Merge branch 'pfefferle:master' into Comments

This commit is contained in:
Django 2023-03-10 16:34:51 -07:00 committed by GitHub
commit af6dd43241
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 224 additions and 22 deletions

View file

@ -1,10 +1,9 @@
# ActivityPub # # ActivityPub #
**Contributors:** [pfefferle](https://profiles.wordpress.org/pfefferle/), [mediaformat](https://profiles.wordpress.org/mediaformat/), [akirk](https://profiles.wordpress.org/akirk/) **Contributors:** [pfefferle](https://profiles.wordpress.org/pfefferle/), [mediaformat](https://profiles.wordpress.org/mediaformat/), [akirk](https://profiles.wordpress.org/akirk/), [automattic](https://profiles.wordpress.org/automattic/)
**Donate link:** https://notiz.blog/donate/
**Tags:** OStatus, fediverse, activitypub, activitystream **Tags:** OStatus, fediverse, activitypub, activitystream
**Requires at least:** 4.7 **Requires at least:** 4.7
**Tested up to:** 6.1 **Tested up to:** 6.1
**Stable tag:** 0.16.2 **Stable tag:** 0.17.0
**Requires PHP:** 5.6 **Requires PHP:** 5.6
**License:** MIT **License:** MIT
**License URI:** http://opensource.org/licenses/MIT **License URI:** http://opensource.org/licenses/MIT
@ -88,6 +87,25 @@ Where 'blog' is the path to the subdirectory at which your blog resides.
Project maintained on GitHub at [pfefferle/wordpress-activitypub](https://github.com/pfefferle/wordpress-activitypub). Project maintained on GitHub at [pfefferle/wordpress-activitypub](https://github.com/pfefferle/wordpress-activitypub).
### 0.17.0 ###
* Fix type-selector
* Allow more HTML elements in Activity-Objects
### 0.16.5 ###
* Return empty content/excerpt on password protected posts/pages
### 0.16.4 ###
* Remove scripts later in the queue, to also handle scripts added by blocks
* Add published date to author profiles
### 0.16.3 ###
* "cc", "to", ... fields can either be an array or a string
* Remove "style" and "script" HTML elements from content
### 0.16.2 ### ### 0.16.2 ###
* Fix fatal error in outbox * Fix fatal error in outbox

View file

@ -3,7 +3,7 @@
* Plugin Name: ActivityPub * Plugin Name: ActivityPub
* Plugin URI: https://github.com/pfefferle/wordpress-activitypub/ * Plugin URI: https://github.com/pfefferle/wordpress-activitypub/
* Description: The ActivityPub protocol is a decentralized social networking protocol based upon the ActivityStreams 2.0 data format. * Description: The ActivityPub protocol is a decentralized social networking protocol based upon the ActivityStreams 2.0 data format.
* Version: 0.16.2 * Version: 0.17.0
* Author: Matthias Pfefferle * Author: Matthias Pfefferle
* Author URI: https://notiz.blog/ * Author URI: https://notiz.blog/
* License: MIT * License: MIT

View file

@ -1,6 +1,7 @@
version: '2' version: '2'
services: services:
test-db: test-db:
platform: linux/x86_64
image: mysql:5.7 image: mysql:5.7
environment: environment:
MYSQL_DATABASE: activitypub-test MYSQL_DATABASE: activitypub-test

View file

@ -82,7 +82,7 @@ class Shortcodes {
public static function excerpt( $atts, $content, $tag ) { public static function excerpt( $atts, $content, $tag ) {
$post = get_post(); $post = get_post();
if ( ! $post ) { if ( ! $post || \post_password_required( $post ) ) {
return ''; return '';
} }
@ -106,13 +106,11 @@ class Shortcodes {
// An empty string will make wp_trim_excerpt do stuff we do not want. // An empty string will make wp_trim_excerpt do stuff we do not want.
if ( '' !== $content ) { if ( '' !== $content ) {
$excerpt = \strip_shortcodes( $content ); $excerpt = \strip_shortcodes( $content );
/** This filter is documented in wp-includes/post-template.php */ /** This filter is documented in wp-includes/post-template.php */
$excerpt = \apply_filters( 'the_content', $excerpt ); $excerpt = \apply_filters( 'the_content', $excerpt );
$excerpt = \str_replace( ']]>', ']]>', $excerpt ); $excerpt = \str_replace( ']]>', ']]>', $excerpt );
} }
} }
@ -187,7 +185,7 @@ class Shortcodes {
public static function content( $atts, $content, $tag ) { public static function content( $atts, $content, $tag ) {
$post = get_post(); $post = get_post();
if ( ! $post ) { if ( ! $post || \post_password_required( $post ) ) {
return ''; return '';
} }
@ -207,6 +205,11 @@ class Shortcodes {
$content = wp_filter_content_tags( $content ); $content = wp_filter_content_tags( $content );
} }
// replace script and style elements
$content = \preg_replace( '@<(script|style)[^>]*?>.*?</\\1>@si', '', $content );
$content = \trim( \preg_replace( '/[\n\r\t]/', '', $content ) );
return $content; return $content;
} }

View file

@ -61,7 +61,7 @@ class Post {
* *
* @var string * @var string
*/ */
private $object_type = 'Note'; private $object_type;
/** /**
* The Allowed Tags, used in the content. * The Allowed Tags, used in the content.
@ -85,6 +85,23 @@ class Post {
'div' => array( 'div' => array(
'class' => array(), 'class' => array(),
), ),
'ul' => array(),
'ol' => array(),
'li' => array(),
'strong' => array(
'class' => array(),
),
'b' => array(
'class' => array(),
),
'i' => array(
'class' => array(),
),
'em' => array(
'class' => array(),
),
'blockquote' => array(),
'cite' => array(),
); );
private $delete; private $delete;
@ -458,12 +475,11 @@ class Post {
wp_reset_postdata(); wp_reset_postdata();
$content = \wpautop( \wp_kses( $content, $this->allowed_tags ) ); $content = \wpautop( \wp_kses( $content, $this->allowed_tags ) );
$filtered_content = \apply_filters( 'activitypub_the_content', $content, $post );
$decoded_content = \html_entity_decode( $filtered_content, \ENT_QUOTES, 'UTF-8' );
$content = \trim( \preg_replace( '/[\n\r\t]/', '', $content ) ); $content = \trim( \preg_replace( '/[\n\r\t]/', '', $content ) );
$content = \apply_filters( 'activitypub_the_content', $content, $post );
$content = \html_entity_decode( $content, \ENT_QUOTES, 'UTF-8' );
$this->content = $content; $this->content = $content;
return $content; return $content;
@ -476,15 +492,15 @@ class Post {
*/ */
public function get_post_content_template() { public function get_post_content_template() {
if ( 'excerpt' === \get_option( 'activitypub_post_content_type', 'content' ) ) { if ( 'excerpt' === \get_option( 'activitypub_post_content_type', 'content' ) ) {
return "[ap_excerpt]\n\n[ap_permalink]"; return "[ap_excerpt]\n\n[ap_permalink type=\"html\"]";
} }
if ( 'title' === \get_option( 'activitypub_post_content_type', 'content' ) ) { if ( 'title' === \get_option( 'activitypub_post_content_type', 'content' ) ) {
return "[ap_title]\n\n[ap_permalink]"; return "[ap_title]\n\n[ap_permalink type=\"html\"]";
} }
if ( 'content' === \get_option( 'activitypub_post_content_type', 'content' ) ) { if ( 'content' === \get_option( 'activitypub_post_content_type', 'content' ) ) {
return "[ap_content]\n\n[ap_hashtags]\n\n[ap_permalink]"; return "[ap_content]\n\n[ap_hashtags]\n\n[ap_permalink type=\"html\"]";
} }
// Upgrade from old template codes to shortcodes. // Upgrade from old template codes to shortcodes.

View file

@ -604,11 +604,21 @@ class Inbox {
foreach ( array( 'to', 'bto', 'cc', 'bcc', 'audience' ) as $i ) { foreach ( array( 'to', 'bto', 'cc', 'bcc', 'audience' ) as $i ) {
if ( array_key_exists( $i, $data ) ) { if ( array_key_exists( $i, $data ) ) {
$recipient_items = array_merge( $recipient_items, $data[ $i ] ); if ( is_array( $data[ $i ] ) ) {
$recipient = $data[ $i ];
} else {
$recipient = array( $data[ $i ] );
}
$recipient_items = array_merge( $recipient_items, $recipient );
} }
if ( array_key_exists( $i, $data['object'] ) ) { if ( array_key_exists( $i, $data['object'] ) ) {
$recipient_items = array_merge( $recipient_items, $data[ $i ] ); if ( is_array( $data['object'][ $i ] ) ) {
$recipient = $data['object'][ $i ];
} else {
$recipient = array( $data['object'][ $i ] );
}
$recipient_items = array_merge( $recipient_items, $recipient );
} }
} }

View file

@ -1,5 +1,5 @@
{ {
"name": "activitypub", "name": "wordpress-activitypub",
"description": "The ActivityPub protocol is a decentralized social networking protocol based upon the ActivityStreams 2.0 data format.", "description": "The ActivityPub protocol is a decentralized social networking protocol based upon the ActivityStreams 2.0 data format.",
"repository": { "repository": {
"type": "git", "type": "git",

View file

@ -1,10 +1,9 @@
=== ActivityPub === === ActivityPub ===
Contributors: pfefferle, mediaformat, akirk Contributors: pfefferle, mediaformat, akirk, automattic
Donate link: https://notiz.blog/donate/
Tags: OStatus, fediverse, activitypub, activitystream Tags: OStatus, fediverse, activitypub, activitystream
Requires at least: 4.7 Requires at least: 4.7
Tested up to: 6.1 Tested up to: 6.1
Stable tag: 0.16.2 Stable tag: 0.17.0
Requires PHP: 5.6 Requires PHP: 5.6
License: MIT License: MIT
License URI: http://opensource.org/licenses/MIT License URI: http://opensource.org/licenses/MIT
@ -88,6 +87,25 @@ Where 'blog' is the path to the subdirectory at which your blog resides.
Project maintained on GitHub at [pfefferle/wordpress-activitypub](https://github.com/pfefferle/wordpress-activitypub). Project maintained on GitHub at [pfefferle/wordpress-activitypub](https://github.com/pfefferle/wordpress-activitypub).
= 0.17.0 =
* Fix type-selector
* Allow more HTML elements in Activity-Objects
= 0.16.5 =
* Return empty content/excerpt on password protected posts/pages
= 0.16.4 =
* Remove scripts later in the queue, to also handle scripts added by blocks
* Add published date to author profiles
= 0.16.3 =
* "cc", "to", ... fields can either be an array or a string
* Remove "style" and "script" HTML elements from content
= 0.16.2 = = 0.16.2 =
* Fix fatal error in outbox * Fix fatal error in outbox

View file

@ -19,6 +19,8 @@ $json->icon = array(
'url' => \get_avatar_url( $author_id, array( 'size' => 120 ) ), 'url' => \get_avatar_url( $author_id, array( 'size' => 120 ) ),
); );
$json->published = \gmdate( 'Y-m-d\TH:i:s\Z', \strtotime( \get_the_author_meta( 'registered', $author_id ) ) );
if ( \has_header_image() ) { if ( \has_header_image() ) {
$json->image = array( $json->image = array(
'type' => 'Image', 'type' => 'Image',

View file

@ -0,0 +1,75 @@
<?php
class Test_Activitypub_Rest_Inbox extends WP_UnitTestCase {
/**
* @dataProvider the_data_provider
*/
public function test_is_activity_public( $data, $check ) {
$this->assertEquals( $check, Activitypub\Rest\Inbox::is_activity_public( $data ) );
}
public function the_data_provider() {
return array(
array(
array(
'cc' => array(
'https://example.org/@test',
'https://example.com/@test2',
),
'to' => 'https://www.w3.org/ns/activitystreams#Public',
'object' => array(),
),
true,
),
array(
array(
'cc' => array(
'https://example.org/@test',
'https://example.com/@test2',
),
'to' => array(
'https://www.w3.org/ns/activitystreams#Public',
),
'object' => array(),
),
true,
),
array(
array(
'cc' => array(
'https://example.org/@test',
'https://example.com/@test2',
),
'object' => array(),
),
false,
),
array(
array(
'cc' => array(
'https://example.org/@test',
'https://example.com/@test2',
),
'object' => array(
'to' => 'https://www.w3.org/ns/activitystreams#Public',
),
),
true,
),
array(
array(
'cc' => array(
'https://example.org/@test',
'https://example.com/@test2',
),
'object' => array(
'to' => array(
'https://www.w3.org/ns/activitystreams#Public',
),
),
),
true,
),
);
}
}

View file

@ -0,0 +1,59 @@
<?php
class Test_Activitypub_Shortcodes extends WP_UnitTestCase {
public function test_content() {
global $post;
$post_id = -99; // negative ID, to avoid clash with a valid post
$post = new stdClass();
$post->ID = $post_id;
$post->post_author = 1;
$post->post_date = current_time( 'mysql' );
$post->post_date_gmt = current_time( 'mysql', 1 );
$post->post_title = 'Some title or other';
$post->post_content = '<script>test</script>hallo<script type="javascript">{"asdf": "qwerty"}</script><style></style>';
$post->post_status = 'publish';
$post->comment_status = 'closed';
$post->ping_status = 'closed';
$post->post_name = 'fake-page-' . rand( 1, 99999 ); // append random number to avoid clash
$post->post_type = 'page';
$post->filter = 'raw'; // important!
$content = '[ap_content]';
// Fill in the shortcodes.
setup_postdata( $post );
$content = do_shortcode( $content );
wp_reset_postdata();
$this->assertEquals( '<p>hallo</p>', $content );
}
public function test_password_protected_content() {
global $post;
$post_id = -98; // negative ID, to avoid clash with a valid post
$post = new stdClass();
$post->ID = $post_id;
$post->post_author = 1;
$post->post_date = current_time( 'mysql' );
$post->post_date_gmt = current_time( 'mysql', 1 );
$post->post_title = 'Some title or other';
$post->post_content = '<script>test</script>hallo<script type="javascript">{"asdf": "qwerty"}</script><style></style>';
$post->post_status = 'publish';
$post->comment_status = 'closed';
$post->ping_status = 'closed';
$post->post_name = 'fake-page-' . rand( 1, 99999 ); // append random number to avoid clash
$post->post_type = 'page';
$post->post_password = 'abc';
$post->filter = 'raw'; // important!
$content = '[ap_content]';
// Fill in the shortcodes.
setup_postdata( $post );
$content = do_shortcode( $content );
wp_reset_postdata();
$this->assertEquals( '', $content );
}
}