asonix/mastodon
1
1
Fork 1
Code Issues Pull requests Projects Releases Wiki Activity
7728 commits 36 branches 245 tags 214 MiB
Commit graph

11 commits

Author SHA1 Message Date
asonix 5cb640a28f Merge branch 'asonix/changes' into v2.9.2-branch 2019-06-23 11:25:22 -05:00
Eugen Rochko 103a9f4466
Fix sanitizer making block level elements unreadable (#10836) 
Fix #10834
 2019-06-16 21:46:36 +02:00
Thibaut Girka 97d8239837 Add forgotten tags 2019-05-04 19:37:07 -05:00
Thibaut Girka 561dc58de8 Accept richer text from remote statuses 
Support abbr, del, pre, blockquote, code, strong, b, em, i, ul, ol, li and
h1 to h5 tags in remote statuses.
 2019-05-04 19:37:07 -05:00
Eugen Rochko 8f64b17d98 Whitelist dat/ipfs/gopher links in sanitizer (#8034) 
Fix #7994
 2018-07-16 22:17:43 +09:00
puckipedia 545095b3ce [!] Sanitize incoming classlist properly (#6162) 
* Sanitize classlist properly

* Actually properly sanitize every class after the first

* Improve Formatter spec to check for multiple classes and non-space whitespace
 2018-01-03 03:54:08 +01:00
nightpool 94d0e012de Whitelist allowed classes for federated statuses (#3810) 
* Whitelist allowed classes for federated statuses

Allowed classes are currently:

 - Any microformats class (h/p/u/dt/e-*)
 - the classes mention, hashtag, ellipses and invisible.

this last one is somewhat suspect, but Mastodon currently uses it to render hidden link text.

resolved #3790

* Fix code style
 2017-06-17 20:26:05 +02:00
unarist 6bd6dcf6df Allow "class" attribute on the "a" tag in sanitization (#3623) 
This preserves `<a ... class="u-url mention">` from other Mastodon instances.
 2017-06-07 15:57:30 +02:00
Eugen Rochko 58bcd50f7f Fix #1426 - Trim long usernames in public follower/following lists (#2993) 
Fix #2221 - Catch OpenSSL exceptions when loading remote avatars/headers/attachments
Don't strip "rel" attribute from <a> tags when sanitizing (microformats)
 2017-05-11 23:14:00 +02:00
Yamagishi Kazutoshi 4a5f73c8ae Add target=_blank to user note (#2622) 
* Add target=_blank to user note

Open new window when click link from user profile in remote instance.

* fix rubocop
 2017-04-30 00:28:41 +02:00
Eugen Rochko 88725d6ce8 OEmbed support for PreviewCard (#2337) 
* OEmbed support for PreviewCard

* Improve ProviderDiscovery code failure treatment

* Do not crawl links if there is a content warning, since those
don't display a link card anyway

* Reset db schema

* Fresh migrate

* Fix rubocop style issues
Fix #1681 - return existing access token when applicable instead of creating new

* Fix test

* Extract http client to helper

* Improve oembed controller
 2017-04-27 14:42:22 +02:00