatus, serialize poll options to text * Do the same for RSS feeds * Use “[ ] ” as a prefix for poll options instead of “- ”
2019-02-09Fix URL linkifier grabbing full-width spaces and quotations (#9997)Eugen Rochko
Fix #9993 Fix #5654
2019-02-09 Only URLs extract with pre-escaped text (#9991)Hinaloe
* [test] add japanese hashtag testcase * Only URLs extract with pre-escaped text ( https://github.com/tootsuite/mastodon/issues/9989 )
2019-02-02Allow most kinds of characters in URL query (fixes #8408) (#8447)Jakub Mendyk
* Allow unicode characters in URL query strings Fixes #8408 * Alternative approach to unicode support in urls Adds PoC/idea to approch this problem.
2018-11-16Remove intermediary arrays when creating hash maps from results (#9291)Eugen Rochko
2018-10-17Improve support for aspects/circles (#8950)Eugen Rochko
* Add silent column to mentions * Save silent mentions in ActivityPub Create handler and optimize it Move networking calls out of the database transaction * Add "limited" visibility level masked as "private" in the API Unlike DMs, limited statuses are pushed into home feeds. The access control rules between direct and limited statuses is almost the same, except for counter and conversation logic * Ensure silent column is non-null, add spec * Ensure filters don't check silent mentions for blocks/mutes As those are "this person is also allowed to see" rather than "this person is involved", therefore does not warrant filtering * Clean up code * Use Status#active_mentions to limit returned mentions * Fix code style issues * Use Status#active_mentions in Notification And remove stream_entry eager-loading from Notification
2018-10-12Improve signature verification safeguards (#8959)Eugen Rochko
* Downcase signed_headers string before building the signed string The HTTP Signatures draft does not mandate the “headers” field to be downcased, but mandates the header field names to be downcased in the signed string, which means that prior to this patch, Mastodon could fail to process signatures from some compliant clients. It also means that it would not actually check the Digest of non-compliant clients that wouldn't use a lowercased Digest field name. Thankfully, I don't know of any such client. * Revert "Remove dead code (#8919)" This reverts commit a00ce8c92c06f42109aad5cfe65d46862cf037bb. * Restore time window checking, change it to 12 hours By checking the Date header, we can prevent replaying old vulnerable signatures. The focus is to prevent replaying old vulnerable requests from software that has been fixed in the meantime, so a somewhat long window should be fine and accounts for timezone misconfiguration. * Escape users' URLs when formatting them Fixes possible HTML injection * Escape all string interpolations in Formatter class Slightly improve performance by reducing class allocations from repeated Formatter#encode calls * Fix code style issues
2018-08-31Fix autoplay issue with spoiler tag (#8540)Renato "Lond" Cerqueira
Add tests to avoid similar issues in the future
2018-08-30Add animate custom emoji param to embed pages (#8507)Renato "Lond" Cerqueira
* Add animate custom emoji param to embed pages * Rename param, use it for avatars and gifs * Fix issues pointed by codeclimate and breaking test * Ignore brakeman warning
2018-05-06Enable custom emojis in profiles (notes, field values, display names) (#7374)Eugen Rochko
Follow-up to #6124
2018-04-27Add entity cache (#7271)Eugen Rochko
* Add entity cache Use a caching layer for mentions and custom emojis that are dynamically extracted from text. Reduce duplicate text extractions * Fix code style issue
2018-04-14Add bio fields (#6645)Eugen Rochko
* Add bio fields - Fix #3211 - Fix #232 - Fix #121 * Display bio fields in web UI * Fix output of links and missing fields * Federate bio fields over ActivityPub as PropertyValue * Improve how the fields are stored, add to Edit profile form * Add rel=me to links in fields Fix #121
2018-04-01[WIP] Enable custom emoji on account pages and in the sidebar (#6124)David Underwood
Federate custom emojis with accounts
2018-03-07Remove text requirement when media attached from statuses (#6672)Eugen Rochko
2018-01-03Don't normalize URLs in toots (#6134)ThibG
* Don't normalize URLs in toots URL normalization is ill-defined and may cause certain links to break. * Change specs since we are not normalizing user-provided URLs
2017-12-06Using double splat operator (#5859)Yamagishi Kazutoshi
2017-11-30Add semi-support for Video/Image objects in ActivityPub (#5848)Eugen Rochko
* Add semi-support for Video/Image objects in ActivityPub Video and Image objects will create corresponding status records with manually crafted text contents (title + URL) * Extract html-url-finding logic into JsonLdHelper * Fallback to id when url missing, extract supported object types
2017-11-07Avoid emojifying on invisible text (#5558)MIYAGI Hikaru
2017-10-06Fix remote profile being displayed in HTML on remote_follow (#5249)unarist
2017-10-05When processing custom emoji, ensure a non-animated version exists (#5230)Eugen Rochko
Use the non-animated version in web UI, but return both in API
2017-09-23Fix custom emojis not detected when used in content warning (#5049)Eugen Rochko
2017-09-19Fix non-local statuses are html_encoded in public_page. (#5012)Naoki Kosaka
2017-09-19Custom emoji (#4988)Eugen Rochko
* Custom emoji - In OStatus: `<link rel="emoji" name="coolcat" href="http://..." />` - In ActivityPub: `{ type: "Emoji", name: ":coolcat:", href: "http://..." }` - In REST API: Status object includes `emojis` array (`shortcode`, `url`) - Domain blocks with reject media stop emojis - Emoji file up to 50KB - Web UI handles custom emojis - Static pages render custom emojis as `<img />` tags Side effects: - Undo #4500 optimization, as I needed to modify it to restore shortcode handling in emojify() - Formatter#plaintext should now make sure stripped out line-breaks and paragraphs are replaced with newlines * Fix emoji at the start not being converted
2017-09-16Escape URL parts on formatting local status (#4975)unarist
2017-09-14Enable to recognize most kinds of characters as URL paths (#4941)ふぁぼ原
2017-08-02Don't normalize invalid domain names (#4499)TheKinrar
Fixes #4496
2017-06-04Remove some arguments of Formatter.instance.format and spec (#3541)Akihiko Odaki (@fn_aki@pawoo.net)
* Remove some arguments of Formatter.instance.format * Improve spec for Formatter
2017-05-12Prepend reblogs' wrapper content with "RT @original_author", (#3013)Eugen Rochko
so that when a reblog parse fails on another instance, it doesn't look like a misattributed/stolen text
2017-05-11Fix regressions from #2683 (#2970)Eugen Rochko
* Fix regressions from #2683 Properly format spoiler text HTML, while keeping old logic for blankness intact Process hashtags and mentions in spoiler text Format spoiler text for Atom Change "show more" toggle into a button instead of anchor Fix style regression on dropdowns for detailed statuses * Fix lint issue * Convert spoiler text to plaintext in desktop notifications
2017-05-10fix a regression introduced by e2491680e696d2c285a798ec4c66b26d2748df66 (#2966)beatrix
that caused user pages to break when showing toots with CWs
2017-05-10Handle hashtags in spoiler_texts (partial fix for #699) (#2683)R Tucker
* services: scan spoiler_text for hashtags (#699) * views: link hashtags from spoiler_texts This covers linking hashtags from within the spoiler text on the server-generated pages. * services: fix string concat going into hashtag RE Cleaner Ruby syntax, may handle immutable strings better
2017-05-09Fixed bug that timeline can not be displayed by InvalidURIError (#2947)abcang
2017-05-05use Twitter::Extractor for creating links (#2502)masarakki
2017-04-27Hotfix remote status formatting (#2543)Eugen Rochko
2017-04-27OEmbed support for PreviewCard (#2337)Eugen Rochko
* OEmbed support for PreviewCard * Improve ProviderDiscovery code failure treatment * Do not crawl links if there is a content warning, since those don't display a link card anyway * Reset db schema * Fresh migrate * Fix rubocop style issues Fix #1681 - return existing access token when applicable instead of creating new * Fix test * Extract http client to helper * Improve oembed controller
2017-04-25Decodes URL containing IDN (#2436)Yamagishi Kazutoshi
2017-04-23Add simple_format to simplified_format (#2198)178inaba
2017-04-21Fix mangling of ##tag matches (#2194) (#2247)Mingye Wang
This commit fixes hashtag_html so it correctly handles matches with multiple hash-signs. Bug located by @over9001, initial fix suggested by @nightpool.