Commit graph

5028 commits

Author SHA1 Message Date
Eugen Rochko
15746b5107 Revert "Change links in webUI to rewrite misleading links (#11426)" (#11500)
This reverts commit a13ba1cc7b.
2019-08-06 12:09:28 +02:00
ThibG
54e8f2b08a Fix image uploads being perfectly white when canvas read access is blocked (#11499)
Fixes #11496
2019-08-06 12:08:19 +02:00
ThibG
13811f4d7b Improve keyboard navigation in privacy dropdown (#11492)
* Trap tab in privacy dropdown

* Give focus back to last focused element when privacy dropdown menu closes

* Actually give back focus to the element that had it before clicking the dropdown
2019-08-06 11:59:58 +02:00
ThibG
61f7ff6522 Improve dropdown menu keyboard navigation (#11491)
* Allow selecting menu items with the space bar in status dropdown menus

* Fix modals opened by keyboard navigation being immediately closed

* Fix menu items triggering modal actions

* Add Tab trapping inside dropdown menu

* Give focus back to last focused element when status dropdown menu closes
2019-08-06 11:59:46 +02:00
ThibG
0da8fdc438 Trap tab in modals (#11493) 2019-08-06 11:59:28 +02:00
ThibG
9f15da6b15 Fix privacy dropdown active state when dropdown is placed on top of it (#11495) 2019-08-06 11:59:14 +02:00
Eugen Rochko
05e9cd13eb Change admin UI for hashtags and add back whitelisted trends (#11490)
Fix #271

Add back the `GET /api/v1/trends` API with the caveat that it does
not return tags that have not been allowed to trend by the staff.

When a hashtag begins to trend (internally) and that hashtag has
not been previously reviewed by the staff, the staff is notified.

The new admin UI for hashtags allows filtering hashtags by where
they are used (e.g. in the profile directory), whether they have
been reviewed or are pending reviewal, they show by how many people
the hashtag is used in the directory, how many people used it
today, how many statuses with it have been created today, and it
allows fixing the name of the hashtag to make it more readable.

The disallowed hashtags feature has been reworked. It is now
controlled from the admin UI for hashtags instead of from
the file `config/settings.yml`
2019-08-05 19:54:29 +02:00
Jeong Arm
b3776710e2 Fix timestamp on featured tag (#11477)
It resolves #11338
2019-08-04 23:00:38 +02:00
ThibG
ebc78b6f2b Change icon button styles to make hover/focus states more obvious (#11474)
* Change icon buttons styles to make hover/focused states more obvious

* Fix CW button size inconsistency

* Fix icon button background color consistency
2019-08-03 19:10:50 +02:00
ThibG
5d32e422c0 Disable list title validation button when list title is empty (#11475) 2019-08-03 19:10:39 +02:00
Eugen Rochko
bb86c642a4 Fix tag score not being updated when the tag is trending (#11465) 2019-08-01 19:57:09 +02:00
Eugen Rochko
293f789239 Fix scroll to top in single column UI (#11463) 2019-08-01 19:17:17 +02:00
Eugen Rochko
0ed96e9aee Remove XML version of Webfinger and remove links to Atom feeds (#11460)
Fix #11453
2019-08-01 19:14:02 +02:00
Eugen Rochko
cf45e39dd5 Fix column header scrolling with the page (#11458)
Regression from de4ead8
2019-08-01 12:26:58 +02:00
Mélanie Chauvel (ariasuni)
67899611b4 Fix jumping of toot date when clicking spoiler button (#11449)
* Fix jumping of toot date when clicking spoiler button

* Fix lint
2019-07-31 10:06:58 +02:00
Eugen Rochko
e674fd3eab Fix delete regression (#11450)
Regression from 1848f7fae4
2019-07-31 09:23:30 +02:00
Eugen Rochko
b92e18080a Change hashtag search to only return results that have trended in the past (#11448)
* Change hashtag search to only return results that have trended in the past

A way to eliminate typos and other one-off "junk" results

* Fix excluding exact matches that don't have a score

* Fix tests
2019-07-30 20:29:50 +02:00
ThibG
1848f7fae4 Fix boosting & unboosting preventing a boost from appearing in the TL (#11405)
* Fix boosting & unboosting preventing a boost from appearing in the TL

* Add tests

* Avoids side effects when aggregate_reblogs isn't true
2019-07-30 13:18:23 +02:00
Eugen Rochko
c90eba765d Add hashtag score for better sorting of autosuggestions (#11427)
* Add hashtag score for better sorting of autosuggestions

* Do not use `~<~` operator with no text_pattern_ops index
2019-07-30 13:10:40 +02:00
ThibG
a13ba1cc7b Change links in webUI to rewrite misleading links (#11426)
* [WiP] Show host for “misleading” links

* Disallow misleading targets which domain names are prefixes of link text

* Move decodeIDNA to app/javascript/mastodon/utils

* Add support for international domain names

* Change link origin tag color to darker text color

* Handle links to domains starting with www. as shortened by Mastodon

* [WiP] Ignore links that cannot be misread as URLs, rewrite other links
2019-07-30 12:13:29 +02:00
ThibG
e85805138a Fix crash when expanding search results for hashtags (#11447) 2019-07-30 12:06:21 +02:00
Eugen Rochko
825dc3ca22 Add whitelist mode (#11291) 2019-07-30 11:10:46 +02:00
Eugen Rochko
c111bd01a4 Fix tag normalization and migration not removing duplicate tags (#11441)
Fix #11428
2019-07-29 20:40:21 +02:00
Eugen Rochko
32d2260a8c Fix emoji autosuggestions (#11442)
Regression from 450b8a70a5
2019-07-29 15:04:49 +02:00
Eugen Rochko
172bf17555 Revert "Remove conversation URI (#11423)" (#11424)
This reverts commit 47bf2698c2.
2019-07-28 17:47:37 +02:00
Eugen Rochko
47bf2698c2 Remove conversation URI (#11423)
It is not part of ActivityPub and will free up a lot of space
2019-07-28 17:30:12 +02:00
Eugen Rochko
450b8a70a5 Add autosuggestions for hashtags (#11422) 2019-07-28 14:37:52 +02:00
dependabot-preview[bot]
1cf7bdede4 Bump json-ld-preloaded from 3.0.2 to 3.0.3 (#11316)
* Bump json-ld-preloaded from 3.0.2 to 3.0.3

Bumps [json-ld-preloaded](https://github.com/ruby-rdf/json-ld-preloaded) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/ruby-rdf/json-ld-preloaded/releases)
- [Commits](https://github.com/ruby-rdf/json-ld-preloaded/compare/3.0.2...3.0.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* use json-ld edge
2019-07-28 13:48:43 +02:00
mayaeh
7d13da568e Add tootctl preview_cards remove (#11320)
* Add `tootctl preview_cards remove`

* fix code style

* Remove `Scheduler::PreviewCardsCleanupScheduler` file

* fix code style again
Add exclude case where image_file_name is blank

* Added a function to output confirmation if the specified number of days is less than 2 weeks
2019-07-28 13:48:19 +02:00
ThibG
13b0943e36 Fix animate on hover in poll options without CW (#11404) 2019-07-28 13:48:04 +02:00
Jeong Arm
c4e5f4698c Prevent archiving when user set "noindex" (#11421) 2019-07-28 13:46:04 +02:00
ThibG
6701b9329d Change contrast of status links that are not mentions nor hashtags (#11406) 2019-07-28 06:00:51 +02:00
Eugen Rochko
b8386076c5 Change hashtags to preserve first-used casing (#11416) 2019-07-28 05:59:51 +02:00
Eugen Rochko
5e0ccb3020 Fix tabs bar scrolling along with content on mobile (#11418) 2019-07-27 19:25:15 +02:00
Eugen Rochko
5119a0608d Add search results pagination to web UI (#11409)
* Add search results pagination to web UI

Fix #10737

* Fix code style issue
2019-07-27 05:49:50 +02:00
Eugen Rochko
9c617b3b3a Add search syntax for operators and phrases (#11411) 2019-07-27 04:42:08 +02:00
Eugen Rochko
2854c8e4d6 Remove timestamps from converted images to make them deterministic (#11408) 2019-07-27 04:41:55 +02:00
ThibG
52cda33b82 Fix invites not being disabled upon account suspension (#11412)
* Disable invite links from disabled/suspended users

* Add has_many invites relationship to users

* Destroy unused invites when suspending an account
2019-07-26 18:55:33 +02:00
Eugen Rochko
93a6ab5a32 Change account domain block to clear out notifications and follows (#11393) 2019-07-25 04:17:35 +02:00
Rey Tucker
24d2316f63 Don't delete periods when validating username uniqueness (#11392) (#11400)
* Check to make sure usernames with '.' cannot be created

* Add test for instance actor account name conflicts

This makes sure that migration 20190715164535_add_instance_actor
won't fail if there's already an account that is named the same
as the domain (minus the .)

* Put the test into the correct context...

* Add another test to split this into two validations

* Don't delete periods when validating username uniqueness (#11392)

The 20190715164535_add_instance_actor migration fails if there's
already a username similar to the domain name, e.g. if you are
'vulpine.club' and have a user named 'vulpineclub', validation
fails.

Upon further review, usernames with periods are dropped by the
regular expression in the Account class, so we don't need to
worry about it here.

Fixes #11392
2019-07-24 14:19:17 +02:00
ThibG
1635e401b6 Fix scrolling in single-column mode on Chrome (#11395)
Fixes #11389
2019-07-23 15:47:18 +02:00
dependabot-preview[bot]
884e20c028 Bump active_model_serializers from 0.10.9 to 0.10.10 (#11311)
* Bump active_model_serializers from 0.10.9 to 0.10.10

Bumps [active_model_serializers](https://github.com/rails-api/active_model_serializers) from 0.10.9 to 0.10.10.
- [Release notes](https://github.com/rails-api/active_model_serializers/releases)
- [Changelog](https://github.com/rails-api/active_model_serializers/blob/v0.10.10/CHANGELOG.md)
- [Commits](https://github.com/rails-api/active_model_serializers/compare/v0.10.9...v0.10.10)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

* Add root option to render method
2019-07-23 11:10:42 +02:00
Eugen Rochko
6be7b414e2 Change unconfirmed user login behaviour (#11375)
Allow access to account settings, 2FA, authorized applications, and
account deletions to unconfirmed and pending users, as well as
users who had their accounts disabled. Suspended users cannot update
their e-mail or password or delete their account.

Display account status on account settings page, for example, when
an account is frozen, limited, unconfirmed or pending review.

After sign up, login users straight away and show a simple page that
tells them the status of their account with links to account settings
and logout, to reduce onboarding friction and allow users to correct
wrongly typed e-mail addresses.

Move the final sign-up step of SSO integrations to be the same
as above to reduce code duplication.
2019-07-22 10:48:50 +02:00
Eugen Rochko
79b9eee938 Add (back) rails-level JSON caching (#11333) 2019-07-21 22:32:16 +02:00
ThibG
ee7254e8eb Fix boost to original audience not working on mobile (#11371) 2019-07-21 18:11:09 +02:00
ThibG
99b3dd5b00 Play animated custom emoji on hover (#11348)
* Play animated custom emoji on hover in status

* Play animated custom emoji on hover in display names

* Play animated custom emoji on hover in bios/bio fields

* Add support for animation on hover on public pages emojis too

* Fix tests

* Code style cleanup
2019-07-21 18:10:40 +02:00
Eugen Rochko
9027d911d0 Fix alerts booleans not being typecast correctly in push subscription (#11343)
* Fix `alerts` booleans not being typecast correctly in push subscription

Fix #10789

* Fix typo
2019-07-21 18:10:07 +02:00
Eugen Rochko
2b4fa0d6fa Change locale detection to run once per session (#8657)
Fix #6462
2019-07-21 18:08:02 +02:00
Eugen Rochko
f9ed4354b1 Remove WebSub subscriptions (#11303) 2019-07-21 04:08:00 +02:00
ThibG
2582701b72 Display custom emoji in bio field names (#11350)
Already displayed in public pages, but not WebUI
2019-07-21 03:40:27 +02:00
ThibG
6d5f00fdfe Disallow numeric-only hashtags (#11363)
* Add spec covering numeric-only hashtags

* Fix hashtag regex
2019-07-19 23:22:35 +02:00
ThibG
47dfcc601b Fix some flash notices/alerts staying on unrelated pages (#11364) 2019-07-19 23:13:21 +02:00
Eugen Rochko
de4ead8fc6 Change single-column mode to scroll the whole page (#11359)
Fix #10840
2019-07-19 09:25:22 +02:00
ThibG
026f3a9d2d Fix avatar animation on hover when not logged in (#11349) 2019-07-19 09:18:23 +02:00
koyu
ee3ab5a51d Added logout to dropdown menu (#11353)
* Added logout to dropdown menu

* Triggering build-and-test with empty commit as it seems it failed due to some internal failure

* Looks fine, ready to review

* Added changes from review

* method can be null without any problems

* Also target can be null
2019-07-19 03:58:46 +02:00
ThibG
773130d51a Fix sanitizing lists contents (#11354)
* Add test

* Fix code for sanitizing nested lists stripping all tags
2019-07-19 01:44:58 +02:00
ThibG
c2126e3f98 Add ActivityPub actor representing the entire server (#11321)
* Add support for an instance actor

* Skip username validation for local Application accounts

* Add migration script to create instance actor

* Make Codeclimate happy

* Switch to id -99 for instance actor

* Remove unused `icon` and `image` attributes from instance actor

* Use if/elsif/else instead of return + ternary operator

* Add instance actor to fresh installs

* Use instance actor as instance representative

Use instance actor for forwarding reports, relay operations, and spam
auto-reporting.

* Seed database in test environment

* Fix single-user mode

* Fix tests

* Fix specs to accomodate for an extra `Account`

* Auto-reject follows on instance actor

Following an instance actor might make sense, but we are not handling that
right now, so auto-reject.

* Fix webfinger lookup and serialization for instance actor

* Rename instance actor

* Make it clear in the HTML view that the instance actor should not be blocked

* Raise cache time for instance actor as there's no dynamic content

* Re-use /about/more with a flash message for instance actor profile
2019-07-19 01:44:42 +02:00
Eugen Rochko
1d560713b6 Fix only one middle dot being recognized in hashtags (#11345)
Fix #10934
2019-07-18 03:02:56 +02:00
Eugen Rochko
01cff5ee60 Add aac, m4a, 3gp to allowed audio formats (#11342)
Fix #11186
2019-07-18 03:02:30 +02:00
Eugen Rochko
c27fb14e9f Change language detection to include hashtags as words (#11341) 2019-07-18 03:02:15 +02:00
ThibG
9bea975f52 Fix typo in StatusPolicy (#11344) 2019-07-18 00:48:26 +02:00
ThibG
9015b19e09 Add setting to disable the anti-spam (#11296)
* Add environment variable to disable the anti-spam

* Move antispam setting to admin settings

* Fix typo

* antispam → spam_check
2019-07-17 21:09:15 +02:00
Eugen Rochko
50caff4dc0 Change terms and privacy policy pages to always be accessible (#11334)
Fix #11328
2019-07-17 19:29:37 +02:00
ThibG
978792a112 Fix custom CSS controller (#11336) 2019-07-17 17:14:25 +02:00
ThibG
ac154ccc95 Extend AUTHORIZED_FETCH mode to user blocks as well (#11332)
* Extend AUTHORIZED_FETCH mode to user blocks as well

* Move decision to deny access to StatusPolicy
2019-07-17 01:53:37 +02:00
ThibG
a4b1083795 Fix caching headers in ActivityPub endpoints (#11331)
* Fix reverse-proxy caching in public fetch mode

* Fix caching in ActivityPub-specific controllers
2019-07-17 00:00:39 +02:00
ThibG
ab6af77728 Remove unused Account#magic_key (#11327) 2019-07-16 14:25:56 +02:00
Eugen Rochko
9dead08055 Add option to disable real-time updates in web UI (#9984)
Fix #9031
Fix #7913
2019-07-16 06:30:47 +02:00
Eugen Rochko
ac853dca51 Add periodic removal of older thumbnails for preview cards (#11304) 2019-07-15 07:50:14 +02:00
Eugen Rochko
c4a05eaa87 New Crowdin translations (#11153)
* New translations activerecord.en.yml (Indonesian)
[ci skip]

* New translations activerecord.en.yml (Italian)
[ci skip]

* New translations simple_form.en.yml (Persian)
[ci skip]

* New translations simple_form.en.yml (Norwegian)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations simple_form.en.yml (Finnish)
[ci skip]

* New translations en.yml (Serbian (Cyrillic))
[ci skip]

* New translations en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Tamil)
[ci skip]

* New translations en.yml (Telugu)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Turkish)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Welsh)
[ci skip]

* New translations simple_form.en.yml (Dutch)
[ci skip]

* New translations simple_form.en.yml (Esperanto)
[ci skip]

* New translations simple_form.en.yml (French)
[ci skip]

* New translations simple_form.en.yml (Galician)
[ci skip]

* New translations simple_form.en.yml (Georgian)
[ci skip]

* New translations simple_form.en.yml (German)
[ci skip]

* New translations simple_form.en.yml (Greek)
[ci skip]

* New translations simple_form.en.yml (Hebrew)
[ci skip]

* New translations simple_form.en.yml (Hungarian)
[ci skip]

* New translations simple_form.en.yml (Ido)
[ci skip]

* New translations simple_form.en.yml (Indonesian)
[ci skip]

* New translations simple_form.en.yml (Italian)
[ci skip]

* New translations simple_form.en.yml (Korean)
[ci skip]

* New translations doorkeeper.en.yml (Welsh)
[ci skip]

* New translations simple_form.en.yml (Occitan)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations en.json (Italian)
[ci skip]

* New translations simple_form.en.yml (Greek)
[ci skip]

* New translations simple_form.en.yml (Czech)
[ci skip]

* New translations simple_form.en.yml (Basque)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations simple_form.en.yml (German)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations simple_form.en.yml (Polish)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations doorkeeper.en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations simple_form.en.yml (Slovak)
[ci skip]

* New translations simple_form.en.yml (Corsican)
[ci skip]

* New translations simple_form.en.yml (Corsican)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Chinese Simplified)
[ci skip]

* New translations simple_form.en.yml (Galician)
[ci skip]

* New translations en.json (Galician)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Portuguese, Brazilian)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations doorkeeper.en.yml (Welsh)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations simple_form.en.yml (Welsh)
[ci skip]

* New translations activerecord.en.yml (Welsh)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Albanian)
[ci skip]

* New translations activerecord.en.yml (Serbian (Latin))
[ci skip]

* New translations doorkeeper.en.yml (Serbian (Latin))
[ci skip]

* New translations devise.en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations en.yml (Esperanto)
[ci skip]

* New translations en.yml (Hebrew)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Georgian)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Finnish)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Danish)
[ci skip]

* New translations en.yml (Corsican)
[ci skip]

* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Indonesian)
[ci skip]

* New translations en.yml (Czech)
[ci skip]

* New translations simple_form.en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Serbian (Latin))
[ci skip]

* New translations en.yml (Serbian (Cyrillic))
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Slovenian)
[ci skip]

* New translations en.yml (Norwegian)
[ci skip]

* New translations en.yml (Lithuanian)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Kazakh)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Welsh)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Turkish)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations devise.en.yml (Chinese Simplified)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.json (Russian)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations simple_form.en.yml (Basque)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations doorkeeper.en.yml (Basque)
[ci skip]

* New translations en.json (Korean)
[ci skip]

* New translations doorkeeper.en.yml (Slovak)
[ci skip]

* New translations en.yml (Finnish)
[ci skip]

* New translations en.yml (Esperanto)
[ci skip]

* New translations en.yml (Dutch)
[ci skip]

* New translations en.yml (Danish)
[ci skip]

* New translations en.yml (Corsican)
[ci skip]

* New translations en.yml (Chinese Traditional, Hong Kong)
[ci skip]

* New translations en.yml (Chinese Simplified)
[ci skip]

* New translations en.yml (Catalan)
[ci skip]

* New translations en.yml (Chinese Traditional)
[ci skip]

* New translations en.yml (Basque)
[ci skip]

* New translations en.yml (Asturian)
[ci skip]

* New translations en.yml (Arabic)
[ci skip]

* New translations en.yml (Albanian)
[ci skip]

* New translations en.yml (Czech)
[ci skip]

* New translations en.yml (French)
[ci skip]

* New translations en.yml (Galician)
[ci skip]

* New translations en.yml (Georgian)
[ci skip]

* New translations en.yml (German)
[ci skip]

* New translations en.yml (Greek)
[ci skip]

* New translations en.yml (Hungarian)
[ci skip]

* New translations en.yml (Italian)
[ci skip]

* New translations en.yml (Japanese)
[ci skip]

* New translations en.yml (Kazakh)
[ci skip]

* New translations en.yml (Korean)
[ci skip]

* New translations en.yml (Lithuanian)
[ci skip]

* New translations en.yml (Occitan)
[ci skip]

* New translations en.yml (Persian)
[ci skip]

* New translations en.yml (Polish)
[ci skip]

* New translations en.yml (Portuguese)
[ci skip]

* New translations en.yml (Portuguese, Brazilian)
[ci skip]

* New translations en.yml (Serbian (Cyrillic))
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Swedish)
[ci skip]

* New translations en.yml (Thai)
[ci skip]

* New translations en.yml (Ukrainian)
[ci skip]

* New translations en.yml (Welsh)
[ci skip]

* New translations en.yml (Russian)
[ci skip]

* New translations simple_form.en.yml (Russian)
[ci skip]

* New translations simple_form.en.yml (Russian)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations en.json (Thai)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations simple_form.en.yml (Thai)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations doorkeeper.en.yml (Spanish)
[ci skip]

* New translations doorkeeper.en.yml (Spanish)
[ci skip]

* New translations en.json (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations en.yml (Spanish)
[ci skip]

* New translations simple_form.en.yml (Spanish)
[ci skip]

* New translations simple_form.en.yml (Spanish)
[ci skip]

* New translations simple_form.en.yml (Spanish)
[ci skip]

* New translations doorkeeper.en.yml (Spanish)
[ci skip]

* New translations en.json (Slovak)
[ci skip]

* New translations devise.en.yml (Slovak)
[ci skip]

* New translations doorkeeper.en.yml (Slovak)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.json (Chinese Simplified)
[ci skip]

* New translations en.yml (Slovak)
[ci skip]

* New translations simple_form.en.yml (Japanese)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations en.json (Bengali)
[ci skip]

* New translations activerecord.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* New translations devise.en.yml (Bengali)
[ci skip]

* i18n-tasks normalize

* yarn manage:translations
2019-07-15 06:12:05 +02:00
ThibG
a7b0224699 Disable LDSigning when AUTHORIZED_FETCH is set to true (#11295) 2019-07-15 02:29:39 +02:00
ThibG
3f12a0b8fd Fix leaking private statuses the admin account follows (#11300)
Now that the request is signed, it can return private toots. Do not leak them.
2019-07-15 02:29:04 +02:00
Eugen Rochko
f70b20a01c Add a spam check (#11217)
* Add a spam check

* Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance

* Add more tests

* Add exemption when the message is a reply to something that mentions the sender

* Use Nilsimsa Compare Value instead of Levenshtein distance

* Use MD5 for messages shorter than 10 characters

* Add message to automated report, do not add non-public statuses to
automated report, add trust level to accounts and make unsilencing
raise the trust level to prevent repeated spam checks on that account

* Expire spam check data after 3 months

* Add support for local statuses, reduce expiration to 1 week, always create a report

* Add content warnings to the spam check and exempt empty statuses

* Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check

* Add all matched statuses into automatic report
2019-07-13 16:45:50 +02:00
han@highemelry
b6997d2622 Change the retry limit in error of web push notification (#11292)
- Change the maximum count of retry for web push notification (Default -> 5).
   - In case of high load of subscribe server, the retries will be repeated many times.
   - Because the retries occupy the default queue, maximum retry count should be reduced.
2019-07-12 18:46:21 +02:00
Eugen Rochko
39719ae981 Add ActivityPub secure mode (#11269)
* Add HTTP signature requirement for served ActivityPub resources

* Change `SECURE_MODE` to `AUTHORIZED_FETCH`

* Add 'Signature' to 'Vary' header and improve code style

* Improve code style by adding `public_fetch_mode?` method
2019-07-11 20:11:09 +02:00
ThibG
4bf0ee9467 Fix BlockService trying to reject incorrect follow request (#11288)
Fixes #11148
2019-07-11 14:50:27 +02:00
Eugen Rochko
317b79d673 Add HTTP signatures to all outgoing ActivityPub GET requests (#11284) 2019-07-11 14:49:55 +02:00
Eugen Rochko
6baf5099a6 Refactor fetching of remote resources (#11251) 2019-07-10 18:59:28 +02:00
ThibG
f9548fd31f Drop magic-public-key from webfinger replies as it's only used for OStatus (#11280) 2019-07-10 17:10:43 +02:00
ThibG
e39e4786b4 Fix handling of webfinger redirects in ResolveAccountService (#11279) 2019-07-10 17:10:12 +02:00
Eugen Rochko
f83ce1d943 Fix activity being rendered within activity due to caching (#11271)
Fix #11270
2019-07-10 00:43:30 +02:00
Eugen Rochko
d0b0b63b1a Refactor domain block checks (#11268) 2019-07-09 03:27:35 +02:00
ThibG
5031bc3998 Fix Status.remote scope matching *all* statuses (#11265) 2019-07-08 18:17:22 +02:00
Eugen Rochko
e17c937f65 Remove unused remote unfollow controller (#11250) 2019-07-08 12:04:06 +02:00
Eugen Rochko
56f0203c66 Refactor controllers for statuses, accounts, and more (#11249) 2019-07-08 12:03:45 +02:00
ThibG
12d6c0ff9b Fix BackupService crashing when an attachment is missing (#11241)
* Fix BackupService crashing when an attachment is missing

For various reasons such as admin error or out-of-sync media and
database backups, it might be possible for local attachments to be lost.

This commit allows the BackupService to continue its work even if some media
file is missing.

* Change error message
2019-07-08 02:24:25 +02:00
Eugen Rochko
fbbcbd940d Remove Atom feeds and old URLs in the form of GET /:username/updates/:id (#11247) 2019-07-07 16:16:51 +02:00
Eugen Rochko
ad6b03d4b6 Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker (#11231) 2019-07-07 03:37:01 +02:00
ThibG
ac1fec5be3 Fix support for HTTP proxies (#11245)
* Disable incorrect check for hidden services in Socket

Hidden services can only be accessed with an HTTP proxy, in which
case the host seen by the Socket class will be the proxy, not the
target host.

Hidden services are already filtered in `Request#initialize`.

* Use our Socket class to connect to HTTP proxies

Avoid the timeout logic being bypassed

* Add support for IP addresses in Request::Socket

* Refactor a bit, no need to keep the DNS resolver around
2019-07-07 02:05:38 +02:00
Eugen Rochko
4931208dd8 Remove Salmon and PubSubHubbub (#11205)
* Remove Salmon and PubSubHubbub endpoints

* Add error when trying to follow OStatus accounts

* Fix new accounts not being created in ResolveAccountService
2019-07-06 23:26:16 +02:00
ThibG
64909cf0d9 Only scroll to the compose form if it's not horizontally in the viewport (#11246)
Avoids jumping the scroll around vertically when giving it focus and
editing long toots.
2019-07-06 18:18:08 +02:00
Eugen Rochko
ce5f0247f6 Fix option to send e-mail notification about account action always being true (#11242) 2019-07-06 13:54:32 +02:00
ThibG
33607c43a5 Fix HTTP requests to IPv6 hosts (#11240) 2019-07-05 22:03:00 +02:00
Eugen Rochko
d9f42ba34b Remove deprecated REST API GET /api/v1/statuses/:id/card (#11213) 2019-07-05 02:15:24 +02:00
Eugen Rochko
6cae1b40bf Remove deprecated REST API GET /api/v1/timelines/direct (#11212) 2019-07-05 02:14:56 +02:00
ThibG
eda4094171 Memoize ancestorIds and descendantIds in detailed status view (#11234) 2019-07-02 16:03:54 +02:00
Eugen Rochko
7391d223ab Fix statsd UDP sockets not being cleaned up in Sidekiq (#11230) 2019-07-02 01:01:17 +02:00
Eugen Rochko
227d9297ba Change ActivityPub::DeliveryWorker to not retry HTTP 501 errors (#11233) 2019-07-02 00:59:53 +02:00
ThibG
a55fd40802 When deleting & redrafting a poll, fill in closest expires_in (#11203)
Use the smallest preset expires_in such that the new poll would
not expire before the old one.

In the typical case of a quick delete & redraft, this results in
using the same poll duration.

Fixes #10567
2019-07-02 00:36:16 +02:00
Eugen Rochko
e782fcef4f Add request pool to improve delivery performance (#10353)
* Add request pool to improve delivery performance

Fix #7909

* Ensure connection is closed when exception interrupts execution

* Remove Timeout#timeout from socket connection

* Fix infinite retrial loop on HTTP::ConnectionError

* Close sockets on failure, reduce idle time to 90 seconds

* Add MAX_REQUEST_POOL_SIZE option to limit concurrent connections to the same server

* Use a shared pool size, 512 by default, to stay below open file limit

* Add some tests

* Add more tests

* Reduce MAX_IDLE_TIME from 90 to 30 seconds, reap every 30 seconds

* Use a shared pool that returns preferred connection but re-purposes other ones when needed

* Fix wrong connection being returned on subsequent calls within the same thread

* Reduce mutex calls on flushes from 2 to 1 and add test for reaping
2019-07-02 00:34:38 +02:00