Merge remote-tracking branch 'upstream/develop' into by-approval

2020-07-14 18:56:40 -05:00 · 2020-07-14 18:56:40 -05:00 · 48983e9421
commit 48983e9421
parent df3d1bf5e5 3f65f2ea79
46 changed files with 898 additions and 524 deletions
--- a/test/web/activity_pub/activity_pub_test.exs
+++ b/test/web/activity_pub/activity_pub_test.exs
@ -2056,4 +2056,46 @@ defmodule Pleroma.Web.ActivityPub.ActivityPubTest do
      assert [%{activity_id: ^id_create}] = Pleroma.ActivityExpiration |> Repo.all()
    end
  end
+
+  describe "handling of clashing nicknames" do
+    test "renames an existing user with a clashing nickname and a different ap id" do
+      orig_user =
+        insert(
+          :user,
+          local: false,
+          nickname: "admin@mastodon.example.org",
+          ap_id: "http://mastodon.example.org/users/harinezumigari"
+        )
+
+      %{
+        nickname: orig_user.nickname,
+        ap_id: orig_user.ap_id <> "part_2"
+      }
+      |> ActivityPub.maybe_handle_clashing_nickname()
+
+      user = User.get_by_id(orig_user.id)
+
+      assert user.nickname == "#{orig_user.id}.admin@mastodon.example.org"
+    end
+
+    test "does nothing with a clashing nickname and the same ap id" do
+      orig_user =
+        insert(
+          :user,
+          local: false,
+          nickname: "admin@mastodon.example.org",
+          ap_id: "http://mastodon.example.org/users/harinezumigari"
+        )
+
+      %{
+        nickname: orig_user.nickname,
+        ap_id: orig_user.ap_id
+      }
+      |> ActivityPub.maybe_handle_clashing_nickname()
+
+      user = User.get_by_id(orig_user.id)
+
+      assert user.nickname == orig_user.nickname
+    end
+  end
 end
--- a/test/web/activity_pub/transmogrifier_test.exs
+++ b/test/web/activity_pub/transmogrifier_test.exs
@ -774,6 +774,29 @@ defmodule Pleroma.Web.ActivityPub.TransmogrifierTest do
      assert [user.follower_address] == activity.data["to"]
    end

+    test "it correctly processes messages with weirdness in address fields" do
+      user = insert(:user)
+
+      message = %{
+        "@context" => "https://www.w3.org/ns/activitystreams",
+        "to" => [nil, user.follower_address],
+        "cc" => ["https://www.w3.org/ns/activitystreams#Public", ["¿"]],
+        "type" => "Create",
+        "object" => %{
+          "content" => "…",
+          "type" => "Note",
+          "attributedTo" => user.ap_id,
+          "inReplyTo" => nil
+        },
+        "actor" => user.ap_id
+      }
+
+      assert {:ok, activity} = Transmogrifier.handle_incoming(message)
+
+      assert ["https://www.w3.org/ns/activitystreams#Public"] == activity.data["cc"]
+      assert [user.follower_address] == activity.data["to"]
+    end
+
    test "it accepts Move activities" do
      old_user = insert(:user)
      new_user = insert(:user)
--- a/test/web/admin_api/controllers/admin_api_controller_test.exs
+++ b/test/web/admin_api/controllers/admin_api_controller_test.exs
@ -41,6 +41,16 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
    {:ok, %{admin: admin, token: token, conn: conn}}
  end

+  test "with valid `admin_token` query parameter, skips OAuth scopes check" do
+    clear_config([:admin_token], "password123")
+
+    user = insert(:user)
+
+    conn = get(build_conn(), "/api/pleroma/admin/users/#{user.nickname}?admin_token=password123")
+
+    assert json_response(conn, 200)
+  end
+
  describe "with [:auth, :enforce_oauth_admin_scope_usage]," do
    setup do: clear_config([:auth, :enforce_oauth_admin_scope_usage], true)

--- a/test/web/admin_api/controllers/config_controller_test.exs
+++ b/test/web/admin_api/controllers/config_controller_test.exs
@ -152,6 +152,14 @@ defmodule Pleroma.Web.AdminAPI.ConfigControllerTest do
      assert emoji_val[:groups] == [a: 1, b: 2]
      assert assets_val[:mascots] == [a: 1, b: 2]
    end
+
+    test "with valid `admin_token` query parameter, skips OAuth scopes check" do
+      clear_config([:admin_token], "password123")
+
+      build_conn()
+      |> get("/api/pleroma/admin/config?admin_token=password123")
+      |> json_response_and_validate_schema(200)
+    end
  end

  test "POST /api/pleroma/admin/config error", %{conn: conn} do
--- a/test/web/admin_api/controllers/report_controller_test.exs
+++ b/test/web/admin_api/controllers/report_controller_test.exs
@ -297,7 +297,7 @@ defmodule Pleroma.Web.AdminAPI.ReportControllerTest do
        |> get("/api/pleroma/admin/reports")

      assert json_response(conn, :forbidden) ==
-               %{"error" => "User is not an admin or OAuth admin scope is not granted."}
+               %{"error" => "User is not an admin."}
    end

    test "returns 403 when requested by anonymous" do
--- a/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
+++ b/test/web/mastodon_api/controllers/account_controller/update_credentials_test.exs
@ -351,6 +351,30 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController.UpdateCredentialsTest do
             ]
    end

+    test "emojis in fields labels", %{conn: conn} do
+      fields = [
+        %{"name" => ":firefox:", "value" => "is best 2hu"},
+        %{"name" => "they wins", "value" => ":blank:"}
+      ]
+
+      account_data =
+        conn
+        |> patch("/api/v1/accounts/update_credentials", %{"fields_attributes" => fields})
+        |> json_response_and_validate_schema(200)
+
+      assert account_data["fields"] == [
+               %{"name" => ":firefox:", "value" => "is best 2hu"},
+               %{"name" => "they wins", "value" => ":blank:"}
+             ]
+
+      assert account_data["source"]["fields"] == [
+               %{"name" => ":firefox:", "value" => "is best 2hu"},
+               %{"name" => "they wins", "value" => ":blank:"}
+             ]
+
+      assert [%{"shortcode" => "blank"}, %{"shortcode" => "firefox"}] = account_data["emojis"]
+    end
+
    test "update fields via x-www-form-urlencoded", %{conn: conn} do
      fields =
        [
--- a/test/web/media_proxy/media_proxy_controller_test.exs
+++ b/test/web/media_proxy/media_proxy_controller_test.exs
@ -4,82 +4,118 @@

 defmodule Pleroma.Web.MediaProxy.MediaProxyControllerTest do
  use Pleroma.Web.ConnCase
-  import Mock
-  alias Pleroma.Config

-  setup do: clear_config(:media_proxy)
-  setup do: clear_config([Pleroma.Web.Endpoint, :secret_key_base])
+  import Mock
+
+  alias Pleroma.Web.MediaProxy
+  alias Pleroma.Web.MediaProxy.MediaProxyController
+  alias Plug.Conn

  setup do
    on_exit(fn -> Cachex.clear(:banned_urls_cache) end)
  end

  test "it returns 404 when MediaProxy disabled", %{conn: conn} do
-    Config.put([:media_proxy, :enabled], false)
+    clear_config([:media_proxy, :enabled], false)

-    assert %Plug.Conn{
+    assert %Conn{
             status: 404,
             resp_body: "Not Found"
           } = get(conn, "/proxy/hhgfh/eeeee")

-    assert %Plug.Conn{
+    assert %Conn{
             status: 404,
             resp_body: "Not Found"
           } = get(conn, "/proxy/hhgfh/eeee/fff")
  end

-  test "it returns 403 when signature invalidated", %{conn: conn} do
-    Config.put([:media_proxy, :enabled], true)
-    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
-    path = URI.parse(Pleroma.Web.MediaProxy.encode_url("https://google.fn")).path
-    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
+  describe "" do
+    setup do
+      clear_config([:media_proxy, :enabled], true)
+      clear_config([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
+      [url: MediaProxy.encode_url("https://google.fn/test.png")]
+    end

-    assert %Plug.Conn{
-             status: 403,
-             resp_body: "Forbidden"
-           } = get(conn, path)
+    test "it returns 403 for invalid signature", %{conn: conn, url: url} do
+      Pleroma.Config.put([Pleroma.Web.Endpoint, :secret_key_base], "000")
+      %{path: path} = URI.parse(url)

-    assert %Plug.Conn{
-             status: 403,
-             resp_body: "Forbidden"
-           } = get(conn, "/proxy/hhgfh/eeee")
+      assert %Conn{
+               status: 403,
+               resp_body: "Forbidden"
+             } = get(conn, path)

-    assert %Plug.Conn{
-             status: 403,
-             resp_body: "Forbidden"
-           } = get(conn, "/proxy/hhgfh/eeee/fff")
-  end
+      assert %Conn{
+               status: 403,
+               resp_body: "Forbidden"
+             } = get(conn, "/proxy/hhgfh/eeee")

-  test "redirects on valid url when filename invalidated", %{conn: conn} do
-    Config.put([:media_proxy, :enabled], true)
-    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
-    url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
-    invalid_url = String.replace(url, "test.png", "test-file.png")
-    response = get(conn, invalid_url)
-    assert response.status == 302
-    assert redirected_to(response) == url
-  end
+      assert %Conn{
+               status: 403,
+               resp_body: "Forbidden"
+             } = get(conn, "/proxy/hhgfh/eeee/fff")
+    end

-  test "it performs ReverseProxy.call when signature valid", %{conn: conn} do
-    Config.put([:media_proxy, :enabled], true)
-    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
-    url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
+    test "redirects on valid url when filename is invalidated", %{conn: conn, url: url} do
+      invalid_url = String.replace(url, "test.png", "test-file.png")
+      response = get(conn, invalid_url)
+      assert response.status == 302
+      assert redirected_to(response) == url
+    end

-    with_mock Pleroma.ReverseProxy,
-      call: fn _conn, _url, _opts -> %Plug.Conn{status: :success} end do
-      assert %Plug.Conn{status: :success} = get(conn, url)
+    test "it performs ReverseProxy.call with valid signature", %{conn: conn, url: url} do
+      with_mock Pleroma.ReverseProxy,
+        call: fn _conn, _url, _opts -> %Conn{status: :success} end do
+        assert %Conn{status: :success} = get(conn, url)
+      end
+    end
+
+    test "it returns 404 when url is in banned_urls cache", %{conn: conn, url: url} do
+      MediaProxy.put_in_banned_urls("https://google.fn/test.png")
+
+      with_mock Pleroma.ReverseProxy,
+        call: fn _conn, _url, _opts -> %Conn{status: :success} end do
+        assert %Conn{status: 404, resp_body: "Not Found"} = get(conn, url)
+      end
    end
  end

-  test "it returns 404 when url contains in banned_urls cache", %{conn: conn} do
-    Config.put([:media_proxy, :enabled], true)
-    Config.put([Pleroma.Web.Endpoint, :secret_key_base], "00000000000")
-    url = Pleroma.Web.MediaProxy.encode_url("https://google.fn/test.png")
-    Pleroma.Web.MediaProxy.put_in_banned_urls("https://google.fn/test.png")
+  describe "filename_matches/3" do
+    test "preserves the encoded or decoded path" do
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/Hello world.jpg"},
+               "/Hello world.jpg",
+               "http://pleroma.social/Hello world.jpg"
+             ) == :ok

-    with_mock Pleroma.ReverseProxy,
-      call: fn _conn, _url, _opts -> %Plug.Conn{status: :success} end do
-      assert %Plug.Conn{status: 404, resp_body: "Not Found"} = get(conn, url)
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/Hello%20world.jpg"},
+               "/Hello%20world.jpg",
+               "http://pleroma.social/Hello%20world.jpg"
+             ) == :ok
+
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"},
+               "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
+               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
+             ) == :ok
+
+      assert MediaProxyController.filename_matches(
+               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"},
+               "/my%2Flong%2Furl%2F2019%2F07%2FS.jp",
+               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
+             ) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
+    end
+
+    test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do
+      # conn.request_path will return encoded url
+      request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg"
+
+      assert MediaProxyController.filename_matches(
+               true,
+               request_path,
+               "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg"
+             ) == :ok
    end
  end
 end
--- a/test/web/media_proxy/media_proxy_test.exs
+++ b/test/web/media_proxy/media_proxy_test.exs
@ -5,38 +5,33 @@
 defmodule Pleroma.Web.MediaProxyTest do
  use ExUnit.Case
  use Pleroma.Tests.Helpers
-  import Pleroma.Web.MediaProxy
-  alias Pleroma.Web.MediaProxy.MediaProxyController

-  setup do: clear_config([:media_proxy, :enabled])
-  setup do: clear_config(Pleroma.Upload)
+  alias Pleroma.Web.Endpoint
+  alias Pleroma.Web.MediaProxy

  describe "when enabled" do
-    setup do
-      Pleroma.Config.put([:media_proxy, :enabled], true)
-      :ok
-    end
+    setup do: clear_config([:media_proxy, :enabled], true)

    test "ignores invalid url" do
-      assert url(nil) == nil
-      assert url("") == nil
+      assert MediaProxy.url(nil) == nil
+      assert MediaProxy.url("") == nil
    end

    test "ignores relative url" do
-      assert url("/local") == "/local"
-      assert url("/") == "/"
+      assert MediaProxy.url("/local") == "/local"
+      assert MediaProxy.url("/") == "/"
    end

    test "ignores local url" do
-      local_url = Pleroma.Web.Endpoint.url() <> "/hello"
-      local_root = Pleroma.Web.Endpoint.url()
-      assert url(local_url) == local_url
-      assert url(local_root) == local_root
+      local_url = Endpoint.url() <> "/hello"
+      local_root = Endpoint.url()
+      assert MediaProxy.url(local_url) == local_url
+      assert MediaProxy.url(local_root) == local_root
    end

    test "encodes and decodes URL" do
      url = "https://pleroma.soykaf.com/static/logo.png"
-      encoded = url(url)
+      encoded = MediaProxy.url(url)

      assert String.starts_with?(
               encoded,
@ -50,86 +45,44 @@ defmodule Pleroma.Web.MediaProxyTest do

    test "encodes and decodes URL without a path" do
      url = "https://pleroma.soykaf.com"
-      encoded = url(url)
+      encoded = MediaProxy.url(url)
      assert decode_result(encoded) == url
    end

    test "encodes and decodes URL without an extension" do
      url = "https://pleroma.soykaf.com/path/"
-      encoded = url(url)
+      encoded = MediaProxy.url(url)
      assert String.ends_with?(encoded, "/path")
      assert decode_result(encoded) == url
    end

    test "encodes and decodes URL and ignores query params for the path" do
      url = "https://pleroma.soykaf.com/static/logo.png?93939393939&bunny=true"
-      encoded = url(url)
+      encoded = MediaProxy.url(url)
      assert String.ends_with?(encoded, "/logo.png")
      assert decode_result(encoded) == url
    end

    test "validates signature" do
-      secret_key_base = Pleroma.Config.get([Pleroma.Web.Endpoint, :secret_key_base])
+      encoded = MediaProxy.url("https://pleroma.social")

-      on_exit(fn ->
-        Pleroma.Config.put([Pleroma.Web.Endpoint, :secret_key_base], secret_key_base)
-      end)
-
-      encoded = url("https://pleroma.social")
-
-      Pleroma.Config.put(
-        [Pleroma.Web.Endpoint, :secret_key_base],
+      clear_config(
+        [Endpoint, :secret_key_base],
        "00000000000000000000000000000000000000000000000"
      )

      [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/")
-      assert decode_url(sig, base64) == {:error, :invalid_signature}
-    end
-
-    test "filename_matches preserves the encoded or decoded path" do
-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/Hello world.jpg"},
-               "/Hello world.jpg",
-               "http://pleroma.social/Hello world.jpg"
-             ) == :ok
-
-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/Hello%20world.jpg"},
-               "/Hello%20world.jpg",
-               "http://pleroma.social/Hello%20world.jpg"
-             ) == :ok
-
-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"},
-               "/my%2Flong%2Furl%2F2019%2F07%2FS.jpg",
-               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
-             ) == :ok
-
-      assert MediaProxyController.filename_matches(
-               %{"filename" => "/my%2Flong%2Furl%2F2019%2F07%2FS.jp"},
-               "/my%2Flong%2Furl%2F2019%2F07%2FS.jp",
-               "http://pleroma.social/my%2Flong%2Furl%2F2019%2F07%2FS.jpg"
-             ) == {:wrong_filename, "my%2Flong%2Furl%2F2019%2F07%2FS.jpg"}
-    end
-
-    test "encoded url are tried to match for proxy as `conn.request_path` encodes the url" do
-      # conn.request_path will return encoded url
-      request_path = "/ANALYSE-DAI-_-LE-STABLECOIN-100-D%C3%89CENTRALIS%C3%89-BQ.jpg"
-
-      assert MediaProxyController.filename_matches(
-               true,
-               request_path,
-               "https://mydomain.com/uploads/2019/07/ANALYSE-DAI-_-LE-STABLECOIN-100-DÉCENTRALISÉ-BQ.jpg"
-             ) == :ok
+      assert MediaProxy.decode_url(sig, base64) == {:error, :invalid_signature}
    end

    test "uses the configured base_url" do
-      clear_config([:media_proxy, :base_url], "https://cache.pleroma.social")
+      base_url = "https://cache.pleroma.social"
+      clear_config([:media_proxy, :base_url], base_url)

      url = "https://pleroma.soykaf.com/static/logo.png"
-      encoded = url(url)
+      encoded = MediaProxy.url(url)

-      assert String.starts_with?(encoded, Pleroma.Config.get([:media_proxy, :base_url]))
+      assert String.starts_with?(encoded, base_url)
    end

    # Some sites expect ASCII encoded characters in the URL to be preserved even if
@ -140,7 +93,7 @@ defmodule Pleroma.Web.MediaProxyTest do
      url =
        "https://pleroma.com/%20/%21/%22/%23/%24/%25/%26/%27/%28/%29/%2A/%2B/%2C/%2D/%2E/%2F/%30/%31/%32/%33/%34/%35/%36/%37/%38/%39/%3A/%3B/%3C/%3D/%3E/%3F/%40/%41/%42/%43/%44/%45/%46/%47/%48/%49/%4A/%4B/%4C/%4D/%4E/%4F/%50/%51/%52/%53/%54/%55/%56/%57/%58/%59/%5A/%5B/%5C/%5D/%5E/%5F/%60/%61/%62/%63/%64/%65/%66/%67/%68/%69/%6A/%6B/%6C/%6D/%6E/%6F/%70/%71/%72/%73/%74/%75/%76/%77/%78/%79/%7A/%7B/%7C/%7D/%7E/%7F/%80/%81/%82/%83/%84/%85/%86/%87/%88/%89/%8A/%8B/%8C/%8D/%8E/%8F/%90/%91/%92/%93/%94/%95/%96/%97/%98/%99/%9A/%9B/%9C/%9D/%9E/%9F/%C2%A0/%A1/%A2/%A3/%A4/%A5/%A6/%A7/%A8/%A9/%AA/%AB/%AC/%C2%AD/%AE/%AF/%B0/%B1/%B2/%B3/%B4/%B5/%B6/%B7/%B8/%B9/%BA/%BB/%BC/%BD/%BE/%BF/%C0/%C1/%C2/%C3/%C4/%C5/%C6/%C7/%C8/%C9/%CA/%CB/%CC/%CD/%CE/%CF/%D0/%D1/%D2/%D3/%D4/%D5/%D6/%D7/%D8/%D9/%DA/%DB/%DC/%DD/%DE/%DF/%E0/%E1/%E2/%E3/%E4/%E5/%E6/%E7/%E8/%E9/%EA/%EB/%EC/%ED/%EE/%EF/%F0/%F1/%F2/%F3/%F4/%F5/%F6/%F7/%F8/%F9/%FA/%FB/%FC/%FD/%FE/%FF"

-      encoded = url(url)
+      encoded = MediaProxy.url(url)
      assert decode_result(encoded) == url
    end

@ -151,56 +104,49 @@ defmodule Pleroma.Web.MediaProxyTest do
      url =
        "https://pleroma.com/ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890-._~:/?#[]@!$&'()*+,;=|^`{}"

-      encoded = url(url)
+      encoded = MediaProxy.url(url)
      assert decode_result(encoded) == url
    end

    test "preserve unicode characters" do
      url = "https://ko.wikipedia.org/wiki/위키백과:대문"

-      encoded = url(url)
+      encoded = MediaProxy.url(url)
      assert decode_result(encoded) == url
    end
  end

  describe "when disabled" do
-    setup do
-      enabled = Pleroma.Config.get([:media_proxy, :enabled])
-
-      if enabled do
-        Pleroma.Config.put([:media_proxy, :enabled], false)
-
-        on_exit(fn ->
-          Pleroma.Config.put([:media_proxy, :enabled], enabled)
-          :ok
-        end)
-      end
-
-      :ok
-    end
+    setup do: clear_config([:media_proxy, :enabled], false)

    test "does not encode remote urls" do
-      assert url("https://google.fr") == "https://google.fr"
+      assert MediaProxy.url("https://google.fr") == "https://google.fr"
    end
  end

  defp decode_result(encoded) do
    [_, "proxy", sig, base64 | _] = URI.parse(encoded).path |> String.split("/")
-    {:ok, decoded} = decode_url(sig, base64)
+    {:ok, decoded} = MediaProxy.decode_url(sig, base64)
    decoded
  end

  describe "whitelist" do
-    setup do
-      Pleroma.Config.put([:media_proxy, :enabled], true)
-      :ok
-    end
+    setup do: clear_config([:media_proxy, :enabled], true)

    test "mediaproxy whitelist" do
-      Pleroma.Config.put([:media_proxy, :whitelist], ["google.com", "feld.me"])
+      clear_config([:media_proxy, :whitelist], ["https://google.com", "https://feld.me"])
      url = "https://feld.me/foo.png"

-      unencoded = url(url)
+      unencoded = MediaProxy.url(url)
+      assert unencoded == url
+    end
+
+    # TODO: delete after removing support bare domains for media proxy whitelist
+    test "mediaproxy whitelist bare domains whitelist (deprecated)" do
+      clear_config([:media_proxy, :whitelist], ["google.com", "feld.me"])
+      url = "https://feld.me/foo.png"
+
+      unencoded = MediaProxy.url(url)
      assert unencoded == url
    end

@ -211,17 +157,17 @@ defmodule Pleroma.Web.MediaProxyTest do
      media_url = "https://mycdn.akamai.com"

      url = "#{media_url}/static/logo.png"
-      encoded = url(url)
+      encoded = MediaProxy.url(url)

      assert String.starts_with?(encoded, media_url)
    end

    test "ensure Pleroma.Upload base_url is always whitelisted" do
      media_url = "https://media.pleroma.social"
-      Pleroma.Config.put([Pleroma.Upload, :base_url], media_url)
+      clear_config([Pleroma.Upload, :base_url], media_url)

      url = "#{media_url}/static/logo.png"
-      encoded = url(url)
+      encoded = MediaProxy.url(url)

      assert String.starts_with?(encoded, media_url)
    end