mirror of
https://git.pleroma.social/pleroma/pleroma.git
synced 2025-01-22 23:18:19 +00:00
Merge branch 'fix/unsafe-variables' into 'develop'
Get rid of unsafe variables. See merge request pleroma/pleroma!145
This commit is contained in:
commit
2b708f76e0
5 changed files with 50 additions and 35 deletions
|
@ -17,9 +17,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
|
||||||
if actor_info.host in @media_removal do
|
if actor_info.host in @media_removal do
|
||||||
child_object = Map.delete(object["object"], "attachment")
|
child_object = Map.delete(object["object"], "attachment")
|
||||||
object = Map.put(object, "object", child_object)
|
object = Map.put(object, "object", child_object)
|
||||||
|
{:ok, object}
|
||||||
|
else
|
||||||
|
{:ok, object}
|
||||||
end
|
end
|
||||||
|
|
||||||
{:ok, object}
|
|
||||||
end
|
end
|
||||||
|
|
||||||
@media_nsfw Keyword.get(@mrf_policy, :media_nsfw)
|
@media_nsfw Keyword.get(@mrf_policy, :media_nsfw)
|
||||||
|
@ -32,9 +33,10 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
|
||||||
child_object = Map.put(child_object, "tags", tags)
|
child_object = Map.put(child_object, "tags", tags)
|
||||||
child_object = Map.put(child_object, "sensitive", true)
|
child_object = Map.put(child_object, "sensitive", true)
|
||||||
object = Map.put(object, "object", child_object)
|
object = Map.put(object, "object", child_object)
|
||||||
|
{:ok, object}
|
||||||
|
else
|
||||||
|
{:ok, object}
|
||||||
end
|
end
|
||||||
|
|
||||||
{:ok, object}
|
|
||||||
end
|
end
|
||||||
|
|
||||||
@ftl_removal Keyword.get(@mrf_policy, :federated_timeline_removal)
|
@ftl_removal Keyword.get(@mrf_policy, :federated_timeline_removal)
|
||||||
|
@ -43,22 +45,28 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
|
||||||
user = User.get_by_ap_id(object["actor"])
|
user = User.get_by_ap_id(object["actor"])
|
||||||
|
|
||||||
# flip to/cc relationship to make the post unlisted
|
# flip to/cc relationship to make the post unlisted
|
||||||
if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and
|
object =
|
||||||
user.follower_address in object["cc"] do
|
if "https://www.w3.org/ns/activitystreams#Public" in object["to"] and
|
||||||
to =
|
user.follower_address in object["cc"] do
|
||||||
List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++
|
to =
|
||||||
[user.follower_address]
|
List.delete(object["to"], "https://www.w3.org/ns/activitystreams#Public") ++
|
||||||
|
[user.follower_address]
|
||||||
|
|
||||||
cc =
|
cc =
|
||||||
List.delete(object["cc"], user.follower_address) ++
|
List.delete(object["cc"], user.follower_address) ++
|
||||||
["https://www.w3.org/ns/activitystreams#Public"]
|
["https://www.w3.org/ns/activitystreams#Public"]
|
||||||
|
|
||||||
object = Map.put(object, "to", to)
|
object
|
||||||
object = Map.put(object, "cc", cc)
|
|> Map.put("to", to)
|
||||||
end
|
|> Map.put("cc", cc)
|
||||||
|
else
|
||||||
|
object
|
||||||
|
end
|
||||||
|
|
||||||
|
{:ok, object}
|
||||||
|
else
|
||||||
|
{:ok, object}
|
||||||
end
|
end
|
||||||
|
|
||||||
{:ok, object}
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def filter(object) do
|
def filter(object) do
|
||||||
|
|
|
@ -72,9 +72,12 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do
|
||||||
|> Enum.reduce(%{}, fn data, mapping ->
|
|> Enum.reduce(%{}, fn data, mapping ->
|
||||||
name = data["name"]
|
name = data["name"]
|
||||||
|
|
||||||
if String.starts_with?(name, ":") do
|
name =
|
||||||
name = name |> String.slice(1..-2)
|
if String.starts_with?(name, ":") do
|
||||||
end
|
name = name |> String.slice(1..-2)
|
||||||
|
else
|
||||||
|
name
|
||||||
|
end
|
||||||
|
|
||||||
mapping |> Map.put(name, data["icon"]["url"])
|
mapping |> Map.put(name, data["icon"]["url"])
|
||||||
end)
|
end)
|
||||||
|
|
|
@ -123,9 +123,12 @@ defmodule Pleroma.Web.ActivityPub.UserView do
|
||||||
"limit" => "10"
|
"limit" => "10"
|
||||||
}
|
}
|
||||||
|
|
||||||
if max_qid != nil do
|
params =
|
||||||
params = Map.put(params, "max_id", max_qid)
|
if max_qid != nil do
|
||||||
end
|
Map.put(params, "max_id", max_qid)
|
||||||
|
else
|
||||||
|
params
|
||||||
|
end
|
||||||
|
|
||||||
activities = ActivityPub.fetch_public_activities(params)
|
activities = ActivityPub.fetch_public_activities(params)
|
||||||
min_id = Enum.at(activities, 0).id
|
min_id = Enum.at(activities, 0).id
|
||||||
|
|
|
@ -212,14 +212,14 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do
|
||||||
|> Map.put("actor_id", ap_id)
|
|> Map.put("actor_id", ap_id)
|
||||||
|> Map.put("whole_db", true)
|
|> Map.put("whole_db", true)
|
||||||
|
|
||||||
if params["pinned"] == "true" do
|
activities =
|
||||||
# Since Pleroma has no "pinned" posts feature, we'll just set an empty list here
|
if params["pinned"] == "true" do
|
||||||
activities = []
|
# Since Pleroma has no "pinned" posts feature, we'll just set an empty list here
|
||||||
else
|
[]
|
||||||
activities =
|
else
|
||||||
ActivityPub.fetch_public_activities(params)
|
ActivityPub.fetch_public_activities(params)
|
||||||
|> Enum.reverse()
|
|> Enum.reverse()
|
||||||
end
|
end
|
||||||
|
|
||||||
conn
|
conn
|
||||||
|> add_link_headers(:user_statuses, activities, params["id"])
|
|> add_link_headers(:user_statuses, activities, params["id"])
|
||||||
|
|
|
@ -239,13 +239,14 @@ defmodule Pleroma.Web.WebFinger do
|
||||||
URI.parse(account).host
|
URI.parse(account).host
|
||||||
end
|
end
|
||||||
|
|
||||||
case find_lrdd_template(domain) do
|
address =
|
||||||
{:ok, template} ->
|
case find_lrdd_template(domain) do
|
||||||
address = String.replace(template, "{uri}", URI.encode(account))
|
{:ok, template} ->
|
||||||
|
String.replace(template, "{uri}", URI.encode(account))
|
||||||
|
|
||||||
_ ->
|
_ ->
|
||||||
address = "http://#{domain}/.well-known/webfinger?resource=acct:#{account}"
|
"http://#{domain}/.well-known/webfinger?resource=acct:#{account}"
|
||||||
end
|
end
|
||||||
|
|
||||||
with response <-
|
with response <-
|
||||||
@httpoison.get(
|
@httpoison.get(
|
||||||
|
|
Loading…
Reference in a new issue