Django Doucet
3d4ae84573
Add secure mode to content negotiated requests
2023-05-05 14:40:30 -06:00
Django Doucet
9202c19730
Add secure mode to REST get requests
2023-05-05 14:39:33 -06:00
Django Doucet
6c95a23d10
phpcbf
2023-05-05 13:45:38 -06:00
Django Doucet
0b4bada2b6
enable secure mode
2023-05-05 13:24:59 -06:00
Django Doucet
656a2b0f44
remove unneeded filter
2023-05-05 13:22:47 -06:00
Django Doucet
14f3c3985b
code style
2023-05-05 13:00:21 -06:00
Django Doucet
9d30f2c1dd
phpcbf
2023-05-05 12:55:12 -06:00
Django Doucet
c5ca061805
Add helper format_server_request
2023-05-05 12:53:43 -06:00
Django Doucet
35496f5026
get_public_key support application actor
2023-05-05 12:52:24 -06:00
Django Doucet
e827221ee6
service actor as application actor
2023-05-05 12:09:12 -06:00
Django Doucet
27636b62d5
Add Service actor for signing get requests
2023-05-05 12:02:12 -06:00
Django
2bebc88b78
fix undefined get_remote_metadata_by_actor
...
Not tested
2023-05-05 11:47:52 -06:00
Django Doucet
3a0fef27e0
Merge branch 'master' into signature_verification
2023-05-05 09:54:16 -06:00
Django Doucet
6b68f0763d
hold off secure mode
2023-05-05 07:49:27 -06:00
Matthias Pfefferle
6ba8156e50
fix #320
2023-05-05 14:40:17 +02:00
Matthias Pfefferle
8aa3f53dbd
no need to use Followers any more
2023-05-05 10:22:01 +02:00
Matthias Pfefferle
e57dd0590d
Merge branch 'master' into signature_verification
2023-05-05 10:15:26 +02:00
Matthias Pfefferle
77112c441f
formatting
2023-05-05 09:57:47 +02:00
Jeremy Herve
a914495215
Profile settings: use string instead of constant
...
Follow-up from #304
Since we do not use a constant anywhere else just yet, let's keep using a string in the settings page.
2023-05-05 09:35:21 +02:00
Jeremy Herve
c7dc55047d
Merge pull request #309 from jeherve/update/jetpack-photon-filter
2023-05-04 18:02:10 +02:00
Matthias Pfefferle
f1eb095add
Merge branch 'master' into schedule
2023-05-04 15:18:02 +02:00
Matthias Pfefferle
cec4ed2e3f
init follower update scheduler
2023-05-04 15:17:05 +02:00
Matthias Pfefferle
26e5a1d3f6
Merge branch 'master' into rewrite-followers
2023-05-04 09:33:55 +02:00
Matthias Pfefferle
e489a04880
remove unused constants
2023-05-04 09:32:52 +02:00
Matthias Pfefferle
144356bf8a
remove unused second param
2023-05-04 08:50:44 +02:00
Matthias Pfefferle
f07869c7d1
be sure to always update date
2023-05-03 15:11:20 +02:00
Matthias Pfefferle
7127b0a568
oops
2023-05-03 14:54:34 +02:00
Matthias Pfefferle
72f72e79b8
use custom (more error tolerant) version for migration
2023-05-03 14:50:36 +02:00
Matthias Pfefferle
be0f25f3d3
fail if get_remote_metadata_by_actor
returns error
...
because it is not even possible to send `Accept` or `Reject` response.
2023-05-03 14:50:16 +02:00
Matthias Pfefferle
dea5f38561
better error handling
2023-05-02 14:39:25 +02:00
Matthias Pfefferle
077c43bf95
single migration scripts should not be public
2023-05-02 14:35:53 +02:00
Matthias Pfefferle
66942e6c62
fix error detection
2023-05-02 13:54:21 +02:00
Matthias Pfefferle
958b712e5b
Merge branch 'signature_verification' of https://github.com/mediaformat/wordpress-activitypub into pr/299
2023-05-02 09:50:11 +02:00
Matthias Pfefferle
857fae9db1
serve_request is not needed any more
...
this was only for handling the signing, so no more need for that
2023-05-02 09:50:08 +02:00
Matthias Pfefferle
654cdd4174
Update includes/class-migration.php
...
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-05-02 09:37:11 +02:00
Matthias Pfefferle
725fc0cecd
fix function call
2023-05-02 09:29:29 +02:00
Matthias Pfefferle
22946ec779
change migration script to match plugin version
...
/cc @akirk
2023-05-02 09:27:35 +02:00
Matthias Pfefferle
be73f99b59
Update includes/class-migration.php
...
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-04-28 18:13:59 +02:00
Matthias Pfefferle
9cd33ad544
Update includes/class-migration.php
...
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-04-28 18:13:16 +02:00
Matthias Pfefferle
a673504d36
Merge branch 'master' into rewrite-followers
2023-04-28 17:38:30 +02:00
Matthias Pfefferle
7c47f9a07c
clean up admin settings
2023-04-28 15:12:30 +02:00
Matthias Pfefferle
02e0acdf69
fix indents
2023-04-28 14:39:33 +02:00
Matthias Pfefferle
9966427fd3
Merge branch 'master' into feature/165/fediverse-biography
2023-04-28 14:36:17 +02:00
Matthias Pfefferle
f2355cd960
fix typo
2023-04-28 11:23:40 +02:00
Matthias Pfefferle
5ef41dea02
schedule migration because it takes quite some time
2023-04-28 09:54:09 +02:00
Matthias Pfefferle
fb3d6d2634
fix phpcs
2023-04-27 14:49:39 +02:00
Matthias Pfefferle
b97d364140
Merge pull request #311 from pfefferle/ignore-www
...
ignore `www` subdomain when comparing hosts
2023-04-27 14:46:06 +02:00
Matthias Pfefferle
02e3488fd7
remove debugging stuff
2023-04-27 14:45:38 +02:00
Matthias Pfefferle
230aaa5b24
prepare migration
2023-04-27 14:34:54 +02:00
Matthias Pfefferle
ec822535c9
Follower object should not make any remote calls
2023-04-27 09:57:50 +02:00
Matthias Pfefferle
b8c86915b5
add missing phpdoc
2023-04-26 17:24:27 +02:00
Matthias Pfefferle
0ee1266c30
add sanitize callbacks
2023-04-26 17:23:28 +02:00
Matthias Pfefferle
4a4a06de37
get_follower requires user_id check
2023-04-26 17:22:44 +02:00
Jeremy Herve
bd75603fc7
Remove comment about Jetpack's Photon
2023-04-26 10:47:49 +02:00
Jeremy Herve
e16e119e6c
Switch to general actions and filter
...
As a result, we will not modify the images within the ActivityPub plugin, but the hooks will allow third-parties to do it on their end.
See discussion: https://github.com/pfefferle/wordpress-activitypub/pull/309#issuecomment-1521488186
2023-04-26 10:45:35 +02:00
Matthias Pfefferle
c70080a0c6
Merge pull request #312 from akirk/protect-img-tags
...
Protect img tags from replacing mentions
2023-04-26 10:11:15 +02:00
Alex Kirk
98619dc319
Protect img tags from replacing mentions
2023-04-26 10:08:22 +02:00
Matthias Pfefferle
ca646588d2
ignore www
subdomain when comparing hosts
...
fix #290
2023-04-25 20:44:54 +02:00
Matthias Pfefferle
d1f6973d9b
re-add mention functionality
...
not perfect but works as expected
2023-04-25 11:59:08 +02:00
Jeremy Herve
da63763ddc
Compat: only disable Jetpack's image CDN via filter
...
This follows the discussion in #307 .
1. Do not disable Jetpack's image CDN in ActivityPub requests by default.
2. Add a new filter, activitypub_images_use_jetpack_image_cdn, that site owners can use to disable Jetpack's Image CDN if they'd like to.
3. Extract image getting into its own method for improved readability.
2023-04-25 10:54:21 +02:00
Matthias Pfefferle
764a091046
fix unit tests
2023-04-25 09:31:28 +02:00
Matthias Pfefferle
377fc94161
php doc
2023-04-25 09:09:07 +02:00
Matthias Pfefferle
84a82c2ac4
added follower model
2023-04-24 20:46:51 +02:00
Jeremy Herve
56d2b7e8be
Update to handle both old and new versions of Jetpack
...
See https://github.com/Automattic/jetpack/pull/30050/
2023-04-24 09:51:08 +02:00
Jeremy Herve
3f4c44db05
Compatibility: do not serve images with Jetpack CDN when active
...
When Jetpack's image CDN is active, core calls to retrieve images return an image served by the CDN.
Since Fediverse instances usually fetch and cache the data themselves, we do not need to use the CDN for those images when returned by the ActivityPub plugin. In fact, we really do not want that to happen, as Fediverse instances may get errors when trying to fetch images from the CDN (they may get blocked / rate-limited / ...).
Let's hook into Jetpack's CDN to avoid that.
2023-04-24 09:51:08 +02:00
Matthias Pfefferle
47dc2f72d1
fix "bulk replace" issue
2023-04-24 09:49:06 +02:00
Matthias Pfefferle
77415ef510
Remove "(Fediverse)"
2023-04-23 22:57:03 +02:00
Matthias Pfefferle
28c077e422
Add URL
2023-04-23 22:56:45 +02:00
Django Doucet
b641cb03f3
fix phpcs
2023-04-21 16:16:52 -06:00
Django Doucet
023ba25f38
PHPDoc
2023-04-21 15:27:02 -06:00
Django Doucet
f396c6da4e
Optimize verification code and returns WP_Errors
2023-04-21 15:25:39 -06:00
Alex Kirk
4ed4d06fd5
Add comment
2023-04-21 17:41:04 +02:00
Django Doucet
7dbce74a96
ensure signature block has algorithm
2023-04-21 09:36:17 -06:00
Alex Kirk
45ae73bb06
Add Vary header
2023-04-21 17:20:48 +02:00
Django Doucet
1631f1c7dc
fix rest api endpoint
2023-04-21 09:18:24 -06:00
Django Doucet
d23ff46073
fix merge omission
2023-04-21 08:45:10 -06:00
Matthias Pfefferle
ef536cc977
verify requests
2023-04-21 16:40:46 +02:00
Matthias Pfefferle
ebc9b6ac8d
naming improvements
2023-04-21 16:34:47 +02:00
Matthias Pfefferle
3c86e94d9a
remove followers
2023-04-21 16:25:15 +02:00
Matthias Pfefferle
32194c31df
phpDoc
2023-04-21 15:57:49 +02:00
Matthias Pfefferle
734750b796
use collection also for rest endpoints
2023-04-21 15:57:41 +02:00
Matthias Pfefferle
75e9b1e281
deprecate old functions
2023-04-21 15:57:21 +02:00
Django Doucet
036ee3180b
move signature verification to callback
2023-04-21 07:53:12 -06:00
Django Doucet
bb21803b18
Add Secure mode setting
2023-04-21 07:48:19 -06:00
Django Doucet
038bf25b2e
remove guessing function
2023-04-21 07:48:19 -06:00
Matthias Pfefferle
7769d76849
use a taxonomy to save the list of followers
2023-04-21 14:56:22 +02:00
Matthias Pfefferle
a8b963ec26
some code cleanups
2023-04-21 08:51:38 +02:00
Matthias Pfefferle
5faddba511
this function should not work without $request
2023-04-21 08:51:25 +02:00
Matthias Pfefferle
804ef25822
count only users that can publish_posts
2023-04-21 08:42:51 +02:00
Matthias Pfefferle
5a6f8aff02
Merge branch 'master' into signature_verification
2023-04-20 22:23:15 +02:00
Matthias Pfefferle
eeb3ba2952
remove unused "use function"
2023-04-20 15:32:38 +02:00
Matthias Pfefferle
c32eec2390
some code cleanup
2023-04-20 15:22:11 +02:00
Matthias Pfefferle
cf426ab8ab
Merge pull request #265 from pfefferle/optimize-publish
...
optimize publishing
2023-04-20 15:04:34 +02:00
Django Doucet
590c990e21
phpcs
2023-04-14 23:59:04 -06:00
Django Doucet
30d78417d8
Fixes key retrieval
2023-04-14 23:53:43 -06:00
Matthias Pfefferle
15adf639a8
Merge pull request #302 from jeherve/fix/warning-webfinger-no-user
2023-04-10 16:41:40 +02:00
Jeremy Herve
643c47dcb7
Webfinger info: avoid PHP warning when user isn't defined
...
This should avoid warnings like this one:
```
PHP Warning: Attempt to read property "user_login" on bool in /var/www/html/wp-content/plugins/activitypub/includes/class-webfinger.php on line 27
```
2023-04-10 13:10:46 +02:00
Django Doucet
e1722cd4d3
Simplify signature_algorithm
2023-04-05 13:25:39 -06:00
Django Doucet
3a0f62b092
phpcs
2023-04-04 20:36:25 -06:00
Django Doucet
9eb903ac15
phpcs compat
2023-04-04 20:33:00 -06:00
Django Doucet
502bf8b5a6
Get actor from key with non-standard uri
2023-04-04 19:58:08 -06:00
Django Doucet
d6169f4bc3
Add content-length header if present in sig headers
2023-04-02 20:38:10 -06:00
Django Doucet
2293c0b3d7
use verify_http_signature in validate_callback
...
rename verify_signature
2023-04-02 16:38:39 -06:00
Django Doucet
90b45438b2
cleanup
2023-04-02 00:30:17 -06:00
Django Doucet
504bbb9999
code style phpcs
2023-04-01 23:59:49 -06:00
Django Doucet
0c7cec3eba
Fix signature parse verification
2023-04-01 10:17:56 -06:00
Sören Wrede
7d11d3e208
Fix documentation and typos.
2023-03-23 08:35:26 +01:00
Edward Ficklin
aed033c03e
nonce verification
2023-03-14 20:47:30 -04:00
Edward Ficklin
8b92e9d47e
escape output
2023-03-14 20:35:14 -04:00
Edward Ficklin
01532692f1
template helper function for displaying fedi bio, if set
2023-03-14 13:36:47 -04:00
Edward Ficklin
3ed96471de
add profile field and save handling for fediverse specific bio
2023-03-14 13:36:12 -04:00
Django Doucet
8f80a70ee5
Merge branch 'master' into signature_verification
2023-03-11 16:12:05 -07:00
Django Doucet
a6b057b69d
Merge branch 'master' into signature_verification
2023-03-11 16:10:29 -07:00
Matthias Pfefferle
c99d25b12e
whitelist more html elements
...
fix #285
2023-03-03 08:56:15 +01:00
Matthias Pfefferle
753f964ce9
fix #286
2023-03-03 08:55:23 +01:00
Matthias Pfefferle
2274bd0074
check if post is password protected
2023-02-27 08:15:02 +01:00
Matthias Pfefferle
72f12de96a
remove scripts later in the queue
2023-02-20 21:18:03 +01:00
Matthias Pfefferle
08ce46a1a4
Merge branch 'master' into optimize-publish
2023-02-20 18:22:17 +01:00
Matthias Pfefferle
21cff7f24b
version bump
2023-02-20 18:17:02 +01:00
Matthias Pfefferle
73ae7a5d75
fix content creation
...
and added tests
2023-02-20 18:08:10 +01:00
Matthias Pfefferle
b0149739fa
remove line breaks
2023-02-20 08:58:12 +01:00
Matthias Pfefferle
873066115d
strip style and script elements
2023-02-20 08:55:23 +01:00
Matthias Pfefferle
e2c1dc28b5
fix #281
2023-02-16 09:12:01 +01:00
Matthias Pfefferle
92b11a3926
use html version of the link as before
2023-02-08 10:06:22 +01:00
Matthias Pfefferle
c89d8f2265
fix #269
2023-02-02 18:13:21 +01:00
Matthias Pfefferle
70859212d6
fix #196
2023-02-02 08:50:17 +01:00
Matthias Pfefferle
531bdc17b0
fix #266
2023-02-02 08:18:10 +01:00
Matthias Pfefferle
73ae47e377
PHPDoc
2023-02-02 07:24:27 +01:00
Matthias Pfefferle
de32cb7b73
add changes also to the object
2023-02-02 02:36:29 +01:00
Matthias Pfefferle
365d5dd499
fix outbox
2023-02-02 02:35:57 +01:00
Matthias Pfefferle
e52181fd37
fix tests
2023-02-02 02:04:06 +01:00
Matthias Pfefferle
3c84be1691
fix unit tests
2023-02-02 01:50:20 +01:00
Matthias Pfefferle
e015da7f8f
optimize publishing
2023-02-02 01:42:15 +01:00
Matthias Pfefferle
d4b1edcf39
fix update and delete dispatcher
2023-02-01 00:13:55 +01:00
Matthias Pfefferle
bc8cb19c5d
add an option to disable content filters
2023-01-31 18:43:11 +01:00
Matthias Pfefferle
24648d6d74
fix server config
...
See: https://wordpress.org/support/topic/jetpack-conflict-15/
2023-01-31 09:56:48 +01:00
Alex Kirk
7e3a5f4e68
Handle double protect
2023-01-27 17:23:25 +01:00
Alex Kirk
6ea46c5024
Protect cdata
2023-01-27 16:59:15 +01:00
Alex Kirk
e7894f4c4a
Also protect <pre>
2023-01-27 16:55:52 +01:00
Alex Kirk
cbfe6ea431
Protect code HTML
2023-01-27 16:50:04 +01:00
Alex Kirk
3706e61842
Revert adding an argument
2023-01-27 15:48:29 +01:00
Alex Kirk
840d144327
Avoid replacing mentions inside links
2023-01-27 15:48:29 +01:00
Alex Kirk
b3e71ff803
Short-circuit well-known example domains
2023-01-27 15:48:28 +01:00
Alex Kirk
3db9489b5c
phpcs
2023-01-27 15:48:28 +01:00
Alex Kirk
8391e713c9
Cache more metadata and webfinger results
2023-01-27 15:48:28 +01:00
Alex Kirk
7d598d92a8
Revert erroneous changes
2023-01-27 15:48:28 +01:00
Alex Kirk
0925405430
Fix missing id
2023-01-27 15:48:28 +01:00
Alex Kirk
483e0a85b2
Extract mentions from the unmodified post content.
2023-01-27 15:48:28 +01:00
Alex Kirk
99b316db34
Rework inboxes for cc
2023-01-27 15:48:28 +01:00
Alex Kirk
05575fe6e7
Add test for a normal dispatch activity
2023-01-27 15:48:28 +01:00