Commit Graph

912 Commits

Author SHA1 Message Date
Bat
a8b47de28b Explicitely escape user data in translations to avoid XSS 2018-06-26 17:58:11 +02:00
Bat
a7b246b726 Change .tera to .html.tera to enable auto-escaping 2018-06-26 17:40:25 +02:00
Bat
9a825e7066 Change the signature of ap_url to be backward-compatible 2018-06-26 17:32:35 +02:00
Baptiste Gelez
f58bc1d8f1
Merge pull request #84 from Madeorsk/meta-buttons
Improved Likes / Reshares section
2018-06-26 16:36:10 +02:00
Baptiste Gelez
ca07950100
Merge pull request #83 from Plume-org/csrf-protection
Csrf protection
2018-06-26 16:30:24 +02:00
Bat
507d3e6183 Use USE_HTTPS to compute AP URLs
Instead of relying on cfg(debug_assertions)
2018-06-26 16:21:58 +02:00
Bat
f805ec1d53 Introduce an environment variable to disable HTTPS, and use it when fetching WebFinger resources
You can now use USE_HTTPS=0 when debugging the federation locally.
2018-06-26 16:16:59 +02:00
Trinity Pointard
5bbfd9d1e9 Set maximum image width to 100% of parent
fix #87
2018-06-25 16:03:59 +02:00
Trinity Pointard
5133410451 Properly verify password
fix #86
2018-06-25 15:38:39 +02:00
Matthieu
11e66472f9 Improved Likes / Reshares section 2018-06-25 14:10:24 +02:00
Trinity Pointard
3b9c53bebc Use proper repository for rocket_csrf 2018-06-24 19:02:47 +02:00
Trinity Pointard
30e9620d0a Add csrf protection 2018-06-24 18:58:57 +02:00
Bat
3bc90e71d4 Clean Cargo.toml files 2018-06-23 17:39:58 +01:00
Bat
68c7aad179 Big repository reorganization
The code is divided in three crates:
- plume-common, for the ActivityPub module, and some common utils
- plume-models, for the models and database-related code
- plume, the app itself

This new organization will allow to test it more easily, but also to create other tools that only reuse a little part of
the code (for instance a Wordpress import tool, that would just use the plume-models crate)
2018-06-23 17:36:11 +01:00
Bat
0a1edba4b0 Fix the custom properties deserialization bug for Blogs as well 2018-06-23 15:00:35 +01:00
Bat
e7fd12ae6f Set to and cc for new Follow activities 2018-06-23 13:47:53 +01:00
Bat
3a19cae62e Add id, to and cc for Undo Announce 2018-06-23 13:42:27 +01:00
Bat
a88d0e102f Like: only compute ap_url once 2018-06-23 13:40:10 +01:00
Bat
d2c8631ba4 Add cc and to for Announce 2018-06-23 13:36:15 +01:00
Bat
cd9862bc4c Add cc, id and to for Articles 2018-06-23 13:29:41 +01:00
Bat
3ab6dfe288 Add id, to and cc to Undo for Likes 2018-06-23 13:19:14 +01:00
Bat
135797805e Make Like compliant to the spec 2018-06-23 13:17:17 +01:00
Bat
f2795baab5 Make Create Note compliant to the spec 2018-06-23 13:07:07 +01:00
Bat
3ea4823060 Make Accept Follow compliant to the spec 2018-06-23 12:50:14 +01:00
Bat
236767f498 Send the 'Content-Type: application/activity+json' header for ActivityPub request
Should fix #76
2018-06-23 12:23:37 +01:00
Bat
6140865660 Make Post::from_activity a bit more complete 2018-06-23 12:14:03 +01:00
Bat
3b2ca041d0 Rewrite Post::into_activity in a nicer way
And prefer expect over unwrap
2018-06-22 21:45:37 +01:00
Bat
6a5d806b1d Various federation fixes 2018-06-22 16:17:53 +01:00
Baptiste Gelez
ffb4f6e6d8
Merge pull request #71 from Zanfib/master
solve #68
2018-06-22 09:52:43 +01:00
Didier Link
ae759114aa temporarly use an absolute link in users detail header template, linked with bug #65 2018-06-22 01:17:22 +02:00
Didier Link
b153a9ce2b add an argument in the macro may_fail to have the account linked in the error template 2018-06-22 00:50:06 +02:00
Didier Link
9abb5887b1 use user.username for the edit link, not the display name 2018-06-22 00:27:18 +02:00
Didier Link
feff837313 Merge branch 'master' of https://github.com/Plume-org/Plume 2018-06-22 00:00:15 +02:00
Bat
e34d12922c Serialize publicKey in Person representation 2018-06-21 22:12:24 +01:00
Bat
dccab062e3 Implement Blog::into_activity 2018-06-21 22:07:04 +01:00
Bat
a0f680a9b6 Rewrite Blog::from_activity to use the activitypub crate instead of raw JSON 2018-06-21 21:39:44 +01:00
Bat
e7e557612e Rewrite User::from_activity to use the activitypub crate instead of raw JSON 2018-06-21 21:30:56 +01:00
Bat
f5f2aa7c59 Get rid of the activity_pub::actor::Actor trait 2018-06-21 18:53:57 +01:00
Bat
9a8472bdcc Move compute_box from Actor to Instance 2018-06-21 18:42:17 +01:00
Bat
606a3d12c7 Remove useless functions from activity_pub::actor::Actor 2018-06-21 18:23:01 +01:00
Bat
7812b9bc8f Aardwolf -> Plume
Copy/pasting is bad :p
2018-06-21 18:11:33 +01:00
Bat
201d7cab8b Merge branch 'master' of github.com:Plume-org/Plume 2018-06-21 18:11:07 +01:00
Bat
b2e8d54161 Drop activity_pub::activitypub and activity_pub::ActivityPub and only use the ActivityStream responder 2018-06-21 18:09:18 +01:00
Bat
6df4b70318 Set @context for ActivityStream responder 2018-06-21 17:30:07 +01:00
Bat
ea29dd91dc Set the correct content type for the ActivityStream responder 2018-06-21 17:25:29 +01:00
Baptiste Gelez
40fd242fdc
Merge pull request #73 from BanjoFox/BanjoFox-DocUpdates
Banjo fox doc updates
2018-06-21 17:12:22 +01:00
Bat
3fe2625e86 Simplify the Inbox trait
If we want to add, for instance, streams in the future, we could introduce
a new trait for that, similar to FromActivity or Notify

We also display inbox errors to the "client" if something fails,
which could be useful for debugging.
2018-06-21 17:00:37 +01:00
Bat
5193ad6f65 Remove legacy Inbox::unlike function 2018-06-21 16:45:54 +01:00
Banjo Fox
8efabca553
Adding link for PREREQUISITES.md 2018-06-21 11:32:11 -04:00
Bat
2217ec0d56 Remove PgConnection when we don't need it
Massive simplification in the ActivityPub module!
2018-06-21 16:31:42 +01:00