Commit Graph

175 Commits

Author SHA1 Message Date
Matt Jankowski
e8ec6667bd
Extract wrapper constant for HTTP::* error classes (#32285) 2024-10-08 13:53:35 +00:00
Claire
7b92cf3b47
Fix unneeded requests to blocked domains when receiving relayed signed activities from them (#31161) 2024-10-01 12:52:13 +00:00
Matt Jankowski
e975b55c24
Remove WebfingerHelper module & move usage inline (#31203) 2024-10-01 09:54:42 +00:00
Claire
8afa3bb2fa
Change Mastodon to issue correctly-signed queries by default (#31994) 2024-09-20 10:10:09 +00:00
Matt Jankowski
5405bdd344
Remove unused E2EE messaging code (#31193) 2024-09-18 09:27:43 +00:00
Eugen Rochko
e0c27a5047
Add ability to manage which websites can credit you in link previews (#31819) 2024-09-10 12:00:40 +00:00
Adam Niedzielski
cd0ca4b994
Select correct self link when parsing Webfinger response (#31110) 2024-07-23 14:42:31 +00:00
Matt Jankowski
c61e356475
Add Status::MEDIA_ATTACHMENTS_LIMIT configuration constant (#30433) 2024-05-27 09:49:44 +00:00
Claire
9d8dfeb5fb
Fix processing of Link objects in Image objects (#29335) 2024-02-22 22:27:24 +01:00
Claire
1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
2024-02-01 15:56:46 +01:00
Matt Jankowski
ceade78182
Fix Rails/WhereExists cop in app/services (#28853) 2024-01-23 11:41:34 +00:00
Claire
cf2a2ed71c
Fix processing of compacted single-item JSON-LD collections (#28816) 2024-01-19 12:43:10 +00:00
Jonathan de Jong
de09176ab9
Retry 401 errors on replies fetching (#28788)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-01-19 09:18:21 +00:00
Jonathan de Jong
d0a5ebf914
Fix error when encountering malformed Tag objects from Kbin (#28235) 2023-12-05 13:59:15 +00:00
Claire
bac9e0b55d
Add variable delay before link verification of remote account links (#27774) 2023-11-13 16:17:05 +00:00
Eugen Rochko
0d14fcebae
Change link previews to keep original URL from the status (#27312) 2023-11-13 09:58:28 +00:00
Matt Jankowski
0c4e7c06dc
Fix Rails/FindEach cop (#26886) 2023-11-06 15:53:29 +00:00
Jeong Arm
8f998cd96a
Handle featured collections without items (#27581) 2023-10-27 02:36:22 +00:00
Matt Jankowski
bcd0171e5e
Fix Lint/UselessAssignment cop (#27472) 2023-10-19 16:55:06 +02:00
Claire
6273416292
Fix post edits not being forwarded as expected (#26936) 2023-09-15 19:54:32 +02:00
Robert R George
cf6f70799b
Add support for federating memorial attribute (#26583) 2023-08-23 08:27:24 +02:00
Claire
90ec88d58b
Add support for indexable attribute on remote actors (#26485)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 18:54:51 +02:00
Claire
1e3b19230a
Add stricter protocol fields validation for accounts (#25937) 2023-07-20 18:23:48 +02:00
Jeong Arm
664b0ca8cb
Check if json body is null on Activitipub::ProcessingWorker (#26021) 2023-07-17 15:51:30 +02:00
Claire
999c343946
Fix remote accounts being possibly persisted to database with incomplete protocol values (#25886) 2023-07-10 18:42:19 +02:00
Matt Jankowski
668a19a2f3
Fix Performance/DeletePrefix cop (#24796) 2023-05-02 21:07:45 +02:00
Matt Jankowski
f1c1dd0118
Rename with_lock to with_redis_lock to avoid confusion with ActiveRecord's method (#24741) 2023-05-02 18:16:07 +02:00
Claire
a89b02af92
Check domain suspensions before trying to fetch resources (#24535) 2023-05-02 15:22:19 +02:00
Matt Jankowski
0a5f0a8b20
Remove instance variables from helper usage (#24203) 2023-04-23 22:35:54 +02:00
Nick Schonning
4ff44be134
Autofix Rubocop Rails/Blank (#23765) 2023-02-22 09:57:56 +09:00
Nick Schonning
717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2023-02-20 06:58:28 +01:00
Nick Schonning
2177daeae9
Autofix Rubocop Style/RedundantBegin (#23703) 2023-02-19 07:09:40 +09:00
Nick Schonning
e2a3ebb271
Autofix Rubocop Style/IfUnlessModifier (#23697) 2023-02-18 12:37:47 +01:00
Nick Schonning
669f6d2c0a
Run rubocop formatting except line length (#23632) 2023-02-18 06:56:20 +09:00
Claire
0c9eac80d8
Fix unbounded recursion in post discovery (#23506)
* Add a limit to how many posts can get fetched as a result of a single request

* Add tests

* Always pass `request_id` when processing `Announce` activities

---------

Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
2023-02-10 22:16:37 +01:00
Nick Schonning
ed570050c6
Autofix Rails/EagerEvaluationLogMessage (#23429)
* Autofix Rails/EagerEvaluationLogMessage

* Update spec for debug block syntax
2023-02-07 03:44:36 +01:00
Claire
bb89f0af8a
Fix ActivityPub::ProcessingWorker error on incoming malformed JSON-LD (#23416) 2023-02-06 21:00:58 +01:00
Claire
68dcbcb7bf
Add more specific error messages to HTTP signature verification (#21617)
* Return specific error on failure to parse Date header

* Add error message when preferredUsername is not set

* Change error report to be JSON and include more details

* Change error report to differentiate unknown account and failed refresh

* Add tests
2023-01-18 16:47:56 +01:00
Claire
2644a28cb3
Change remote media files to be downloaded outside of transactions (#21796) 2022-12-15 18:09:48 +01:00
Claire
c8849d6cee
Fix unbounded recursion in account discovery (#22025)
* Fix trying to fetch posts from other users when fetching featured posts

* Rate-limit discovery of new subdomains

* Put a limit on recursively discovering new accounts
2022-12-07 00:15:24 +01:00
Claire
625216d8e1
Fix attachments of edited statuses not being fetched (#21565)
* Fix attachments of edited statuses not being fetched

* Fix tests
2022-11-27 20:39:05 +01:00
Claire
a5394980f2
Fix NameError in Webfinger redirect handling in ActivityPub::FetchRemoteActorService (#20260) 2022-11-09 20:10:38 +01:00
Eugen Rochko
e98833748e
Fix being able to spoof link verification (#20217)
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2022-11-09 08:24:21 +01:00
Claire
bbf74498f5
Fix validation error in SynchronizeFeaturedTagsCollectionWorker (#20018)
* Fix followers count not being updated when migrating follows

Fixes #19900

* Fix validation error in SynchronizeFeaturedTagsCollectionWorker

Also saves remote user's chosen case for hashtags

* Limit remote featured tags before validation
2022-11-07 22:35:53 +01:00
Yamagishi Kazutoshi
94feb2b93f
Fix FetchFeaturedCollectionService spec (#19401)
Regression from #19380
2022-10-21 11:48:22 +02:00
Takeshi Umeda
b0e3f0312c
Add synchronization of remote featured tags (#19380)
* Add LIMIT of featured tag to instance API response

* Add featured_tags_collection_url to Account

* Add synchronization of remote featured tags

* Deliver update activity when updating featured tag

* Remove featured_tags_collection_url

* Revert "Add featured_tags_collection_url to Account"

This reverts commit cff349fc27b104ded2df6bb5665132dc24dab09c.

* Add hashtag sync from featured collections

* Fix tag name normalize

* Add target option to fetch featured collection

* Refactor fetch_featured_tags_collection_service

* Add LIMIT of featured tag to v1/instance API response
2022-10-20 09:15:52 +02:00
Claire
85890bc80f
Fix crash in FetchRemoteKeyService (#19225)
Fix regression from #19212
2022-09-24 07:41:01 +02:00
Claire
8cf7006d4e
Refactor ActivityPub handling to prepare for non-Account actors (#19212)
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account

* Refactor SignatureVerification to allow non-Account actors

* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService

* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors

* Refactor inbound ActivityPub payload processing to accept non-Account actors

* Refactor inbound ActivityPub processing to accept activities relayed through non-Account

* Refactor how Account key URIs are built

* Refactor Request and drop unused key_id_format parameter

* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
2022-09-21 22:45:57 +02:00
Claire
1145dbd327
Improve error reporting and logging when processing remote accounts (#15605)
* Add a more descriptive PrivateNetworkAddressError exception class

* Remove unnecessary exception class to rescue clause

* Remove unnecessary include to JsonLdHelper

* Give more neutral error message when too many webfinger redirects

* Remove unnecessary guard condition

* Rework how “ActivityPub::FetchRemoteAccountService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteAccountService#call (default/previous behavior).

* Rework how “ActivityPub::FetchRemoteKeyService” handles errors

Add “suppress_errors” keyword argument to avoid raising errors in
ActivityPub::FetchRemoteKeyService#call (default/previous behavior).

* Fix Webfinger::RedirectError not being a subclass of Webfinger::Error

* Add suppress_errors option to ResolveAccountService

Defaults to true (to preserve previous behavior). If set to false,
errors will be raised instead of caught, allowing the caller to be
informed of what went wrong.

* Return more precise error when failing to fetch account signing AP payloads

* Add tests

* Fixes

* Refactor error handling a bit

* Fix various issues

* Add specific error when provided Digest is not 256 bits of base64-encoded data

* Please CodeClimate

* Improve webfinger error reporting
2022-09-20 23:30:26 +02:00
Jeong Arm
6aa83b13ba
Properly delete remote account's avatar/header when fetch/update (#18973) 2022-08-15 20:32:21 +02:00