* origin/develop: (92 commits)
Web.MastodonApi.MastodonSocketTest: Add test for unauthenticated websocket
Web.Streamer: Get unauthenticated statuses representation
Web.MastodonAPI.MastodonSocket: Put access_token at function-level
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
Improved version string
mediaproxy: fix empty url & add some tests
RetryQueue: tiny refractor, add tests
Various runtime configuration fixes
update pleroma frontend
Federator: add retry queue.
activitypub: object view: avoid leaking private details
ostatus controller: respond with AS2 objects instead of activities to notice URIs
tests: federator: fix formatting
activitypub: transmogrifier: make deletes secure
Web.AdminAPI.AdminAPIControllerTest: New Test
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit
test/plugs/user_is_admin_plug_test: New test
lib/mix/tasks/relay*: Use a with block
Change Relay from `status` to `{status, message}`
Web.Router: Change right to permission group (except for function names)
...
* origin/develop: (207 commits)
Update README.md
Mastodon API: Fix list streaming
nginx example config: remove CORS headers, now managed by CORSPlug.
config: properly configure CORSPlug.
oauth: fix token decode regression
tests: add test for internal data stripping
activitypub: transmogrifier: sanitize internal representation details from outgoing objects
lib/mix/tasks: s/@doc/@moduledoc/
lib/mix/tasks/unsubscribe_user.ex: Fix syntax from bad line copy
lib/mix/tasks: Add remaining documentation for mix tasks
config/config.md: Add lines inspired/copied from CONFIGURATION.md
README.md: Add note about config/config.md
README.md: Put the systemd’s .service note to the relevant section
README.md: Add note for OpenRC
config/config.md: scope_options_enabled also addresses subject
config/config.md: Fill all the blanks
config/config.md: Complete it [WIP]
config/config.md: Create
Document the mix tasks in ex_doc instead
Document mix tasks
...
'self' only allows forms submitted to the same origin, which
breaks the "remote follow" form. To allow remote following,
we want to allow forms to be submitted to any host.
* origin/develop: (129 commits)
Uploaders.S3: Replace unsafe characters in object key
update pleroma frontend
test: add smoketests for the scrubbing policies
html: twittertext: add missing catchall scrub function
twitter api: add no_rich_text option to userview for account prefs
test: add tests for new User.html_filter_policy()
mastodon api: formatting
twitter api: add support for disabling rich text
mastodon api: add support for user-supplied html policy
twitter api: add support for user-specified html policy
user: add User.html_filter_policy()
html: default to using normal scrub policy if provided scrub policy is nil
mix: remove fix_ap_users task, now obsolete
test: add test proving that users are refreshed when stale
user: implement dynamic refresh of profiles (gets rid of need for fix_ap_users task)
Update mastodon frontend
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.5.0
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Remove unused variables
[Pleroma.Web.Router]: Fake /api/v1/endorsements
[Pleroma.Web.MastodonAPI.AccountView]: relationship.json: fake endorsed value (false)
...
proxy_ignore_client_abort will continue to fetch from upstream even if a client aborts the connection. This is highly recommended when cache is being used. If a client leaves/refreshes the page while a user's avatar or some other media is halfway loaded, the cached copy might in some cases be broken. Leaving future requests to the same URL broken until cache expires.
Not sure why it matters if you cache it or not. What's different about this JSON blob?
Perhaps it's a header that needs to be set for the redirect to happen?
This does not work as expected. We should not attempt to be clever here.
Varnish will do the right thing if we just teach Pleroma to set headers
properly for content we know can be cached.
