Commit Graph

10809 Commits

Author SHA1 Message Date
Michael 4d4e34dc64 Issue 12764: Fix photo permissions when posting via web 2023-02-07 14:18:01 +00:00
Hypolite Petovan 447709377c Ensure arbitrary HTTPException messages are HTML escaped
- These messages can include user-supplied strings
2023-02-04 20:36:33 -05:00
Hypolite Petovan 4e355c0f5e Create specific module to display HTML message when a conversation isn't found in Module\Item\Display 2023-02-04 20:28:04 -05:00
Michael f455f7e7d1 Fixes "Invalid URL for photo" for photos without host 2023-02-04 12:14:40 +00:00
Michael Vogel ac469742b1
Merge pull request #12762 from MrPetovan/bug/warnings
Ward against potentially missing "platform" array key in Model\GServer::fetchSiteinfo
2023-02-02 11:54:50 +01:00
Hypolite Petovan a836c5c3f1
Merge pull request #12752 from annando/c2s
First implementation of ActivityPub C2S
2023-02-01 11:48:24 -05:00
Michael 18dcf77a6d Desciption added 2023-02-01 16:33:07 +00:00
Hypolite Petovan 301fa681c5 Ward against potentially missing "platform" array key in Model\GServer::fetchSiteinfo
- Address https://github.com/friendica/friendica/issues/12488#issuecomment-1411635902
2023-02-01 08:35:33 -05:00
Michael a3d645645a Fix #12757 2023-01-31 05:45:24 +00:00
Michael f078b6bc18 Issue 12753: For remote-self feed items the plink mustn't point to the original feed link 2023-01-30 06:58:36 +00:00
Michael b90d6a5638 Updated class description 2023-01-29 17:51:04 +00:00
Michael 101b3c9703 First implementation of ActivityPub C2S 2023-01-29 14:41:14 +00:00
Philipp df021b07e3
Merge pull request #12747 from MrPetovan/bug/warnings
Address a couple of warnings
2023-01-29 08:21:46 +01:00
Philipp 450c753004
Merge pull request #12746 from MrPetovan/bug/fatal-errors
Remove Feed contacts from profile contact list
2023-01-29 08:21:26 +01:00
Hypolite Petovan 48a7958ef9 Check $url variable for value before using it in Module\Photo::getPhotoById
- Address https://github.com/friendica/friendica/issues/12488#issuecomment-1407342540
2023-01-29 00:12:59 -05:00
Hypolite Petovan 9a270de9c2 Prevent the use of $shared_item if it's falsy in Mastodon\Status::createQuote
- Address https://github.com/friendica/friendica/issues/12488#issuecomment-1407342324
2023-01-29 00:11:13 -05:00
Hypolite Petovan b1eae0c9aa Remove Feed contacts from profile contact list
- These contact don't have a public pendant and therefore shouldn't be shown to visitors
- Address https://github.com/friendica/friendica/issues/12486#issuecomment-1406191980
2023-01-29 00:07:20 -05:00
Hypolite Petovan b66787f0de Improve return value consistency in Util\BasePath::getPath 2023-01-28 22:19:47 -05:00
Hypolite Petovan 1dc97e30e0 Read local files instead of performing self HTTP requests in JsonLD::documentLoader 2023-01-28 22:17:05 -05:00
Michael 3f618218c7 Old stuff removed 2023-01-28 18:50:45 +00:00
Michael 999cdc7db9 Avoid more local links and bad http requests 2023-01-28 14:57:04 +00:00
Michael Vogel fc46778a00
Merge pull request #12735 from MrPetovan/bug/fatal-errors
Address a couple of Fatal errors
2023-01-27 08:55:27 +01:00
Michael Vogel 1d7d6fe35c
Merge pull request #12736 from MrPetovan/bug/12733-webfinger-apcontact
Replace custom WebFinger implementation by Probe::getWebfingerArray in APContact::fetchWebfingerData
2023-01-27 08:27:20 +01:00
Hypolite Petovan 79dc5c177e Replace custom WebFinger implementation by Probe::getWebfingerArray in APContact::fetchWebfingerData
- This implementation didn't support separate domains for the address and the final account
2023-01-27 01:24:28 -05:00
Hypolite Petovan 91d8cd2c87 Prevent fatal error when probing WebFinger address in Network\Probe::feed 2023-01-27 01:24:22 -05:00
Michael Vogel 94b63e6a00
Apply suggestions from code review
Co-authored-by: Hypolite Petovan <hypolite@mrpetovan.com>
2023-01-27 07:21:08 +01:00
Michael ba4860b787 Avoid local network communication / invalid url requests 2023-01-27 05:55:45 +00:00
Hypolite Petovan be105db759 Check the image URL has a host before retrieving it in Photo::importProfilePhoto
- Address https://github.com/friendica/friendica/issues/12486#issuecomment-1404324012
2023-01-25 22:31:07 -05:00
Hypolite Petovan 0259af1118 Cast key values to int in Mastodon\Stats
- Address https://sekretaerbaer.de/display/61b27817-3763-cd4c-5fca-b4d397968464
2023-01-25 22:11:22 -05:00
Michael 3e8c38946d Catch not fetchable posts 2023-01-25 23:03:51 +00:00
Michael ae3afaad94 Restore default value 2023-01-25 22:38:11 +00:00
Michael 30093fd2ec Quote for notifications 2023-01-25 20:35:10 +00:00
Michael b6fcfebd56 Switch parameters 2023-01-25 20:14:33 +00:00
Michael b46f18bdf9 Fix reply via API / fix missing variable 2023-01-25 10:16:24 +00:00
Michael c27fdc7167 Unused "use" removed 2023-01-25 06:34:15 +00:00
Michael 49d513f8d2 API: added positiv list for quote support 2023-01-25 06:26:17 +00:00
Hypolite Petovan b4cbe4250e Remove Text\BBCode::scaleExternalImage
- Image size is a CSS concern, not a PHP one
2023-01-23 20:40:20 -05:00
Michael b61923700e Display, not diplay 2023-01-23 22:30:28 +00:00
Michael c471a78b05 Issue 12358: Allow blocking of every contact 2023-01-23 21:44:30 +00:00
Michael d0373ab414 Issue 12603: Support quote in the api / Issue 12654: prevent privacy leakage 2023-01-23 21:24:50 +00:00
Michael ff28044cf6 Issue 12603: Support quotes in the API 2023-01-23 19:00:20 +00:00
Michael 5a01fb0521 Don't show reblogged on single post 2023-01-23 17:56:45 +00:00
Michael 0364972242 Merge remote-tracking branch 'upstream/develop' into api 2023-01-23 17:52:54 +00:00
Michael 87e9dafc56 Removed duplicated "be" 2023-01-23 06:48:42 +00:00
Michael 75cac38fe3 Updated messages.po 2023-01-23 06:43:13 +00:00
Michael Vogel 807c2dfe6a
Update src/Module/Settings/Connectors.php
Co-authored-by: Hypolite Petovan <hypolite@mrpetovan.com>
2023-01-23 04:52:41 +01:00
Michael b2d7c4ec43 Merge remote-tracking branch 'upstream/develop' into api 2023-01-22 19:11:21 +00:00
Michael 8e4e2eecb7 Issue 12702: Let the user decide how to handle spoiler texts 2023-01-22 17:10:31 +00:00
Michael edf3e9c4b6 Improved block check for redirects 2023-01-22 12:33:38 +00:00
Michael 2ecc797541 API: Show different ids on reshares / don't check for client secret 2023-01-22 11:25:31 +00:00
Philipp ced77ccbce
Merge pull request #12697 from MrPetovan/bug/deprecated
Fix a few PHP8.2 deprecation messages
2023-01-21 23:00:32 +01:00
Philipp 98da37076d
Add more transparent errors and make it possible to see them in logs 2023-01-21 21:07:20 +01:00
Philipp 8082b68185
Remove another URL check at App 2023-01-21 21:07:20 +01:00
Philipp 3de78fc60b
Remove BaseURL Auto-Check 2023-01-21 21:07:20 +01:00
Hypolite Petovan 73c8720d41 Declare history property in Mastodon\Card
- Address part of https://github.com/friendica/friendica/issues/12011#issuecomment-1383173055
2023-01-21 14:25:21 -05:00
Hypolite Petovan c79cec2652 Replace deprecated uses of ${var} in strings
- Address part of https://github.com/friendica/friendica/issues/12011#issuecomment-1383147421
2023-01-21 14:25:21 -05:00
Hypolite Petovan 7e618856ab Replace deprecated use of "self" in callables
- Address part of https://github.com/friendica/friendica/issues/12011#issuecomment-1383147421
2023-01-21 14:25:21 -05:00
Hypolite Petovan 881cb456e2 Throw an exception when parse_url fails in HttpClient->request
- Address part of https://github.com/friendica/friendica/issues/12011#issuecomment-1383147421
2023-01-21 14:25:21 -05:00
Philipp a7c4a3023a
Add "Database::INSERT_IGNORE" for the initial value check 2023-01-21 20:02:40 +01:00
Philipp 9627af924a
Add support for toString/Serializable 2023-01-21 19:42:48 +01:00
Hypolite Petovan d3ef2b23cc Don't select deleted contact when in Contact::createFromProbeForUser 2023-01-21 09:18:17 -05:00
Hypolite Petovan 6749ace4b7 Reset pending value when unfollowing a contact 2023-01-21 09:18:17 -05:00
Hypolite Petovan 5519b50900 Apply changes to user-contact table first in Contact::update
- The truncateFieldsForTable call in the same method was potentially restricting the fields that could be updated in the user-contact table
2023-01-21 09:18:17 -05:00
Hypolite Petovan dcfb8bb73e Fix connection acknowledgement not appearing on contact page
- Remove obsolete template variables
- Move contact_edit vier template to base template
2023-01-21 09:18:17 -05:00
Roland Häder 27969e8ca6
Continued:
- moved if() block to suggested position by MrPetovan, for me I want to have all
  conditions checked at the start of the method, e.g. no unwanted null
  references or (in this case) if the URL is blacklisted
- normalized URLs are without SSL, means http://host/path/file.ext so they exist
  only once for contacts and servers (aka. instances)
- documented returned type `void`
2023-01-21 01:07:14 +01:00
Roland Häder ba08692403
Continued:
- just for consistency ...
2023-01-20 02:43:59 +01:00
Roland Häder a0704db43a
Continued:
- some trolls managed to flood gserver with useless URLs. They can be blocked
  by domain blocking them, but still it floods gserver table with dead entries
- this hack tries to change that so they won't enter gserver at all. Let's hope
  these trolls as `activitypub-trolls.cf` learn a lesson (and get adults soon)

Signed-off-by: Roland Häder <roland@mxchange.org>
2023-01-20 01:50:55 +01:00
Philipp 15938c5b87
Merge pull request #12695 from MrPetovan/bug/fatal-errors
Address a few fatal errors
2023-01-19 08:09:03 +01:00
Hypolite Petovan c05956137a Default maintenance reason to empty string in Module\Maintenance
- Address https://github.com/friendica/friendica/issues/12486#issuecomment-1383250546
2023-01-18 21:01:07 -05:00
Hypolite Petovan 3b99b98678 Truncate integer values before inserting them
- Address https://github.com/friendica/friendica/issues/12486#issuecomment-1383250353
2023-01-18 20:58:49 -05:00
Hypolite Petovan d2033d4c92 Allow colon in password
- It was disallowed because of a too strict intepretation of RFC2617
2023-01-18 20:34:20 -05:00
Hypolite Petovan 81cd334664 Fix wrong logic in password allowed regular expression 2023-01-18 20:27:29 -05:00
Hypolite Petovan 16e1c8f893
Merge pull request #12690 from annando/statistics
Nodeinfo data has moved to key values
2023-01-18 08:37:20 -05:00
Michael 73e163100c Nodeinfo data has moved to key values 2023-01-18 05:04:37 +00:00
Hypolite Petovan c7e944e793
Merge pull request #12680 from nupplaphil/feat/addon_logger
Introduce new Hook logic
2023-01-17 16:37:03 -05:00
Michael 259fe7fcf2 Merge remote-tracking branch 'upstream/develop' into blocked-server 2023-01-17 19:25:09 +00:00
Philipp 5358e195d7
Fix Introspection 2023-01-17 20:11:48 +01:00
Philipp 8eed43a7dd
Add whitespace .. 2023-01-17 19:23:20 +01:00
Philipp 3b262f44a3
Adhere feedback 2023-01-17 19:15:37 +01:00
Philipp eed6db2465
Apply suggestions from code review
Co-authored-by: Hypolite Petovan <hypolite@mrpetovan.com>
2023-01-17 19:12:33 +01:00
Michael 356a2a9a5a News "blocked" field on the gserver table 2023-01-17 17:25:19 +00:00
Daniel Siepmann da58b894a4
Properly handle feed item creation date with surrounding whitespace
Some feeds might have whitespace around the creation date.
This can't be parsed by DateTimeFormat methods.
Therefore the incoming creation date is trimmed to not contain any
surrounding whitespace for proper handling.

Relates: #12686
2023-01-17 07:18:47 +01:00
Philipp 293c121c48
Adhere PHP-CS.. 2023-01-16 22:25:26 +01:00
Philipp f609e38600
Introduce new Hook logic
- InstanceManager for computing strategies and to allow decorators
- Adapting Core\Logger to use it
2023-01-16 22:20:33 +01:00
Philipp ab6efea9b2
Replace Config-Cache dependency with Config-Model (no more DB-waiting necessary) 2023-01-15 16:17:08 +01:00
Philipp a6fb683bcd
Remove BasePath dependency from App\Mode 2023-01-15 16:17:07 +01:00
Philipp dd6d96d048
Merge pull request #12678 from MrPetovan/bug/12677-addon_admin
Remove App dependency from addon admin form method
2023-01-15 15:55:08 +01:00
Hypolite Petovan 6e4663e747 Remove App dependency from addon admin form method 2023-01-15 09:42:18 -05:00
Hypolite Petovan 21f172c585
Merge pull request #12674 from nupplaphil/bug/config_typesafe
Config: Improve the node.config.php transformation
2023-01-15 09:38:29 -05:00
Philipp bc60eb6cb7
Apply feedback and describe the encoding method 2023-01-15 11:57:43 +01:00
Philipp d63aca97b8
Merge pull request #12673 from annando/andstatus-api
API: Accept "redirect_uris" as both array and string
2023-01-15 01:01:06 +01:00
Philipp 4c28f9cf9c
Config: Improve the node.config.php transformation
- Add more types
- Improvement for assoziative arrays and key-value arrays
- Add a lot more tests
2023-01-15 00:53:51 +01:00
Michael e06f699dd9 Added Documentation, updated messages.po 2023-01-14 21:20:04 +00:00
Michael af2a38c5b3 API: Accept "redirect_uris" as both array and string 2023-01-14 21:07:47 +00:00
Philipp 0c14e51112
Merge pull request #12666 from MrPetovan/bug/12661-public-calendar-export
Enable calendar export for public_calendar = true
2023-01-14 19:20:20 +01:00
Hypolite Petovan 323765110c Enable calendar export for public_calendar = true 2023-01-14 10:39:18 -05:00
Hypolite Petovan e73adde5fb Remove App dependency from Hook::callSingle
- This was causing a circular dependency with the logger_instance hook
2023-01-14 10:38:37 -05:00
Hypolite Petovan 2d555b60dd
Merge pull request #12670 from annando/fix-avatar-cache
Ensure to reset the avatar paths when deleting avatar cache
2023-01-14 09:47:21 -05:00
Michael 3e3f2555dc Ensure to reset the avatar paths when deleting avatar cache 2023-01-14 13:10:43 +00:00
Hypolite Petovan 91ff24b0e4
Merge pull request #12663 from nupplaphil/sec/xss_404
Security: Use htmlspecialchars() for user input in Arguments class
2023-01-13 13:57:41 -05:00