From 746416207bd15f7883af18e359b84f0c4444a12a Mon Sep 17 00:00:00 2001
From: rinpatch
Date: Thu, 30 Jan 2020 19:55:01 +0300
Subject: [PATCH 1/8] Escape HTML from display name and subject fields
Closes #724
---
package.json | 1 +
src/services/entity_normalizer/entity_normalizer.service.js | 6 ++++--
yarn.lock | 3 ++-
3 files changed, 7 insertions(+), 3 deletions(-)
diff --git a/package.json b/package.json
index 9ec8c1eb7c..5c7fa31e1a 100644
--- a/package.json
+++ b/package.json
@@ -21,6 +21,7 @@
"chromatism": "^3.0.0",
"cropperjs": "^1.4.3",
"diff": "^3.0.1",
+ "escape-html": "^1.0.3",
"karma-mocha-reporter": "^2.2.1",
"localforage": "^1.5.0",
"object-path": "^0.11.3",
diff --git a/src/services/entity_normalizer/entity_normalizer.service.js b/src/services/entity_normalizer/entity_normalizer.service.js
index a3d0b78278..3116d21177 100644
--- a/src/services/entity_normalizer/entity_normalizer.service.js
+++ b/src/services/entity_normalizer/entity_normalizer.service.js
@@ -1,3 +1,5 @@
+import escape from 'escape-html'
+
const qvitterStatusType = (status) => {
if (status.is_post_verb) {
return 'status'
@@ -41,7 +43,7 @@ export const parseUser = (data) => {
}
output.name = data.display_name
- output.name_html = addEmojis(data.display_name, data.emojis)
+ output.name_html = addEmojis(escape(data.display_name), data.emojis)
output.description = data.note
output.description_html = addEmojis(data.note, data.emojis)
@@ -256,7 +258,7 @@ export const parseStatus = (data) => {
output.retweeted_status = parseStatus(data.reblog)
}
- output.summary_html = addEmojis(data.spoiler_text, data.emojis)
+ output.summary_html = addEmojis(escape(data.spoiler_text), data.emojis)
output.external_url = data.url
output.poll = data.poll
output.pinned = data.pinned
diff --git a/yarn.lock b/yarn.lock
index 1a5d4cef4f..b794042f30 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -2757,9 +2757,10 @@ es6-promisify@^5.0.0:
dependencies:
es6-promise "^4.0.3"
-escape-html@~1.0.3:
+escape-html@^1.0.3, escape-html@~1.0.3:
version "1.0.3"
resolved "https://registry.yarnpkg.com/escape-html/-/escape-html-1.0.3.tgz#0258eae4d3d0c0974de1c169188ef0051d1d1988"
+ integrity sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg=
escape-string-regexp@1.0.5, escape-string-regexp@^1.0.2, escape-string-regexp@^1.0.5:
version "1.0.5"
From 9bbf10b55d97f6dbe3197ebbd1bb29d294ff6b55 Mon Sep 17 00:00:00 2001
From: kPherox
Date: Tue, 4 Feb 2020 04:26:32 +0900
Subject: [PATCH 2/8] Add setting for allow_following_move
---
src/components/user_settings/user_settings.js | 2 ++
src/components/user_settings/user_settings.vue | 9 ++++++---
.../entity_normalizer/entity_normalizer.service.js | 2 ++
3 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/components/user_settings/user_settings.js b/src/components/user_settings/user_settings.js
index 3837305634..eca6f9b16f 100644
--- a/src/components/user_settings/user_settings.js
+++ b/src/components/user_settings/user_settings.js
@@ -55,6 +55,7 @@ const UserSettings = {
showRole: this.$store.state.users.currentUser.show_role,
role: this.$store.state.users.currentUser.role,
discoverable: this.$store.state.users.currentUser.discoverable,
+ allowFollowingMove: this.$store.state.users.currentUser.allow_following_move,
pickAvatarBtnVisible: true,
bannerUploading: false,
backgroundUploading: false,
@@ -162,6 +163,7 @@ const UserSettings = {
hide_follows: this.hideFollows,
hide_followers: this.hideFollowers,
discoverable: this.discoverable,
+ allow_following_move: this.allowFollowingMove,
hide_follows_count: this.hideFollowsCount,
hide_followers_count: this.hideFollowersCount,
show_role: this.showRole
diff --git a/src/components/user_settings/user_settings.vue b/src/components/user_settings/user_settings.vue
index 2222c29331..8b2336b4dd 100644
--- a/src/components/user_settings/user_settings.vue
+++ b/src/components/user_settings/user_settings.vue
@@ -90,9 +90,7 @@
-
+
{{ $t('settings.hide_followers_description') }}
@@ -104,6 +102,11 @@
{{ $t('settings.hide_followers_count_description') }}
+
+
+ {{ $t('settings.allow_following_move') }}
+
+
diff --git a/src/services/entity_normalizer/entity_normalizer.service.js b/src/services/entity_normalizer/entity_normalizer.service.js
index a3d0b78278..3bc468860b 100644
--- a/src/services/entity_normalizer/entity_normalizer.service.js
+++ b/src/services/entity_normalizer/entity_normalizer.service.js
@@ -81,6 +81,8 @@ export const parseUser = (data) => {
output.subscribed = relationship.subscribing
}
+ output.allow_following_move = data.pleroma.allow_following_move
+
output.hide_follows = data.pleroma.hide_follows
output.hide_followers = data.pleroma.hide_followers
output.hide_follows_count = data.pleroma.hide_follows_count
From 9b7497a65957b3f1d3b9f920266fae9bdae11dd5 Mon Sep 17 00:00:00 2001
From: kPherox
Date: Tue, 4 Feb 2020 04:30:31 +0900
Subject: [PATCH 3/8] Change to hide User migrates tab when allow following
move
---
src/components/interactions/interactions.js | 1 +
src/components/interactions/interactions.vue | 1 +
2 files changed, 2 insertions(+)
diff --git a/src/components/interactions/interactions.js b/src/components/interactions/interactions.js
index cc31ff203d..7fe5e76d97 100644
--- a/src/components/interactions/interactions.js
+++ b/src/components/interactions/interactions.js
@@ -10,6 +10,7 @@ const tabModeDict = {
const Interactions = {
data () {
return {
+ allowFollowingMove: this.$store.state.users.currentUser.allow_following_move,
filterMode: tabModeDict['mentions']
}
},
diff --git a/src/components/interactions/interactions.vue b/src/components/interactions/interactions.vue
index a2e252ab1c..57d5d87c3d 100644
--- a/src/components/interactions/interactions.vue
+++ b/src/components/interactions/interactions.vue
@@ -22,6 +22,7 @@
:label="$t('interactions.follows')"
/>
From a06f3a7fbc40cd51df3c2d04406494cf60b0cf8a Mon Sep 17 00:00:00 2001
From: kPherox
Date: Tue, 4 Feb 2020 04:37:29 +0900
Subject: [PATCH 4/8] Add `with_move` param for fetching notification
---
src/services/api/api.service.js | 6 +++++-
.../notifications_fetcher/notifications_fetcher.service.js | 3 +++
2 files changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/services/api/api.service.js b/src/services/api/api.service.js
index 11aa06750f..b794fd5816 100644
--- a/src/services/api/api.service.js
+++ b/src/services/api/api.service.js
@@ -495,7 +495,8 @@ const fetchTimeline = ({
until = false,
userId = false,
tag = false,
- withMuted = false
+ withMuted = false,
+ withMove = false
}) => {
const timelineUrls = {
public: MASTODON_PUBLIC_TIMELINE,
@@ -535,6 +536,9 @@ const fetchTimeline = ({
if (timeline === 'public' || timeline === 'publicAndExternal') {
params.push(['only_media', false])
}
+ if (timeline === 'notifications') {
+ params.push(['with_move', withMove])
+ }
params.push(['count', 20])
params.push(['with_muted', withMuted])
diff --git a/src/services/notifications_fetcher/notifications_fetcher.service.js b/src/services/notifications_fetcher/notifications_fetcher.service.js
index 64499a1b65..864e32f878 100644
--- a/src/services/notifications_fetcher/notifications_fetcher.service.js
+++ b/src/services/notifications_fetcher/notifications_fetcher.service.js
@@ -11,9 +11,12 @@ const fetchAndUpdate = ({ store, credentials, older = false }) => {
const rootState = store.rootState || store.state
const timelineData = rootState.statuses.notifications
const hideMutedPosts = getters.mergedConfig.hideMutedPosts
+ const allowFollowingMove = rootState.users.currentUser.allow_following_move
args['withMuted'] = !hideMutedPosts
+ args['withMove'] = !allowFollowingMove
+
args['timeline'] = 'notifications'
if (older) {
if (timelineData.minId !== Number.POSITIVE_INFINITY) {
From ce68ef0138f43fed6617f197d46cc09ac68f9e31 Mon Sep 17 00:00:00 2001
From: kPherox
Date: Tue, 4 Feb 2020 04:50:44 +0900
Subject: [PATCH 5/8] Add option text
---
src/i18n/en.json | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/i18n/en.json b/src/i18n/en.json
index db2ce54dd7..54ddbf82c2 100644
--- a/src/i18n/en.json
+++ b/src/i18n/en.json
@@ -232,6 +232,7 @@
"desc": "To enable two-factor authentication, enter the code from your two-factor app:"
}
},
+ "allow_following_move": "Allow auto-follow when following account moves",
"attachmentRadius": "Attachments",
"attachments": "Attachments",
"autoload": "Enable automatic loading when scrolled to the bottom",
From 36e19128bf958559437144b26a3e71f30c9b3377 Mon Sep 17 00:00:00 2001
From: xenofem
Date: Sat, 8 Feb 2020 13:15:09 -0500
Subject: [PATCH 6/8] Indicate whether collapsed statuses contain gallery media
or link preview cards
---
src/components/status/status.vue | 12 +++++++++++-
static/fontello.json | 8 +++++++-
2 files changed, 18 insertions(+), 2 deletions(-)
diff --git a/src/components/status/status.vue b/src/components/status/status.vue
index d573930472..b9e3fa1d76 100644
--- a/src/components/status/status.vue
+++ b/src/components/status/status.vue
@@ -277,7 +277,17 @@
href="#"
class="cw-status-hider"
@click.prevent="toggleShowMore"
- >{{ $t("general.show_more") }}
+ >
+ {{ $t("general.show_more") }}
+
+
+
Date: Sat, 8 Feb 2020 16:01:01 -0500
Subject: [PATCH 7/8] Include non-gallery attachments and distinguish between
images and videos
---
src/components/status/status.js | 10 ++++++++++
src/components/status/status.vue | 6 +++++-
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/src/components/status/status.js b/src/components/status/status.js
index 81b5766748..fc5956ecec 100644
--- a/src/components/status/status.js
+++ b/src/components/status/status.js
@@ -256,6 +256,16 @@ const Status = {
file => !fileType.fileMatchesSomeType(this.galleryTypes, file)
)
},
+ hasImageAttachments () {
+ return this.status.attachments.some(
+ file => fileType.fileType(file.mimetype) === 'image'
+ )
+ },
+ hasVideoAttachments () {
+ return this.status.attachments.some(
+ file => fileType.fileType(file.mimetype) === 'video'
+ )
+ },
maxThumbnails () {
return this.mergedConfig.maxThumbnails
},
diff --git a/src/components/status/status.vue b/src/components/status/status.vue
index b9e3fa1d76..0a82dcbeb0 100644
--- a/src/components/status/status.vue
+++ b/src/components/status/status.vue
@@ -280,9 +280,13 @@
>
{{ $t("general.show_more") }}
+
Date: Mon, 10 Feb 2020 08:04:58 +0000
Subject: [PATCH 8/8] MRF Keyword Policy Disclosure
---
CHANGELOG.md | 1 +
.../mrf_transparency_panel.js | 10 ++++-
.../mrf_transparency_panel.vue | 43 +++++++++++++++++++
src/i18n/en.json | 11 ++++-
4 files changed, 63 insertions(+), 2 deletions(-)
diff --git a/CHANGELOG.md b/CHANGELOG.md
index abefd958bb..c011835c3f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
- Pleroma AMOLED dark theme
- User level domain mutes, under User Settings -> Mutes
- Emoji reactions for statuses
+- MRF keyword policy disclosure
### Changed
- Captcha now resets on failed registrations
- Notifications column now cleans itself up to optimize performance when tab is left open for a long time
diff --git a/src/components/mrf_transparency_panel/mrf_transparency_panel.js b/src/components/mrf_transparency_panel/mrf_transparency_panel.js
index 6a1baec816..a0b600d2a5 100644
--- a/src/components/mrf_transparency_panel/mrf_transparency_panel.js
+++ b/src/components/mrf_transparency_panel/mrf_transparency_panel.js
@@ -11,7 +11,10 @@ const MRFTransparencyPanel = {
rejectInstances: state => get(state, 'instance.federationPolicy.mrf_simple.reject', []),
ftlRemovalInstances: state => get(state, 'instance.federationPolicy.mrf_simple.federated_timeline_removal', []),
mediaNsfwInstances: state => get(state, 'instance.federationPolicy.mrf_simple.media_nsfw', []),
- mediaRemovalInstances: state => get(state, 'instance.federationPolicy.mrf_simple.media_removal', [])
+ mediaRemovalInstances: state => get(state, 'instance.federationPolicy.mrf_simple.media_removal', []),
+ keywordsFtlRemoval: state => get(state, 'instance.federationPolicy.mrf_keyword.federated_timeline_removal', []),
+ keywordsReject: state => get(state, 'instance.federationPolicy.mrf_keyword.reject', []),
+ keywordsReplace: state => get(state, 'instance.federationPolicy.mrf_keyword.replace', [])
}),
hasInstanceSpecificPolicies () {
return this.quarantineInstances.length ||
@@ -20,6 +23,11 @@ const MRFTransparencyPanel = {
this.ftlRemovalInstances.length ||
this.mediaNsfwInstances.length ||
this.mediaRemovalInstances.length
+ },
+ hasKeywordPolicies () {
+ return this.keywordsFtlRemoval.length ||
+ this.keywordsReject.length ||
+ this.keywordsReplace.length
}
}
}
diff --git a/src/components/mrf_transparency_panel/mrf_transparency_panel.vue b/src/components/mrf_transparency_panel/mrf_transparency_panel.vue
index d6495dc685..8038e587cb 100644
--- a/src/components/mrf_transparency_panel/mrf_transparency_panel.vue
+++ b/src/components/mrf_transparency_panel/mrf_transparency_panel.vue
@@ -109,6 +109,49 @@
/>
+
+
+ {{ $t("about.mrf.keyword.keyword_policies") }}
+
+
+
+
{{ $t("about.mrf.keyword.ftl_removal") }}
+
+
+
+
+
+
{{ $t("about.mrf.keyword.reject") }}
+
+
+
+
+
+
{{ $t("about.mrf.keyword.replace") }}
+
+
+ -
+ {{ keyword.pattern }}
+ {{ $t("about.mrf.keyword.is_replaced_by") }}
+ {{ keyword.replacement }}
+
+
+
diff --git a/src/i18n/en.json b/src/i18n/en.json
index db2ce54dd7..ef841bbba0 100644
--- a/src/i18n/en.json
+++ b/src/i18n/en.json
@@ -16,7 +16,16 @@
"mrf_policy_simple_media_removal": "Media Removal",
"mrf_policy_simple_media_removal_desc": "This instance removes media from posts on the following instances:",
"mrf_policy_simple_media_nsfw": "Media Force-set As Sensitive",
- "mrf_policy_simple_media_nsfw_desc": "This instance forces media to be set sensitive in posts on the following instances:"
+ "mrf_policy_simple_media_nsfw_desc": "This instance forces media to be set sensitive in posts on the following instances:",
+ "mrf": {
+ "keyword": {
+ "keyword_policies": "Keyword Policies",
+ "ftl_removal": "Removal from \"The Whole Known Network\" Timeline",
+ "reject": "Reject",
+ "replace": "Replace",
+ "is_replaced_by": "→"
+ }
+ }
},
"chat": {
"title": "Chat"