Commit graph

558 commits

Author SHA1 Message Date
Matthias Pfefferle
9036b644d1 add user connection 2023-06-15 11:48:43 +02:00
Matthias Pfefferle
fc0fc295bb fix follower creation 2023-06-15 11:48:09 +02:00
Matthias Pfefferle
8b7744a5ea fix queries 2023-06-15 11:47:50 +02:00
Matthias Pfefferle
7ed998d81f fix follower table 2023-06-15 11:45:25 +02:00
Matt Wiebe
87de87b2a5 Followers: use custom post types and postmeta to store 2023-06-12 11:38:15 -05:00
Matthias Pfefferle
bfe5381d99
Merge pull request #299 from mediaformat/signature_verification
Signature verification
2023-06-01 11:21:33 +02:00
Matthias Pfefferle
00e56ca112 always use is_activitypub_request to check if it is an AP request 2023-06-01 11:17:08 +02:00
Matthias Pfefferle
00dd5d2c52 some phpdoc 2023-06-01 11:05:47 +02:00
Matthias Pfefferle
b834666eda add missing slash 2023-06-01 10:44:05 +02:00
Matthias Pfefferle
9118e50623 fix signature verification path 2023-06-01 10:25:18 +02:00
Matthias Pfefferle
c1bf6691c1 fix route issues 2023-06-01 10:13:49 +02:00
Matthias Pfefferle
96881b940a some refactorings and fixed the tests 2023-06-01 09:49:40 +02:00
Django Doucet
73cd19ec20 added test and pre_get_remote_key filter 2023-05-31 23:23:40 -06:00
Matthias Pfefferle
758912da64 do not use cache for new followers 2023-05-31 14:03:46 +02:00
Matthias Pfefferle
084f108161 only schedule migration if DB is not on the latest version 2023-05-31 10:48:51 +02:00
Matthias Pfefferle
c04cf3fc7e move schedule to scheduler-class 2023-05-31 10:48:06 +02:00
Matthias Pfefferle
ab0f48389c deregister schedules on uninstall 2023-05-31 10:47:49 +02:00
Django Doucet
273493e768 update header parsing in get_signed_data() 2023-05-26 12:40:46 -06:00
Matthias Pfefferle
221c577826 Fix federation with pixelfed! 2023-05-25 14:03:30 +02:00
Matthias Pfefferle
27dd8217e8
Merge branch 'master' into fix/sanitization 2023-05-23 19:20:23 +02:00
Matthias Pfefferle
2117f78106 fix #321 2023-05-23 12:28:57 +02:00
Matthias Pfefferle
2aa7077ae7 add wpautop to user description
fix #279
2023-05-23 12:26:02 +02:00
Matthias Pfefferle
83991c0cd8 fix #332
and some of the feedback of @mattwiebe
2023-05-23 12:14:39 +02:00
Matthias Pfefferle
d91eaeae72 phpdoc 2023-05-23 11:26:12 +02:00
Matthias Pfefferle
3d1a0af6cb moved strip style/script 2023-05-23 11:13:17 +02:00
Matthias Pfefferle
677d507fe9 Revorked "sanitize output"
This reverts commit 77873d12b3.
2023-05-23 11:10:05 +02:00
Matthias Pfefferle
750d071c8d
Merge branch 'master' into signature_verification 2023-05-22 14:50:49 +02:00
Matthias Pfefferle
b8ee030d78
Merge pull request #324 from Automattic/add/caching
Introduce Caching
2023-05-22 14:34:49 +02:00
Matthias Pfefferle
d2b7c287fc code doc 2023-05-22 13:35:46 +02:00
Matthias Pfefferle
ec4e22f570 fix routing checks 2023-05-22 13:34:14 +02:00
Matthias Pfefferle
467a349b16 some small improvements 2023-05-22 11:31:46 +02:00
Matthias Pfefferle
68002db291 prevent sweeping of followers taxonomies
thanks @akirk

b0db9db87e
2023-05-22 10:58:13 +02:00
Matthias Pfefferle
e04ccdc961 fix missing namespace 2023-05-19 18:06:39 +02:00
Matthias Pfefferle
a1753242f3 fix missing namespace 2023-05-19 18:03:05 +02:00
Matthias Pfefferle
e48ce0ebce I would remove the settings for now 2023-05-19 17:16:19 +02:00
Matthias Pfefferle
92712e1d4a
Merge branch 'master' into signature_verification 2023-05-19 12:01:53 +02:00
Matthias Pfefferle
dd486e552f some code cleanups 2023-05-19 12:00:11 +02:00
Django Doucet
f4aadc00fc phpcs 2023-05-18 00:10:03 -06:00
Django Doucet
ed77ffce26 update rest paths to namespace 2023-05-18 00:03:11 -06:00
Matthias Pfefferle
cfb162c620
Merge branch 'master' into signature_verification 2023-05-17 09:59:02 +02:00
Matthias Pfefferle
c34fb74b41 coding style 2023-05-17 09:03:26 +02:00
Matthias Pfefferle
60fc581e1d coding style 2023-05-17 09:02:37 +02:00
Matthias Pfefferle
4b294bb8a6
Merge branch 'master' into signature_verification 2023-05-16 08:15:35 +02:00
Matthias Pfefferle
9cd2a04955 re-added some namespace consts 2023-05-16 08:14:04 +02:00
Django Doucet
e79f2e8991 fix keyId url 2023-05-16 00:11:27 -06:00
Matthias Pfefferle
2e537e423c
Merge branch 'master' into add/rest-namespace-constant 2023-05-16 08:10:06 +02:00
Matthias Pfefferle
ec23742b9a
Merge pull request #318 from Automattic/schedule
update scheduler for followers
2023-05-16 08:08:42 +02:00
Django Doucet
12724a3681 Switch secure_mode to a filter 2023-05-16 00:07:15 -06:00
Matthias Pfefferle
8b9026ab5e fix get_post_content_template function 2023-05-15 10:55:07 +02:00
Matthias Pfefferle
7456d36834 use const instead of -1 2023-05-15 10:48:34 +02:00
Matt Wiebe
31e7e44642 remove filter 2023-05-12 18:25:49 -05:00
Matt Wiebe
ec00ace234 add a activitypub_rest_url filter 2023-05-12 16:55:04 -05:00
Matthias Pfefferle
c99daa3e72
Merge branch 'master' into add/rest-namespace-constant 2023-05-12 22:44:41 +02:00
Matt Wiebe
5a91fdcf0a remove debug log 2023-05-12 15:43:04 -05:00
Matt Wiebe
3fa5e4f37e now with more use 2023-05-12 15:31:53 -05:00
Matt Wiebe
314ccf43a6 add a get_rest_url_by_path helper function, and use it 2023-05-12 15:24:24 -05:00
Matthias Pfefferle
94e5539d75 reset errors if new is set 2023-05-12 10:23:58 +02:00
Matthias Pfefferle
7d5cfb3078 phpdoc 2023-05-12 10:17:36 +02:00
Matt Wiebe
abfa7c7969 Allow setting the REST namespace with ACTIVITYPUB_REST_NAMESPACE 2023-05-11 13:25:30 -05:00
Jeremy Herve
d16014911b
Compat: introduce a conditional to detect ActivityPub requests
This conditional could be used within the plugin, but also by third-party plugins, to detect whether a request is an ActivityPub request, without having to manually check for query vars and headers every time.
2023-05-11 19:53:53 +02:00
Matthias Pfefferle
77873d12b3 sanitize output 2023-05-11 14:20:35 +02:00
Matthias Pfefferle
f196047901 remove casts
after feedback from @akirk
2023-05-11 11:02:06 +02:00
Matthias Pfefferle
b803914180 removed output formatting 2023-05-11 09:46:26 +02:00
Matthias Pfefferle
47b1b10955 Fix migration script 2023-05-11 09:45:01 +02:00
Django Doucet
fc1b89561e If WP_REST_Request set actor for get_remote_key() 2023-05-10 19:46:52 -06:00
Matthias Pfefferle
26a1dc9be5 use time() instead of strtotime( 'now' ) 2023-05-10 18:52:13 +02:00
Matthias Pfefferle
6fce2c30d2
Update includes/class-scheduler.php
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-05-10 18:47:46 +02:00
Matthias Pfefferle
9da559be6a
Update includes/collection/class-followers.php
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-05-10 18:45:32 +02:00
Matthias Pfefferle
463bff834b delete if response code is 410 or 404 2023-05-10 17:21:59 +02:00
Matthias Pfefferle
154b0018af PHPDoc 2023-05-10 15:36:45 +02:00
Matthias Pfefferle
df02d2202e PHPDoc 2023-05-10 15:02:01 +02:00
Matthias Pfefferle
2570928b00 PHPDoc 2023-05-10 14:55:10 +02:00
Matthias Pfefferle
17b66cb23d implement cleanup_followers and update_followers 2023-05-10 14:18:56 +02:00
Matthias Pfefferle
74be5d6b51 implemented feedback of @akirk 2023-05-10 09:04:33 +02:00
Matthias Pfefferle
ca8aff1823 cast to bool, to be sure that '0' is false 2023-05-09 12:25:25 +02:00
Matthias Pfefferle
b88c5f606d fixed copy/paste issue 2023-05-09 12:17:48 +02:00
Matthias Pfefferle
c872cb69d0 remove var_dump :( 2023-05-09 12:13:35 +02:00
Matthias Pfefferle
180e882c4a generate key if not existent 2023-05-09 12:12:05 +02:00
Matthias Pfefferle
96953dfc7e fail early and always return $response as fallback 2023-05-09 11:57:43 +02:00
Matthias Pfefferle
c42edfce68 use WP_Error 2023-05-09 11:51:53 +02:00
Matthias Pfefferle
378f5dacdc fix issue with missing array 2023-05-09 11:32:26 +02:00
Matthias Pfefferle
4abd5aefb4 cache inbox list 2023-05-09 10:28:23 +02:00
Matthias Pfefferle
f64a765129 phpdoc fixes 2023-05-09 10:08:51 +02:00
Matthias Pfefferle
6d96daa635 fix NodeInfo check 2023-05-08 21:05:20 +02:00
Django Doucet
abedf014ae remove redundant 2023-05-05 23:56:39 -06:00
Django Doucet
afafdf1543 Add get_remote_key method 2023-05-05 23:54:29 -06:00
Django Doucet
dc8e1e0f3e fix request-target route,
remove $actor from verify_http_signature
2023-05-05 23:50:49 -06:00
Django Doucet
0d5c249eaf remove user_id variable from activitypub_safe_remote_get_response 2023-05-05 23:44:55 -06:00
Django Doucet
f79200ef27 make webfinger route available unsigned 2023-05-05 23:44:15 -06:00
Django Doucet
b0edf9a765 removing logging 2023-05-05 14:43:05 -06:00
Django Doucet
3d4ae84573 Add secure mode to content negotiated requests 2023-05-05 14:40:30 -06:00
Django Doucet
9202c19730 Add secure mode to REST get requests 2023-05-05 14:39:33 -06:00
Django Doucet
6c95a23d10 phpcbf 2023-05-05 13:45:38 -06:00
Django Doucet
0b4bada2b6 enable secure mode 2023-05-05 13:24:59 -06:00
Django Doucet
656a2b0f44 remove unneeded filter 2023-05-05 13:22:47 -06:00
Django Doucet
14f3c3985b code style 2023-05-05 13:00:21 -06:00
Django Doucet
9d30f2c1dd phpcbf 2023-05-05 12:55:12 -06:00
Django Doucet
c5ca061805 Add helper format_server_request 2023-05-05 12:53:43 -06:00
Django Doucet
35496f5026 get_public_key support application actor 2023-05-05 12:52:24 -06:00
Django Doucet
e827221ee6 service actor as application actor 2023-05-05 12:09:12 -06:00
Django Doucet
27636b62d5 Add Service actor for signing get requests 2023-05-05 12:02:12 -06:00
Django
2bebc88b78
fix undefined get_remote_metadata_by_actor
Not tested
2023-05-05 11:47:52 -06:00
Django Doucet
3a0fef27e0 Merge branch 'master' into signature_verification 2023-05-05 09:54:16 -06:00
Django Doucet
6b68f0763d hold off secure mode 2023-05-05 07:49:27 -06:00
Matthias Pfefferle
6ba8156e50 fix #320 2023-05-05 14:40:17 +02:00
Matthias Pfefferle
8aa3f53dbd no need to use Followers any more 2023-05-05 10:22:01 +02:00
Matthias Pfefferle
e57dd0590d
Merge branch 'master' into signature_verification 2023-05-05 10:15:26 +02:00
Matthias Pfefferle
77112c441f formatting 2023-05-05 09:57:47 +02:00
Jeremy Herve
a914495215
Profile settings: use string instead of constant
Follow-up from #304

Since we do not use a constant anywhere else just yet, let's keep using a string in the settings page.
2023-05-05 09:35:21 +02:00
Jeremy Herve
c7dc55047d
Merge pull request #309 from jeherve/update/jetpack-photon-filter 2023-05-04 18:02:10 +02:00
Matthias Pfefferle
f1eb095add
Merge branch 'master' into schedule 2023-05-04 15:18:02 +02:00
Matthias Pfefferle
cec4ed2e3f init follower update scheduler 2023-05-04 15:17:05 +02:00
Matthias Pfefferle
26e5a1d3f6
Merge branch 'master' into rewrite-followers 2023-05-04 09:33:55 +02:00
Matthias Pfefferle
e489a04880 remove unused constants 2023-05-04 09:32:52 +02:00
Matthias Pfefferle
144356bf8a remove unused second param 2023-05-04 08:50:44 +02:00
Matthias Pfefferle
f07869c7d1 be sure to always update date 2023-05-03 15:11:20 +02:00
Matthias Pfefferle
7127b0a568 oops 2023-05-03 14:54:34 +02:00
Matthias Pfefferle
72f72e79b8 use custom (more error tolerant) version for migration 2023-05-03 14:50:36 +02:00
Matthias Pfefferle
be0f25f3d3 fail if get_remote_metadata_by_actor returns error
because it is not even possible to send `Accept` or `Reject` response.
2023-05-03 14:50:16 +02:00
Matthias Pfefferle
dea5f38561 better error handling 2023-05-02 14:39:25 +02:00
Matthias Pfefferle
077c43bf95 single migration scripts should not be public 2023-05-02 14:35:53 +02:00
Matthias Pfefferle
66942e6c62 fix error detection 2023-05-02 13:54:21 +02:00
Matthias Pfefferle
958b712e5b Merge branch 'signature_verification' of https://github.com/mediaformat/wordpress-activitypub into pr/299 2023-05-02 09:50:11 +02:00
Matthias Pfefferle
857fae9db1 serve_request is not needed any more
this was only for handling the signing, so no more need for that
2023-05-02 09:50:08 +02:00
Matthias Pfefferle
654cdd4174
Update includes/class-migration.php
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-05-02 09:37:11 +02:00
Matthias Pfefferle
725fc0cecd fix function call 2023-05-02 09:29:29 +02:00
Matthias Pfefferle
22946ec779 change migration script to match plugin version
/cc @akirk
2023-05-02 09:27:35 +02:00
Matthias Pfefferle
be73f99b59
Update includes/class-migration.php
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-04-28 18:13:59 +02:00
Matthias Pfefferle
9cd33ad544
Update includes/class-migration.php
Co-authored-by: Alex Kirk <akirk@users.noreply.github.com>
2023-04-28 18:13:16 +02:00
Matthias Pfefferle
a673504d36
Merge branch 'master' into rewrite-followers 2023-04-28 17:38:30 +02:00
Matthias Pfefferle
7c47f9a07c clean up admin settings 2023-04-28 15:12:30 +02:00
Matthias Pfefferle
02e0acdf69 fix indents 2023-04-28 14:39:33 +02:00
Matthias Pfefferle
9966427fd3
Merge branch 'master' into feature/165/fediverse-biography 2023-04-28 14:36:17 +02:00
Matthias Pfefferle
f2355cd960 fix typo 2023-04-28 11:23:40 +02:00
Matthias Pfefferle
5ef41dea02 schedule migration because it takes quite some time 2023-04-28 09:54:09 +02:00
Matthias Pfefferle
fb3d6d2634 fix phpcs 2023-04-27 14:49:39 +02:00
Matthias Pfefferle
b97d364140
Merge pull request #311 from pfefferle/ignore-www
ignore `www` subdomain when comparing hosts
2023-04-27 14:46:06 +02:00
Matthias Pfefferle
02e3488fd7 remove debugging stuff 2023-04-27 14:45:38 +02:00
Matthias Pfefferle
230aaa5b24 prepare migration 2023-04-27 14:34:54 +02:00
Matthias Pfefferle
ec822535c9 Follower object should not make any remote calls 2023-04-27 09:57:50 +02:00
Matthias Pfefferle
b8c86915b5 add missing phpdoc 2023-04-26 17:24:27 +02:00
Matthias Pfefferle
0ee1266c30 add sanitize callbacks 2023-04-26 17:23:28 +02:00
Matthias Pfefferle
4a4a06de37 get_follower requires user_id check 2023-04-26 17:22:44 +02:00
Jeremy Herve
bd75603fc7
Remove comment about Jetpack's Photon 2023-04-26 10:47:49 +02:00
Jeremy Herve
e16e119e6c
Switch to general actions and filter
As a result, we will not modify the images within the ActivityPub plugin, but the hooks will allow third-parties to do it on their end.

See discussion: https://github.com/pfefferle/wordpress-activitypub/pull/309#issuecomment-1521488186
2023-04-26 10:45:35 +02:00
Matthias Pfefferle
c70080a0c6
Merge pull request #312 from akirk/protect-img-tags
Protect img tags from replacing mentions
2023-04-26 10:11:15 +02:00
Alex Kirk
98619dc319 Protect img tags from replacing mentions 2023-04-26 10:08:22 +02:00
Matthias Pfefferle
ca646588d2 ignore www subdomain when comparing hosts
fix #290
2023-04-25 20:44:54 +02:00
Matthias Pfefferle
d1f6973d9b re-add mention functionality
not perfect but works as expected
2023-04-25 11:59:08 +02:00
Jeremy Herve
da63763ddc
Compat: only disable Jetpack's image CDN via filter
This follows the discussion in #307.

1. Do not disable Jetpack's image CDN in ActivityPub requests by default.
2. Add a new filter, activitypub_images_use_jetpack_image_cdn, that site owners can use to disable Jetpack's Image CDN if they'd like to.
3. Extract image getting into its own method for improved readability.
2023-04-25 10:54:21 +02:00