octo
/
microblog.pub
mirror of https://git.sr.ht/~tsileo/microblog.pub
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
615 Commits 7 Branches 12 Tags 3.7 MiB
Commit Graph

138 Commits

Author SHA1 Message Date
João Costa c1692a296d Use object name in the RSS feed title if possible 
Articles have a title stored in the object name. It makes sense to also use
this title in the RSS entry.
 2023-01-20 08:30:26 +01:00
Thomas Sileo 94d14fbef3 Tweak webfinger endpoint 2023-01-01 15:33:59 +01:00
Thomas Sileo f34e0b376b Fix webfinger support for custom domains 2022-12-31 19:23:22 +01:00
Thomas Sileo 9c65919070 Tweak feeds 2022-12-23 09:25:50 +01:00
Thomas Sileo f34bce180c Add support for custom webfinger domain 2022-12-19 20:49:19 +01:00
Thomas Sileo 0b86df413a Support creating note via C2S 2022-12-18 16:05:41 +01:00
Thomas Sileo ed214cf0e7 Add OAuth refresh token support 2022-12-18 12:55:24 +01:00
Thomas Sileo 3fb36d6119 C2S API for the inbox 2022-12-18 10:52:06 +01:00
Thomas Sileo 7b506f2519 More AP C2S support 2022-12-16 20:20:40 +01:00
Thomas Sileo 7621a19489 Check browser support before returning webp pictures 2022-12-11 16:15:25 +01:00
Thomas Sileo 7d3fc35a24 More proxy client tweaks 2022-12-02 19:40:58 +01:00
Thomas Sileo 73dceee0f5 Fix proxy client 2022-12-02 19:28:59 +01:00
Thomas Sileo 0527e34476 Tweak proxy client 2022-12-02 18:48:05 +01:00
João Costa 5df4d420de Whitelist object types in the index query 
Select the outbox object types that we want to show on the notes page
instead of removing objects that we don't want to show.
That way, it's easier to ensure that there are no objects messing up the
object count/empty checks.

Partially fixes https://todo.sr.ht/~tsileo/microblog.pub/65
 2022-11-30 14:10:28 +01:00
Thomas Sileo 46a592b11e Switch back to HTTP1 for the media proxy client 2022-11-30 12:26:31 +01:00
Thomas Sileo 5f0b8f5dfd Tweak media proxy client 2022-11-28 20:58:16 +01:00
Thomas Sileo e30e0de10e No more HTTP sig check on the actor profile 2022-11-27 11:36:15 +01:00
Thomas Sileo 4c6eb51ae2 Proper mf2 for replies 2022-11-20 11:12:34 +01:00
Thomas Sileo d36102255f Merge branch 'v2' into indieweb-merge-part2 2022-11-20 10:48:43 +01:00
Thomas Sileo ef4608f348 Switch back the proxy client to HTTP2 mode 2022-11-20 09:49:19 +01:00
Thomas Sileo 822280c280 Tweak proxy client (increased timeout, no more HTTP2) 2022-11-19 08:32:44 +01:00
Thomas Sileo 9d312bc229 Fix typing 2022-11-19 08:15:36 +01:00
Kevin Wallace b37b77ad34 Make local actor icon optional 
If a remote actor has no icon, we show our local default icon.

If we have no icon, we should allow remote instances to show their
default icon, instead of sending ours.
 2022-11-19 08:12:49 +01:00
Thomas Sileo 9ee3f3b971 More progess on webmention replies 2022-11-19 08:12:33 +01:00
Thomas Sileo 120f92a9ed Display Webmention as replies when applicable 2022-11-18 20:20:58 +01:00
Thomas Sileo 434fd98cd9 Merge IndieWeb likes/reposts with their AP counterpart 2022-11-17 21:03:24 +01:00
Thomas Sileo 89c90fba56 Start to merge IndieWeb and AP interactions 2022-11-17 09:18:06 +01:00
Thomas Sileo 0c5ce67d4e Tweak remote instance redirection 2022-11-13 17:37:19 +01:00
Kevin Wallace 9db7bdf0fb remote follow: use HTML redirect to work around CSP issue 
In Chrome, I get the following when trying to use the remote follow form:

    Refused to send form data to 'https://example.com/remote_follow'
    because it violates the following Content Security Policy directive:
    "form-action 'self'".

It seems some browsers (but notably not Firefox) apply the form-action
policy to the redirect target in addition to the initial form
submission endpoint.  See:

    https://github.com/w3c/webappsec-csp/issues/8

In that thread, this workaround is suggested.
 2022-11-13 17:11:02 +01:00
Thomas Sileo 62c9327500 Add support for setting a custom CSP 2022-11-09 21:26:43 +01:00
Kevin Wallace a4cfd65009 Sign media URLs to avoid becoming an open proxy 
Signatures are valid for ~1 week.
 2022-11-04 19:36:26 +01:00
Kevin Wallace 242bf7b515 fixup! Fix URL generation when not at domain root 
Oops -- missed these two!  Sorry for the noise; let me know if you'd
like me to squash and resubmit.
 2022-11-04 19:22:30 +01:00
Thomas Sileo 32692a7dcd First shot at supporting custom handler 2022-11-02 08:51:21 +01:00
Thomas Sileo 3d049da2e5 Add slug support for Article 2022-10-30 17:50:59 +01:00
Thomas Sileo c8a9793638 Make hashtag case insensitive 2022-10-05 20:27:21 +02:00
Thomas Sileo 6216b316e8 Add remote interaction button 2022-09-23 20:09:05 +02:00
Thomas Sileo 4c86cd4be3 Always show followers/following page when admin 2022-09-13 22:33:20 +02:00
Thomas Sileo b2f268682c New config item to hide followers/following 2022-09-13 21:03:35 +02:00
Thomas Sileo 5f20eab3f1 More work towards support moving/deleting instance 2022-09-01 20:42:20 +02:00
Miguel Jacq c740813b57 Ensure pinned posts appear on front page before others 2022-08-31 08:19:47 +02:00
Miguel Jacq db8f0cb141 Harden the CSP a bit for values that don't inherit default-src. Set Permissions-Policy. Remove TODO 2022-08-30 08:21:11 +02:00
Thomas Sileo ebdba62a06 No more inline CSS 2022-08-29 21:42:54 +02:00
Thomas Sileo a02c8cf0bb Fix NGINX setup instructions 2022-08-29 19:28:54 +02:00
Thomas Sileo ee5265f4dd Small tweaks/typos 2022-08-29 09:09:28 +02:00
Thomas Sileo 87f035d298 HTML error page 2022-08-28 17:36:58 +02:00
Thomas Sileo 4e445a7207 Prevent replay attacks with TLS1.3 0-RTT 2022-08-26 23:35:58 +02:00
Thomas Sileo 40c4a4413d Tweak media proxy error 2022-08-26 22:04:38 +02:00
Thomas Sileo 88cb82c9bb Improve static assets caching 2022-08-26 20:26:41 +02:00
Thomas Sileo edf9e28ed1 Tweak cache size 2022-08-26 18:58:21 +02:00
Thomas Sileo 84203fc66e More webp support 2022-08-26 09:28:00 +02:00