Commit Graph

5281 Commits

Author SHA1 Message Date
Laura Hausmann
41cb218aa8
[backend] Set X-Content-Type-Options to nosniff on the drive files endpoint 2024-03-30 13:11:15 +01:00
Laura Hausmann
cf506d3bd9
[backend] Reject anonymous objects in the AP resolver 2024-03-30 13:11:09 +01:00
Laura Hausmann
ac57c58ecf
[backend] Stricter validation of activity identifiers
This resolves a security issue that was disclosed on 2024-03-24 & patched in coordination with other affected software on 2024-03-30.
Huge thanks to Oneric for the detailed security disclosure.
2024-03-30 13:11:03 +01:00
Crimekillz
74df0b3602 Fix bug: Pass reference to Note OBJ when creating notifications for Poll Vote and Poll End so muted threads can be resolved correctly 2024-03-26 16:24:19 +01:00
Lilian
e099582809
[frontend] Align welcome screen reactions to the right
Thanks Yonei!
2024-03-22 22:20:17 +01:00
Laura Hausmann
01fbd1a5c7
[backend] Fix video playback for files hosted from different origins 2024-03-18 15:34:14 +01:00
CookiLover311
ccec3e7e63 [mastodon-client] Add default reaction to /v1/instance 2024-03-01 14:25:41 +01:00
老周部落
3824767cc9 [backend] Fix resolver cannot parse some follows and notes request 2024-02-26 08:49:45 +01:00
naskya
e9ef70e272
fix (backend): check url properly
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
2024-02-26 00:11:21 +01:00
Laura Hausmann
e2cff0340f
[backend] When fetching activities, specify the acceptable JSON-LD profile explicitly 2024-02-17 16:11:23 +01:00
Laura Hausmann
099ba9ce65
[backend] Enforce JSON-LD profile when fetching activities 2024-02-17 15:59:24 +01:00
Laura Hausmann
31122636d3
[backend] Fix federation for incoming note edits with an attachment that has no alt text 2024-02-17 04:04:25 +01:00
Laura Hausmann
5f6096c1b7
[backend] Verify object id host matches final URL when fetching remote activities 2024-02-16 18:42:23 +01:00
Laura Hausmann
9fc45f166c
[backend] Verify response content type when fetching remote activities 2024-02-16 18:42:22 +01:00
Laura Hausmann
129cc4408a
[mastodon-client] Register full OAuth scopes as well 2024-02-14 23:56:11 +01:00
Laura Hausmann
3399187302
[mastodon-client] Fix /v2/suggestions endpoint (undocumented API behavior strikes again) 2024-02-14 23:55:50 +01:00
Laura Hausmann
e49d168ecd
[mastodon-client] Add support for quote_id parameter when creating posts (#515) 2024-02-13 16:51:08 +01:00
Laura Hausmann
63fa244ea8
[client] Fix migration page when migrating from/to the same account twice, resolves #514 2024-02-10 15:52:48 +01:00
Laura Hausmann
4b20ab6ad4
[backend] Fix typo in audience.ts isPublic check 2024-02-07 19:56:02 +01:00
Laura Hausmann
1378037384
[backend] Only allow author to see hidden posts 2024-02-04 20:23:42 +01:00
Laura Hausmann
f14c5ed4ef
[backend/frontend] Disable post imports for security reasons 2024-02-04 20:12:51 +01:00
Laura Hausmann
a1460503cf
Make sure unresponsive split domain instances that come back to life don't get stuck isNotResponding 2024-01-30 18:27:06 +01:00
Laura Hausmann
7ed43b76b5
Improve dead instances pruning
This fixes a couple edge cases in which inactive but working instances could be caught by the dead instances filter
2024-01-30 18:00:54 +01:00
Laura Hausmann
0d28b07203
Don't send activities to dead instances
Co-authored-by: Johann150 <johann.galle@protonmail.com>
2024-01-29 21:50:05 +01:00
Laura Hausmann
197002df8a
[backend] Fix emojis with special characters
This is an adaptation of 3968a6ca07 and ada577bde6

Co-authored-by: Johann150 <johann.galle@protonmail.com>
2024-01-04 23:55:00 +01:00
mia
87360eab9c prevent extra colon from showing up 2023-12-21 08:40:45 -08:00
Laura Hausmann
52b0c6c8f8
[backend] Add a new index to the user table for faster notifications queries
This should drastically improve performance of the i/notification endpoint
2023-12-16 17:43:15 +01:00
Laura Hausmann
384fb76a26
[backend] Add a new index to the note table for faster generation of following query heuristics 2023-12-15 23:56:16 +01:00
Tournesol
7aa33f2497 Allow autocompletion of center and small MFM by adding them to the tag list 2023-12-15 15:01:00 +01:00
Laura Hausmann
0cb6f578ad
[backend] Don't join avatar and banner on i/notifications
This was an oversight on the recent database refactor and is no longer required
2023-12-14 20:34:24 +01:00
Laura Hausmann
8a642be6d9
[client] Fix pages and gallery tab navigation
This also adds a much nicer "add new gallery post" button to the gallery page
2023-12-08 15:15:34 +01:00
Pyrox
c5e0dce64d [feat] Upgrade rollup plugins to rollup 4 compatible versions
This updates all rollup plugins to their latest version and ensures that there are no more peer dependency version warnings for rollup.
2023-12-08 13:30:03 +01:00
Pyrox
ee23bd56a3 [feat] Upgrade Rollup to version 4 2023-12-08 13:30:03 +01:00
AntoineÐ
3d2cd873b9 #227 fix apps link 2023-12-04 14:18:08 +01:00
Pyrox
60f7e2cf6a [feat] Remove Twitter Integration 2023-12-04 13:49:36 +01:00
AntoineÐ
042e8c552d enhanced boot.js style 2023-12-04 13:39:46 +01:00
AntoineÐ
d0e995639b fix boot.js color with new branding 2023-12-04 13:39:46 +01:00
Laura Hausmann
4a90408386
[backend] Don't proxy relative URLs
This fixes the instance icon for the local instance not being rendered correctly. Resolves #426
2023-12-04 13:34:36 +01:00
AntoineÐ
1c06b84011 Enhanced switch A11Y
>
>
Co-authored-by: Minybol <aimabol@skiff.com>
2023-12-04 13:17:56 +01:00
Pyrox
70ee2b9258 [iceshrimp-js] Update typescript to 5.1.6
This unifies the typescript version used throughout all packages, which removes 2 packages from the yarn cache and also makes things a bit neater.

We should try to bump this for all packages at the same time in the future.
2023-12-04 13:17:36 +01:00
Laura Hausmann
2e8598acb5
[mastodon-client] Fix /v1/accounts/relationships for clients that don't use the id[] parameter 2023-11-30 16:45:00 +01:00
Laura Hausmann
4794702e6f
[client] isUpdateAvailable should not block UI rendering 2023-11-29 21:21:34 +01:00
Laura Hausmann
cd8809e927
[client] Fix update check 2023-11-29 17:59:47 +01:00
Laura Hausmann
aaed62bde1
[mastodon-client] Fix html cache prewarm not including quote uris 2023-11-28 17:52:28 +01:00
Laura Hausmann
58137c9482
[mastodon-client] Preserve state parameter during OAuth
This fixes login with clients that require the state parameter to be preserved during /oauth/authorize.
2023-11-27 23:31:07 +01:00
Laura Hausmann
89bc799765
[mastodon-client] Fix login with clients that leave a trailing + in the scope parameter 2023-11-27 23:11:54 +01:00
Laura Hausmann
7c5bc06bb8
[backend] Actually utilize packed user cache in notes.packMany 2023-11-27 22:33:06 +01:00
Laura Hausmann
913f1659b3
[backend] Use correct identifier for filteredNoteCache 2023-11-27 22:22:24 +01:00
Laura Hausmann
436fb826ac
[client] Fix copyToClipboard so it no longer copies things with weird formatting
This also switches to a non-deprecated clipboard API
2023-11-27 22:20:14 +01:00
Laura Hausmann
8a7c7cb0c9
[backend] Increase length of database columns containing hostnames 2023-11-27 21:58:26 +01:00
Laura Hausmann
03cdf4ec4a
[mastodon-client] Add basic support for filters
Currently you have to configure these in the web ui, but this will eventually be implemented as well
2023-11-27 21:41:09 +01:00
Laura Hausmann
ef3463e8dc
[backend] Rework note hard mutes
It's been shown that the current approach doesn't scale. This implementation should scale perfectly fine.
2023-11-27 19:43:45 +01:00
Laura Hausmann
2d475cb632
[backend] Fix html cache dbFallback for user profiles 2023-11-27 14:38:16 +01:00
Laura Hausmann
683e01d286
[backend] Improve updateUserProfileData
Now only runs updateMentions once, and correctly triggers prewarmCacheById
2023-11-27 01:37:00 +01:00
Laura Hausmann
58d70d005f
[mastodon-client] Handle html cache misses properly 2023-11-27 01:02:12 +01:00
Laura Hausmann
7ab7edeefd
[mastodon-client] Improve html cache performance 2023-11-27 00:07:24 +01:00
Laura Hausmann
61c532a854
[mastodon-client] Add html cache for user profiles and note contents 2023-11-26 21:41:20 +01:00
Laura Hausmann
6832347b6c
[backend] Set updatedAt on local user update 2023-11-26 21:41:19 +01:00
Laura Hausmann
8890902675 [backend] Fix HTTP signature validation
Co-authored-by: perillamint <perillamint@silicon.moe>
Co-authored-by: yunochi <yuno@yunochi.com>
2023-11-26 20:34:25 +01:00
PrivateGER
b814ebcdfb Add setting for an autofollowed account on signup 2023-11-25 18:50:54 +01:00
AntoineÐ
4f9b5d9f72 fix branding gradient angle 2023-11-25 18:50:19 +01:00
Laura Hausmann
13e93dc461
[backend] [client] Import the proper userland punycode module 2023-11-25 03:58:30 +01:00
Laura Hausmann
9cc900faae
[backend] Use happy-dom in generic mfm-to-html as well 2023-11-25 03:47:44 +01:00
Laura Hausmann
026538f8a1
[backend] Add support for a second config file containing secrets
This is required for some packaging scenarios
2023-11-25 03:08:15 +01:00
Laura Hausmann
5490137f44
[mastodon-client] Fix user profile aggregate when only target is self 2023-11-25 02:12:02 +01:00
Laura Hausmann
f350755721
[mastodon-client] Switch to happy-dom 2023-11-25 02:11:44 +01:00
Laura Hausmann
60a6e08c0b
[mastodon-client] Add note.user joins to all timeline queries 2023-11-25 01:50:49 +01:00
Laura Hausmann
b1d3e1d05f
[mastodon-client] Aggregate applicable fields in NoteConverter and UserConverter 2023-11-25 01:37:23 +01:00
Laura Hausmann
3ccfd0417b
[backend] Improve renote status aggregate query 2023-11-24 21:14:17 +01:00
Laura Hausmann
8a6101059f
[client] Revert pull-to-refresh changes for now 2023-11-24 18:30:05 +01:00
Laura Hausmann
cbedd28724
[client] Upgrade vue and vite to their respective latest versions 2023-11-24 05:08:11 +01:00
Laura Hausmann
706ff84d8d
[client] Reset lastFetchScrollTop on MkPagination reload 2023-11-24 04:31:27 +01:00
Laura Hausmann
55f5966343
[client] Add custom pull-to-refresh component to MkPagination 2023-11-24 04:08:19 +01:00
Laura Hausmann
7aa3bdb641
[backend] Use more efficient home timeline heuristics query 2023-11-24 04:08:10 +01:00
Laura Hausmann
d408bdd6aa
[client] Further adjust timeline prefetch parameters 2023-11-24 00:33:34 +01:00
Laura Hausmann
dc7d06ff74
[client] Remove debug logging 2023-11-24 00:20:56 +01:00
Laura Hausmann
c742729796
[client] Adjust timeline prefetch parameters 2023-11-24 00:20:07 +01:00
Laura Hausmann
8ed1bda017
[backend] Don't emit followRequestAccepted if followee is not locked
Resolves #395
2023-11-23 22:22:05 +01:00
Laura Hausmann
e5276e2765
[backend] Add environment variables to configure config file location, files directory and custom assets directory 2023-11-23 20:31:08 +01:00
Laura Hausmann
f9f7553ecd
[client] Improve prefetchMore debounce 2023-11-23 19:35:50 +01:00
Laura Hausmann
248bf22b94
[client] Use defaultStore instead of $store, debounce fetches 2023-11-23 19:08:37 +01:00
Laura Hausmann
9a34c38d0b
[client] Fix smart timeline fetching 2023-11-23 18:36:07 +01:00
Laura Hausmann
151e7499c3
[client] Smarter timeline fetching 2023-11-23 18:18:05 +01:00
Laura Hausmann
c347eca737
[client] Remove url card animation 2023-11-23 17:17:29 +01:00
Laura Hausmann
789fd97512
[client] Allow async+lazy rendering of all images in timeline views 2023-11-23 17:16:52 +01:00
Laura Hausmann
3cb46cd6fc
[backend] Update re2 dependency
re2 was updated to include https://github.com/uhop/node-re2/pull/198 which fixes build on nixOS
2023-11-23 14:59:49 +01:00
Laura Hausmann
b4214d257f
[client] Disable overscroll for root element 2023-11-23 01:16:02 +01:00
Laura Hausmann
5132411e76
[client] Provide option to use vue devtools despite NODE_ENV=production
In theory we wouldn't need this but since the UI is completely unresponsive if NODE_ENV is set to development, this provides partial frontend debugging support until that issue is fixed.
2023-11-22 23:18:40 +01:00
Laura Hausmann
fd6ee32832
[backend] Don't fetch more notes than requested 2023-11-22 20:25:47 +01:00
Laura Hausmann
735fd37707
[backend] Only pack each user once per request 2023-11-22 20:25:47 +01:00
Laura Hausmann
4e6e22633e
[backend] Rework media proxying for better performance 2023-11-22 19:23:51 +01:00
Laura Hausmann
c00e28712e
[backend] Revert postgres geqo threshold and collapse limits to defaults
This is no longer required due to the refactored user table requiring significantly less table joins in more complex queries
2023-11-22 18:59:38 +01:00
Laura Hausmann
302b112f05
[backend] Include avatar & banner url and blurhash in the user table
This drastically improves timeline performance due to the many (2-6 per query) database joins that are now no longer required
2023-11-22 18:59:38 +01:00
Laura Hausmann
6e82e18eea
[backend] Add multi column index for userHost to note table
This drastically improves local and social timeline performance
2023-11-22 04:39:37 +01:00
Laura Hausmann
eff0f32dc1
[backend] We don't need to check for visibility if we already filter for public posts only 2023-11-22 04:39:37 +01:00
Laura Hausmann
8fa2bf5dca
[backend] Fix an edge case where notifications wouldn't load properly 2023-11-22 00:28:37 +01:00
Laura Hausmann
8ecf361870
[backend] Implement heuristics for home timeline queries
After lots of performance analysis, we've ended up with a cutoff value of 250 posts in the last 7d, after which we should switch which query plan to nudge postgres towards. This should greatly improve performance of users who were previously performance edge cases.
2023-11-22 00:14:54 +01:00
Laura Hausmann
a5b30a6adc
[backend] Fix notifications not loading correctly
This fixes a regression introduced in a6fa393359
2023-11-21 01:27:00 +01:00
Laura Hausmann
661c31db0c
[backend] Set postgres geqo threshold and collapse limits to something more reasonable until we've refactored the backend to require less joins 2023-11-21 01:22:07 +01:00
Laura Hausmann
a6fa393359
[backend] Return isRenoted status in Notes.pack instead of requesting it individually 2023-11-21 01:00:14 +01:00