08591a11db
ActivityPub.inbox: don't report error on unsupported type, just log
2024-07-04 22:28:41 -07:00
b606924d63
refactor SUPPORTED_AS1_TYPES usage into new Protocol.check_supported method
2024-07-04 21:11:38 -07:00
850d681f83
add Protocol.SUPPORTED_AS1_TYPES
2024-07-04 16:58:06 -07:00
25199f8c9a
activitypub.inbox: only mark id seen in memcache after we've enqueued the receive task
...
for https://github.com/snarfed/bridgy-fed/issues/1047#issuecomment-2195287066
2024-06-27 13:20:07 -07:00
85d85d1ffd
AP: harden outbox and followers/ing collections to only count up to a limit
...
we should eventually precompute them so we can always return them cheaply!
for #1152
2024-06-26 10:56:27 -07:00
fc0cc1118a
activitypub.inbox: short circuit on activity or actor id on opted out domain
2024-06-23 09:20:22 -07:00
bf657d3409
ActivityPub.inbox: return 400 on invalid activity id
...
fixes https://console.cloud.google.com/errors/detail/CLSnttKfy4v90wE;time=P7D?project=bridgy-federated
2024-06-20 14:32:37 -07:00
32c69876fb
AP: bug fix for converting Link attachments to HTML links in content
...
for 980a786#958
2024-06-19 13:54:06 -07:00
980a786c6b
AP: convert Link attachments to HTML links in content
...
...since some fediverse platforms (notably Mastodon) will render them as blank "Preview not available" embeds, and support on other platforms is unreliable. Most reliably generate preview embeds for HTML links in content though.
fixes #958
2024-06-19 13:29:20 -07:00
49445c9f97
AP outbox and following endpoints: 404 if user hasn't enabled AP
2024-06-14 12:00:20 -07:00
f21bc2cfe8
ActivityPub.target_for: pass shared kwarg through to recursive call
2024-06-13 20:11:37 -07:00
4e489a4ee0
activitypub.inbox: store seen activity ids in memcache, short circuit on seen ids earlier
2024-06-13 13:54:37 -07:00
441849a22a
Revert "Revert "start using an ndb in memory global cache in the frontends and router""
...
This reverts commit 0cbcf81ecc
2024-06-04 14:27:02 -07:00
83893d0ea7
HTTP caching headers: switch to flask_util.headers
...
for #432 , fixes https://console.cloud.google.com/errors/detail/CMK10__x4ZbgbQ;time=P7D;refresh=true?project=bridgy-federated
2024-06-04 14:19:39 -07:00
cc564a2b19
turn on authorization checks! HTTP sig matches actor, actor is allowed to modify object
...
for #566
2024-06-03 14:12:08 -07:00
5266974731
Protocol.for_id: make Web own bot actor AP ids, not bot protocol
2024-06-02 08:21:18 -07:00
a2376f8f14
prune more logging messages
2024-06-01 07:17:44 -07:00
0cbcf81ecc
Revert "start using an ndb in memory global cache in the frontends and router"
...
This reverts commit 7e77d7a463
2024-06-01 07:04:38 -07:00
7e77d7a463
start using an ndb in memory global cache in the frontends and router
...
lol yolo 982f8a70df/google/cloud/ndb/global_cache.py (L200-L202)
2024-05-31 13:08:25 -07:00
d0ca690dc4
HTTP Cache-Control header bug fix, use integer seconds for max-age, not float
...
for #432
2024-05-30 17:12:45 -07:00
9c4888b02e
switch from flask_util.cached to HTTP caching, suppress some verbose logging
2024-05-30 14:55:35 -07:00
7e594e3227
authz: move NO_AUTH_DOMAINS (a.gup.pe) from Protocol.receive to activitypub.inbox
...
for #566
2024-05-30 13:34:14 -07:00
fda7a79437
authz: on delete of actor signed by actor, pass authed_as to Object.get_or_create
...
for #566
2024-05-30 11:39:07 -07:00
9f33767f33
authz: move LD Sig check from Protocol.receive to activitypub.inbox
...
for #566
2024-05-29 21:17:38 -07:00
8f5d8221a9
add ids.profile_id, use everywhere
...
for #566
2024-05-29 16:18:15 -07:00
f2a64c8b5c
Object.get_or_create: rename actor => authed_as, add to all calls
...
for #566
2024-05-28 16:07:32 -07:00
916421c033
activitypub authz logging, preserve original keyId, including fragment
...
for #566
2024-05-28 16:00:21 -07:00
22760f5017
ActivityPub.verify_signature: follow controller/owner if different from keyId
...
for https://github.com/snarfed/bridgy-fed/issues/566#issuecomment-2130728082
https://swicg.github.io/activitypub-http-signature/#how-to-obtain-a-signature-s-public-key
2024-05-28 13:48:03 -07:00
3ec5e57136
activitypub.signed_request: limit redirects
...
for #1085 , #1087
2024-05-27 21:02:59 -07:00
03672679b9
activitypub, protocol: misc noop logging and code style tweaks
2024-05-27 20:38:49 -07:00
d789fd10b6
ActivityPub.inbox: run receive in task instead of inline
...
for #1040
2024-05-23 15:02:49 -07:00
769dadb882
ATProto: arroba: send_new_commits => send_events
...
snarfed/arroba@aad0d9da63
2024-05-22 16:47:09 -07:00
b4124bd23f
AP: wrap content in <p> tag to preserve whitespace
...
for #990
this assumes an implementation detail of fediverse servers: that they apply a white-space: pre-wrap style to <p>s inside content. awkward overreach, but useful since white-space: pre-wrap preserves more whitespace (eg leading spaces on a line, multiple spaces, etc) than just converting newlines to <br>s.
2024-05-20 12:18:41 -07:00
edf3b5894e
activitypub.postprocess_as2: linkify indexed tags in content
...
makes Mastodon etc link them correctly to the local instance's UI in its rendering
2024-05-19 20:38:34 -07:00
9243e18a4f
activitypub.postprocess_as2: hashtags: use activity id's domain for href
...
for https://github.com/snarfed/bridgy-fed/issues/1013
2024-05-19 17:56:26 -07:00
ec350e7fa6
activitypub.postprocess_as2: fix de-duping image attachments
...
for https://github.com/snarfed/bridgy-fed/issues/1000#issuecomment-2119106644
2024-05-19 15:38:13 -07:00
7cf8a77a73
ActivityPub.postprocess_as2: always populate images into attachments as objects
...
hopefully for https://github.com/snarfed/bridgy-fed/issues/1000#issuecomment-2119106644 , ATProto images without alt text not showing up in AP
2024-05-19 14:44:54 -07:00
f6798f2725
abstract "bridged from Bridgy Fed" profile label across protocols
...
for #976
2024-05-14 16:03:42 -07:00
b7a55d2f5e
ActivityPub.signed_request: pass from_user through on redirects
...
re https://akkoma.dev/AkkomaGang/akkoma/issues/438#issuecomment-12042 . thanks https://akkoma.dev/Oneric !
2024-05-14 10:42:11 -07:00
348987f0b4
add Protocol.REQUIRES_OLD_ACCOUNT, enable for ActivityPub
2024-05-11 19:20:33 -07:00
078bef041e
turn on REQUIRES_AVATAR/NAME for ActivityPub, Bluesky
2024-05-11 16:50:57 -07:00
de0af66979
basic anti-spam: add new Protocol.REQUIRES_AVATAR/NAME constants
...
...and start returning `blocked` from User.status for them
2024-05-11 16:03:07 -07:00
034236f4cf
AP: don't duplicate security context in @context in bot users
...
fixes #1003 . thanks @grishka!
2024-05-05 08:29:47 -07:00
0781a4c695
AP inbox delivery: return 422 when a user with a bad handle follows the bot user
...
for #982
2024-05-04 13:39:39 -07:00
2bf526ab7c
refactor validating handles in ATProto and elsewhere
...
for https://github.com/snarfed/bridgy-fed/issues/982
2024-05-03 15:18:16 -07:00
073ce475e5
Protocol.receive: bridge replies to followers where in-reply-to already is
...
...ie if it's on the follower's protocol, either native or bridged.
for #981 , #950 , #949
not confident in this, despite the tests. worried it will either over- or under-deliver. guess we'll see.
2024-05-01 17:45:48 -07:00
c8ca31554b
AP: strip Link attachments since fedi instances generate their own link previews
...
hopefully fixes #958
2024-04-29 15:13:12 -07:00
cbe4b59206
convert Protocol.is_enabled_to to an instance method
...
next commit will move it to User
2024-04-27 20:27:33 -07:00
0b00e6eb4b
AP: serve protocol bot users on their own subdomains
2024-04-22 16:07:54 -07:00
10023d17fd
Protocol.enable_protocol: create copy user if necessary
2024-04-21 12:18:12 -07:00
f357ea1698
ActivityPub: accept non-public DMs to protocol bot users
...
for #880
2024-04-21 08:36:03 -07:00
1686a2ba91
opt in/out prompt: accept yes/no DMs to bot users to enable/disable protocols
...
for #880
2024-04-21 08:08:12 -07:00
259b7d72dd
start on conditional opt in
...
* add Protocol.DEFAULT_ENABLED_PROTOCOLS
* add User.enabled_protocols
* move common.is_enabled to Protocol.is_enabled_to, include opt out/in
2024-04-17 16:43:10 -07:00
f840c8b784
temporarily disable is_enabled checks in ATProto/ActivityPub.convert
...
for manual testing
2024-04-14 14:50:02 -07:00
133d640f1d
improve rendering of ATProto interactions on user pages
...
for #825
2024-04-11 15:02:15 -07:00
bf296802d8
pass from_user through to convert() in a few more places
2024-04-10 15:16:37 -07:00
7009267bb0
use new handle_or_id kwarg in common.is_enabled calls
2024-04-10 11:49:53 -07:00
f1531b44e7
bug fix for bad profile link on followers page
...
fixes #934
2024-04-01 23:06:57 -07:00
5c470a4647
consider opted out Web domains in ActivityPub.status, not is_blocklisted
...
follow-up to df321234c0
2024-03-31 18:50:01 -07:00
7bf29d411f
atproto: only enable indieweb.org and snarfed.org, for now
2024-03-13 13:07:30 -07:00
95e46c5ebb
Revert "cache outbound HTTP request responses, locally to each inbound request"
...
This reverts commit 30debfc8fa
2024-03-11 15:31:30 -07:00
30debfc8fa
cache outbound HTTP request responses, locally to each inbound request
...
using requests-cache. pretty straightforward! for #588
2024-03-08 12:34:49 -08:00
4f239c92e5
activitypub: drop japanese spam flood mitigation
...
this stopped (at least to BF) as of 2/24
2024-03-01 12:15:45 -08:00
0610c3c175
activitypub.actor: check enabled protocols
2024-02-29 12:52:49 -08:00
d2865fdb86
add common.ENABLED_BRIDGES, check before conversion and /bridge-user
2024-02-28 12:07:06 -08:00
942452f176
AP: ignore unlisted posts
...
for #832
2024-02-27 12:05:18 -08:00
9489204d64
AP: add profile to Content-Type: application/ld+json
...
for #895
2024-02-27 11:38:00 -08:00
8288390cfd
AP inbox delivery, Protocol.receive: error on blocklisted ids
...
fixes https://console.cloud.google.com/errors/detail/CN278MyjhZbtOQ;time=P30D?project=bridgy-federated , https://console.cloud.google.com/errors/detail/CLSnttKfy4v90wE;time=P30D?project=bridgy-federated
2024-02-27 06:42:19 -08:00
0c98e88a9d
another tweak to heuristic for Feb 2024 Japanese mention spam flood
...
sometimes there's no image. example: https://kish.social/@kj2hevtalc/111954393290908177
2024-02-18 13:56:21 -08:00
e55ef252ab
minor tweak to heuristic for Feb 2024 Japanese mention spam flood
2024-02-18 13:49:37 -08:00
7d9467fa19
temporary heuristic to ignore Feb 2024 Japanese mention spam flood
2024-02-18 13:24:53 -08:00
21ba279b31
ActivityPub.convert: fill in context in obj.as2
2024-01-28 18:15:37 -08:00
fcef6c21ab
Revert "heuristic: assume no AP actor id is the root path on its host"
...
This reverts commit b7e890b4bbhttps://bw3.dev/ is an example. general info on https://docs.microblog.pub/user_guide.html#activitypub but not this specifically.
fixes https://console.cloud.google.com/errors/detail/CLSnttKfy4v90wE;time=P30D?project=bridgy-federated
2024-01-26 12:59:54 -08:00
8ab09511bd
bug fix for following from web UI with custom username
...
thanks again for reporting @campegg!
2024-01-26 06:52:03 -08:00
3bcef0d37d
follow UI: specific error message for trying to follow bridged accounts
...
thanks for the nudge @campegg!
2024-01-25 17:05:26 -08:00
a832a4edf6
follow UI: error on bridged accounts
...
also make ActivityPub.owns_handle return False for bridged accounts
fixes https://console.cloud.google.com/errors/detail/CLSnttKfy4v90wE;time=P30D?project=bridgy-federated
2024-01-15 07:57:03 -08:00
b6989a4f2e
if a web user has the webfinger redirects, use AS2 type Person, not Application
2024-01-14 13:53:28 -08:00
f34175de43
minor disclaimer tweak: switch newlines to <br>s
2024-01-11 17:43:56 -08:00
e9194b0a66
AP: default actors to type Application, add disclaimer with links to profile bio
...
thanks for the nudge @fromjasonstuff!
2024-01-11 16:37:10 -08:00
26de4097ae
AP: switch default signing actor to real fed.brid.gy instance actor
...
https://seb.jambor.dev/posts/understanding-activitypub-part-4-threads/#the-instance-actor
2024-01-06 11:59:31 -10:00
b999cfe59a
ActivityPub.convert bug fix: don't call postprocess_as2_actor without user
...
fixes https://console.cloud.google.com/errors/detail/CKmOubHj-8H84AE;time=P30D?project=bridgy-federated
2023-12-14 15:48:02 -08:00
4d732e5d3e
ActivityPub.postprocess_as2: don't default inner obj's id to orig obj's id
2023-12-06 10:03:48 -08:00
d538928fe6
activitypub.postprocess_as2_actor: bug fix for publicKey w/Web.ap_subdomain
2023-12-01 13:06:59 -08:00
7dce96d984
activitypub.actor: handle subdomains vs local domains better
...
for curl --connect-to
2023-12-01 12:57:21 -08:00
6e236e2d70
switch User.ap_actor to id_as, use Web.ap_subdomain property
2023-11-30 17:10:18 -08:00
520b2fd3b0
User.ap_address() => handle_as(ActivityPub)
2023-11-29 21:06:55 -08:00
e079cec77c
ActivityPub.convert: omit acct: URIs
...
for #738 , https://github.com/Automattic/wordpress-activitypub/issues/571
2023-11-29 14:51:56 -08:00
004726d397
fix followers/ing UI page for AP users
...
fixes #718
2023-11-27 21:01:02 -08:00
8f7facda97
don't automatically accept follows from protocols that support them natively
...
for #710 . adds per-protocol `HAS_FOLLOW_ACCEPTS` constant
2023-11-27 14:44:05 -08:00
443506c425
activitypub.postprocess_as2_actor: remove obsolete wrap kwarg
2023-11-27 11:51:52 -08:00
32b38eed07
AP: move Accept object actor handling from postprocess_as2 to convert
2023-11-27 11:49:14 -08:00
3c460c88ad
activitypub.outbox and follower_collection bug fix: pass user to convert
...
fixes https://console.cloud.google.com/errors/detail/CNCD9uP8oaH9AQ;time=P30D?project=bridgy-federated
2023-11-26 15:59:20 -08:00
d7d55864ad
activitypub.actor bug fix: handle opted out users
...
fixes https://console.cloud.google.com/errors/detail/CKOs59zx0rSXQg;time=P30D?project=bridgy-federated
2023-11-26 15:44:43 -08:00
03315891aa
drop a lot of g.user
...
for #690
2023-11-25 20:23:19 -08:00
1591dfb641
pass user to Protocol.send/convert instead of using g.user
...
for #690
2023-11-25 20:07:14 -08:00
face71c9eb
ActivityPub.convert noop, kwargs => orig_obj
2023-11-25 16:07:06 -08:00
69ac7eabca
activitypub: move postprocess_as2_actor out of postprocess_as2
...
...and into ActivityPub.convert and actor handler directly. for #690
2023-11-24 09:20:52 -08:00
ee571e5b25
activitypub: move compacting actors from postprocess_as2 to convert
...
for #690
2023-11-24 08:34:39 -08:00
5d0b275ca8
ActivityPub.convert: compact actor to just id
2023-11-24 08:01:06 -08:00
33c5c3a4d2
AP: add HEAD support to followers/ing, outbox collections
...
for #383
2023-11-23 22:41:52 -08:00
Ryan Barrett