Commit graph

16478 commits

Author SHA1 Message Date
Mark Felder
21cf321f74 Quiet Dialyzer
It is angry we are making a fake %Plug.Conn{} to pass through Signature.validate_signature/1. We can work around it by making the code support a map, but then we lose the benefit of being able to use put_req_header/3
2024-07-25 16:36:34 -04:00
Mark Felder
c19d55cabb Safer string concatenation 2024-07-25 16:18:45 -04:00
Mark Felder
84b15ac111 Improve specs and matching 2024-07-25 16:18:31 -04:00
Mark Felder
a964368e31 Add test to fetch and validate an activity that originally failed signature 2024-07-25 14:34:55 -04:00
Mark Felder
1b9c887dbb Extract validate_signature/2 from the HTTPSignaturePlug
This logic only exists in the Plug, so attempting to validate the signature by calling the library function HTTPSignature.validate_conn/2 directly will never work because we do not attempt to construct the (request-target) and @request-target headers with both the commonly misinterpreted and correct implementation of this field. Therefore all attempts to validate a signature from an Oban Job will fail.
2024-07-25 12:54:27 -04:00
Mark Felder
1a482a73c3 Fix Optimistic Inbox for failed signatures
When signatures fail on incoming activities we put the job into Oban to be processed later instead of doing the user fetching and validation inline which is expensive and increases latency on the incoming POST request. Unfortunately we did not retain the :method, :request_path, and :query_string parameters from the conn so the signature validation and Oban Job would always fail.

This was most obvious when Mastodon sends Deletes for users your server has never seen before.
2024-07-25 11:46:30 -04:00
feld
700c106680 Merge branch 'oban/rich-media-hardening' into 'develop'
Harden Rich Media parsing against very slow or malicious URLs

See merge request pleroma/pleroma!4192
2024-07-24 20:58:31 +00:00
Mark Felder
6598919213 Document the new timeout setting 2024-07-24 16:16:37 -04:00
Mark Felder
2314ff5981 Harden Rich Media parsing against very slow or malicious URLs 2024-07-24 15:55:30 -04:00
Mark Felder
8c5a68a62e Increase Oban.Pruner max_age to 15 mins 2024-07-24 15:52:23 -04:00
Mark Felder
97d488aea3 Fix RichMedia negative cache entries
The negative cache entry was a nil value, but that is an expected response when the cache is missing an entry so it didn't work as intended.
2024-07-24 15:45:39 -04:00
Mark Felder
5a62868106 Consider errors during HTTP GET and HEAD to be unrecoverable and insert a negative cache entry
This is for a normal HTTP error response or timeout while receiving the data. A hard error from a process crash, DNS lookup failure, etc should produce a different response than {:ok, %Tesla.Env{}} and the request/job will be retryable.
2024-07-24 15:43:49 -04:00
Mark Felder
731f7b87d2 Pad RichMediaWorker timeout to be 2s longer than the Rich Media HTTP timeout 2024-07-24 15:42:50 -04:00
Mark Felder
858fd01c01 Pleroma.HTTP: permit passing through custom Tesla Middlware for requests 2024-07-24 15:40:15 -04:00
feld
f32a837afa Merge branch 'dialyzer' into 'develop'
Fix dialyzer error

See merge request pleroma/pleroma!4190
2024-07-23 14:51:45 +00:00
Mark Felder
2ee8f4f062 Fix dialyzer error
lib/pleroma/application.ex:1:pattern_match The pattern can never match the type true.
2024-07-23 10:25:39 -04:00
feld
ff663c0aeb Merge branch 'commonapi-cleanup' into 'develop'
CommonAPI Cleanup

See merge request pleroma/pleroma!4189
2024-07-22 23:36:18 +00:00
Mark Felder
c700c5db43 changelog 2024-07-22 19:23:16 -04:00
Mark Felder
12f498bc0d Fix order of args for show_reblogs/2 2024-07-22 19:19:21 -04:00
Mark Felder
3f4f567c9c Fix order of args for hide_reblogs/2 2024-07-22 19:16:00 -04:00
Mark Felder
adb93f7e5d Fix order of args for unfollow/2 2024-07-22 19:11:22 -04:00
Mark Felder
f79a16c062 Fix order of args for follow/2 2024-07-22 19:07:55 -04:00
Mark Felder
082319ff48 Fix order of args for unblock/2 2024-07-22 18:44:32 -04:00
Mark Felder
cbc5e48417 Fix order of args for block/2 2024-07-22 18:41:50 -04:00
Mark Felder
1cccc0fc21 Fix order of args for vote/3 2024-07-22 18:38:02 -04:00
Mark Felder
8127e0d8cc Fix order of args for thread_muted?/2 2024-07-22 18:25:37 -04:00
Mark Felder
4601473aaf Fix order of args for add_mute/2 2024-07-22 18:25:37 -04:00
Mark Felder
d27ad36ce4 Fix order of args for remove_mute/2 2024-07-22 18:25:37 -04:00
Mark Felder
f602813d31 Fix order of args for update/2 2024-07-22 18:25:37 -04:00
Mark Felder
7e37882cf7 Fix order of args for favorite/2 2024-07-22 18:25:37 -04:00
Mark Felder
b1d3348331 Annotate public functions with typespecs and mark some functions as private 2024-07-22 18:25:33 -04:00
Mark Felder
3a79f060bb Add missing type 2024-07-22 15:32:20 -04:00
feld
f77911f05b Merge branch 'oban/more-improvements' into 'develop'
Oban: more improvements

See merge request pleroma/pleroma!4187
2024-07-22 17:45:44 +00:00
feld
058f8acb58 Merge branch 'metadata/parsing-empty' into 'develop'
Fix Metadata providers when parsing objects with no content or summary

See merge request pleroma/pleroma!4188
2024-07-21 04:33:34 +00:00
Mark Felder
f9647a86ed Fix the ObjectValidator error matching 2024-07-21 00:03:51 -04:00
Mark Felder
cf70656d14 Fix test now that the reject error has more detail 2024-07-20 23:58:47 -04:00
Mark Felder
fb654acfad Fix OpenGraph and Twitter metadata providers when parsing objects with no content or summary fields. 2024-07-20 23:48:54 -04:00
Mark Felder
fdeb8616e8 Increase timeout for background, remote fetcher, and user refresh jobs 2024-07-20 22:16:33 -04:00
Mark Felder
d62a9afed3 Improved detecting unrecoverable errors for incoming federation jobs 2024-07-20 21:53:03 -04:00
Mark Felder
b8503f1ad4 PollWorker jobs will not retry if the activity no longer exists. 2024-07-20 21:24:13 -04:00
Mark Felder
e509519db4 Publisher jobs will not retry if the error received is a 400 2024-07-20 21:21:21 -04:00
feld
e4a6973e0b Merge branch 'transmogrifier/handle-non-validate-delete-errors' into 'develop'
Transmogrifier: handle non-validate errors on incoming Delete activities

See merge request pleroma/pleroma!4185
2024-07-21 00:47:10 +00:00
feld
776b069a04 Merge branch 'oban/cancel-federation' into 'develop'
Cancel queued publishing jobs when undoing an activity

See merge request pleroma/pleroma!4186
2024-07-20 19:33:27 +00:00
Mark Felder
d44765bc13 Support cancelling jobs when Unreacting 2024-07-20 15:14:46 -04:00
Mark Felder
304b7f5093 Support cancelling jobs when Unrepeating 2024-07-20 15:06:19 -04:00
Mark Felder
86ae00f9da Support cancelling jobs when Unfavoriting 2024-07-20 14:54:31 -04:00
Mark Felder
3f5c9f003b Reorganize test group to have shared a shared setup 2024-07-20 14:54:31 -04:00
Mark Felder
62280a3b9f Cancel queued (undelivered) publishing jobs for an activity when deleting that activity. 2024-07-20 14:54:04 -04:00
Mark Felder
d3c2180181 Formatting 2024-07-18 12:12:34 -04:00
Mint
1f3ac66844 Transmogrifier: handle non-validate errors on incoming Delete activities
This should fix WithClauseError resulting in Oban jobs for processing
incoming deletes being retried without getting cancelled when those
deletes are MRF rejected.
2024-07-18 18:04:32 +03:00