Skip to content

Commit

Permalink
Squashed commit of the following:
Browse files Browse the repository at this point in the history 
commit b7b03e8d26a4344ef331ba667c16311110a0d6dd
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Feb 15 11:57:34 2024 +0100

    Bump version to v4.1.15

commit a07fff079b184435b156cd9d4fb155cf02694fe9
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Feb 16 11:56:12 2024 +0100

    Merge pull request from GHSA-jhrq-qvrm-qr36

    * Fix insufficient Content-Type checking of fetched ActivityStreams objects

    * Allow JSON-LD documents with multiple profiles

commit 6f29d50aa51ab81ea4ab9d2b390549cae697927d
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Feb 16 09:42:31 2024 +0100

    Update dependency pg to 1.5.5

commit 9e5af6bb58241134a8ff313e40768b1b067e5715
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Feb 14 22:49:45 2024 +0100

    Fix user creation failure handling in OAuth paths (#29207)

    Co-authored-by: Matt Jankowski <matt@jankowski.online>

commit 6499850ac45128a7f5836f4c97e5ce032130a5bd
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Feb 14 13:30:32 2024 +0100

    Bump version to v4.1.14

commit 6f36b633a7545a2cbbe5f28dc5c8e512aeb98ea9
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Feb 14 15:16:07 2024 +0100

    Merge pull request from GHSA-vm39-j3vx-pch3

    * Prevent different identities from a same SSO provider from accessing a same account

    * Lock auth provider changes behind `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH=true`

    * Rename methods to avoid confusion between OAuth and OmniAuth

commit d807b3960e96dc29669b7767cea1246ac68d508d
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Feb 14 15:15:34 2024 +0100

    Merge pull request from GHSA-7w3c-p9j8-mq3x

    * Ensure destruction of OAuth Applications notifies streaming

    Due to doorkeeper using a dependent: delete_all relationship, the destroy of an OAuth Application bypassed the existing AccessTokenExtension callbacks for announcing destructing of access tokens.

    * Ensure password resets revoke access to Streaming API

    * Improve performance of deleting OAuth tokens

    ---------

    Co-authored-by: Emelia Smith <ThisIsMissEm@users.noreply.github.com>

commit 2f6518cae2c5d19bfb5ccf46f7b1946f5dac6caf
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Feb 14 13:12:13 2024 +0100

    Add `sidekiq_unique_jobs:delete_all_locks` task and disable `sidekiq-unique-jobs` UI by default (#29199)

commit cdbe2855f3e33db3cea84b0c91a5f93c782125e2
Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Date:   Tue Feb 13 19:11:47 2024 +0100

    Disable administrative doorkeeper routes (#29187)

commit fdde3cdb4e0c9b2d625e22a2957317cae066e1fe
Author: blah <blah@blah>
Date:   Wed Feb 14 10:33:42 2024 +0000

    Update dependency sidekiq-unique-jobs to 7.1.33

commit ce9c641d9a0f55d3c718e701b220da272b0edc69
Author: blah <blah@blah>
Date:   Wed Feb 14 10:22:28 2024 +0000

    Update dependency nokogiri to 1.16.2

commit 5799bc4af76813294a9eee8164d64a96612c0c0d
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Feb 1 15:56:46 2024 +0100

    Merge pull request from GHSA-3fjr-858r-92rw

    * Fix insufficient origin validation

    * Bump version to v4.1.13

commit fc4e2eca9f48c2c50842e24453f3ad1d8e8e2238
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Jan 23 15:28:21 2024 +0100

    Bump version to v4.1.12

commit 2e8943aecd0462e8642befe4d1395c1fda9767d3
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jan 19 13:19:49 2024 +0100

    Add rate-limit of TOTP authentication attempts at controller level (#28801)

commit e6072a8d13272179671128fa319e4f617106eb00
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jan 19 19:52:59 2024 +0100

    Fix error when processing remote files with unusually long names (#28823)

commit 460e4fbdd62ed6bb8b04e037fb1359618f9150a7
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jan 19 13:43:10 2024 +0100

    Fix processing of compacted single-item JSON-LD collections (#28816)

commit de6032271198e3c50852acc22447d7cc8732e00b
Author: Jonathan de Jong <jonathandejong02@gmail.com>
Date:   Fri Jan 19 10:18:21 2024 +0100

    Retry 401 errors on replies fetching (#28788)

    Co-authored-by: Claire <claire.github-309c@sitedethib.com>

commit 90bb87068009121fe2824b0e3ef7d2229c895c46
Author: Jeong Arm <kjwonmail@gmail.com>
Date:   Tue Jan 16 17:35:54 2024 +0900

    Ignore RecordNotUnique errors in LinkCrawlWorker (#28748)

commit 9292d998fe2ab523bb8ffbf6418e8cf7810b487d
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Jan 3 12:29:26 2024 +0100

    Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476)

commit 92643f48de80992f1598a97250954c52897b3479
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Dec 22 19:56:22 2023 +0100

    Convert signature verification specs to request specs (#28443)

commit 458620bdd4d0b8af49b6eef02050b32814acf6e8
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Jan 10 16:05:46 2024 +0100

    Fix potential redirection loop of streaming endpoint (#28665)

commit a1a71263e09704ca84d30763a03512e2a59091bf
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Jan 2 13:27:51 2024 +0100

    Fix streaming API redirection ignoring the port of `streaming_api_base_url` (#28558)

commit 4c5575e8e050e69860dd775e8fa98be00d86008c
Author: MitarashiDango <mitarashi_dango@mail.matcha-soft.com>
Date:   Sat Jan 13 00:58:28 2024 +0900

    Fix Undo Announce activity is not sent, when not followed by the reblogged post author (#18482)

    Co-authored-by: Claire <claire.github-309c@sitedethib.com>

commit a2ddd849e273d6d28e5c85f8b0059a93146ba1a5
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Dec 12 09:29:46 2023 +0100

    Fix `LinkCrawlWorker` error when encountering empty OEmbed response (#28268)

commit 2e4d43933d2775be21bbdce6e904ca8d08c6cc0a
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Dec 18 11:03:20 2023 +0100

    Fix SQL query in `/api/v1/directory` (#28412)

commit 363bedd0504a29d444a585cd914e7f741915eb8f
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Nov 27 15:00:52 2023 +0100

    Bump version to v4.1.11

commit cc94c7097084bf8213130dfba96317ecada58c5f
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Nov 27 14:25:54 2023 +0100

    Clamp dates when serializing to Elasticsearch API (#28081)

commit 613d00706c3177b345feeafd0f797e31fd5ba2fe
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Nov 24 10:31:28 2023 +0100

    Change GIF max matrix size error to explicitly mention GIF files (#27927)

commit 8bbe2b970f8cd0c62c83616886c7084d9c93c167
Author: Jonathan de Jong <jonathandejong02@gmail.com>
Date:   Fri Oct 27 16:55:00 2023 +0200

    Have `Follow` activities bypass availability (#27586)

    Co-authored-by: Claire <claire.github-309c@sitedethib.com>

commit 803e15a3cfe1a21661258b40e5276af29b676481
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Nov 6 10:28:14 2023 +0100

    Fix incoming status creation date not being restricted to standard ISO8601 (#27655)

commit 1d835c94232ede532f89d87fdcf573db2832d9a9
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Oct 30 23:32:25 2023 +0100

    Fix posts from force-sensitized accounts being able to trend (#27620)

commit ab68df9af087ac8fa0261a5de4c0d5a383de229c
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Oct 27 16:04:51 2023 +0200

    Fix hashtag matching pattern matching some URLs (#27584)

commit a89a25714dc07ace7dc1762f87faad5c9470f620
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Oct 23 14:19:38 2023 +0200

    Fix some link anchors being recognized as hashtags (#27271)

commit 1210524a3d897565e1de9dc0d3051d68f94f9c70
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Oct 20 10:45:46 2023 +0200

    Fix processing LDSigned activities from actors with unknown public keys (#27474)

commit ff3a9dad0de79dff981ded4a3691917521e90b4e
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Oct 27 10:35:21 2023 +0200

    Fix error and incorrect URLs in `/api/v1/accounts/:id/featured_tags` for remote accounts (#27459)

commit 3ef0a19baceb6ace5201fa1f8a39a324feef11ac
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Oct 26 19:03:31 2023 +0200

    Fix report processing notice not mentioning the report number when performing a custom action (#27442)

commit 78e457614cae328f73555f11d77dc4cf341019b1
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Oct 23 14:27:07 2023 +0200

    Change Content-Security-Policy to be tighter on media paths (#26889)

commit 1e896e99d2b85968eaee87b601bd04b8cf0f35bc
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Oct 10 15:32:42 2023 +0200

    Update dependencies (#27354)

commit df60d04dc170edf9d1203894958a181caf1910f1
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Sun Oct 8 16:27:12 2023 +0200

    Bump version to v4.1.10

commit 335982325e32430858da8112cb86e382e1eaeaa2
Author: Matt Jankowski <matt@jankowski.online>
Date:   Tue Oct 3 11:01:45 2023 -0400

    Dont match mention in url query string (#25656)

    Co-authored-by: Claire <claire.github-309c@sitedethib.com>

commit 15c5727f71eeeb321802f3d3ed264a15e1934c01
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Oct 3 12:21:32 2023 +0200

    Add a short-lived lock to trend refresh scheduler (#27253)

commit f8154cf732ed07b276fc303e620943e15caf70d6
Author: David Aaron <1858430+suddjian@users.noreply.github.com>
Date:   Tue Oct 3 02:48:57 2023 -0700

    Change min age of backup policy from 1 week to 6 days (#27200)

commit 45669ac5e6564301446ab5b22217cc4fbc653b12
Author: Jakob Gillich <jakob@gillich.me>
Date:   Tue Oct 3 10:47:50 2023 +0200

    Fix importer returning negative row estimates (#27258)

commit 8d73fbee87c18300c1b088ae4cb55912075588e2
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Oct 3 10:09:00 2023 +0200

    Change some worker lock TTLs (#27246)

commit f1d3eda159fcc9341a19d1d8060a556f8801d7d4
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Sep 28 13:41:24 2023 +0200

    Fix filtering audit log for entries about disabling 2FA (#27186)

commit c97fbabb614e6b775a2d13e187ab0375414deb06
Author: Essem <smswessem@gmail.com>
Date:   Mon Sep 25 12:21:07 2023 -0500

    Properly remove tIME chunk from PNG uploads (#27111)

commit f2fff6be669d6fcf66a8bd5f46f9db3e3492bc37
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Oct 6 12:58:16 2023 +0200

    Fix crash when filtering for “dormant” relationships (#27306)

commit b40c42fd1ef57f24a56cc17b20da8aa151e3b117
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Sep 25 15:06:43 2023 +0200

    Fix inefficient queries in “Follows and followers” as well as several admin pages (#27116)

commit 9950e59578f59f7e0d2edbb7e4eb26273087c2c4
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Sep 21 18:14:24 2023 +0200

    Disable setting the `latest` tag for 4.1 docker builds (#27023)

commit e4c0aaf6264907de2efd46924946d2281d80e3d4
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Sep 20 17:25:05 2023 +0200

    Bump version to v4.1.9 (#26997)

commit 5d93c5f0196b556c1faf18fe6cc7ad38ae6e0fc2
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Sep 20 15:59:57 2023 +0200

    Fix post translation erroring out (v4.1.x) (#26990)

commit af0ee129082bc9c57ec0606dc1899ec13d2dfffb
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Sep 20 12:54:08 2023 +0200

    Disable ruby linting for 4.1.x branch (#26993)

commit 46bd58f74d11591a0180319285b0c79b2212ef69
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Sep 19 12:11:33 2023 +0200

    Bump version to v4.1.8

commit d6c0ae995c45fe5e5e0a8acfc10dff04a774fa75
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Sep 15 19:54:32 2023 +0200

    Fix post edits not being forwarded as expected (#26936)

commit 5fd89e53d2039cf3062fcae3b25fcbdfa7da0333
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Sep 6 16:40:19 2023 +0200

    Fix moderator rights inconsistencies (#26729)

commit 5caade9fb0754fa13ae11f86145cd0ca1dcb830b
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Sep 6 12:17:51 2023 +0200

    Fix crash when encountering invalid URL (#26814)

commit 34959eccd2094500539bbad5c5f03a3723debc18
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Aug 17 16:11:48 2023 +0200

    Fix cached posts including stale stats (#26409)

commit 21bf42bca14907284cb03ad3ba1be47124d66866
Author: Nicolai Søborg <NicolaiSoeborg@users.noreply.github.com>
Date:   Fri Aug 18 08:32:47 2023 +0200

    Fix `frame_rate` for videos where `ffprobe` reports 0/0 (#26500)

commit 780283788515bb13007f4574fb6d9f8c82281da2
Author: yufushiro <62991447+yufushiro@users.noreply.github.com>
Date:   Wed Aug 23 15:44:56 2023 +0900

    Fix unexpected audio stream transcoding when uploaded video is eligible to passthrough (#26608)

    Co-authored-by: Claire <claire.github-309c@sitedethib.com>

commit 48ee3ae13de9125beaee726ac737a770a5160961
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Sep 19 16:53:58 2023 +0200

    Merge pull request from GHSA-v3xf-c9qf-j667

commit 5f9511c389041570d21c383ce07dd2786df9cc2d
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Sep 19 16:53:21 2023 +0200

    Merge pull request from GHSA-2693-xr3m-jhqr

commit 38a5d92f3814b071803c046144d94643a3ecb934
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Sep 18 08:32:04 2023 +0200

    Change Dockerfile to upgrade packages when building (#26929)

    Co-authored-by: Renaud Chaput <renchap@gmail.com>

commit 7f7e068975315b094a67b49d52241480e6b5db76
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Sep 6 12:19:02 2023 +0200

    Update actions for stable-4.1 (#26815)

    Co-authored-by: Renaud Chaput <renchap@gmail.com>

commit 5f88a2d70bee2a48b43bb34f0fde780ae9749162
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Sep 5 14:50:09 2023 +0200

    Bump version to v4.1.7

commit cf80d54cbae952705af250a9764c6e25e77cc3c7
Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Date:   Mon May 22 13:15:21 2023 +0200

    Allow reports with long comments from remote instances, but truncate (#25028)

commit ea7fa048f374b31956211b87e265800e83574476
Author: Daniel M Brasil <danielmbrasil@protonmail.com>
Date:   Thu Aug 31 08:53:24 2023 -0300

    Fix `/api/v1/timelines/tag/:hashtag` allowing for unauthenticated access when public preview is disabled (#26237)

commit 6339806f05cbbe630639df69421394119433896a
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Aug 9 09:39:36 2023 +0200

    Fix blocking subdomains of an already-blocked domain (#26392)

commit 86afbf25d01349bd2fe0ee98f1d60890ef71b7b9
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Aug 30 17:36:16 2023 +0200

    Change text extraction in `PlainTextFormatter` to be faster (#26727)

commit 1ad64b5557f8980b8ec54ac09cd79ac51223a2ea
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Aug 31 19:54:10 2023 +0200

    Backport container build changes to the stable-4.1 branch (#26738)

    Co-authored-by: Renaud Chaput <renchap@gmail.com>

commit ac7d40b561101084baf4688167d155600eefe9dc
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jul 27 17:08:09 2023 +0200

    Bump version to v4.1.6

commit 2fc6117d1b5643c0de908706d22702a35388a2a4
Author: Renaud Chaput <renchap@gmail.com>
Date:   Fri Jul 28 19:11:58 2023 +0200

    Fix missing return values in streaming (#26233)

commit 2eb1a5b7b6d8b6a0b9426e7ee5a1fd04519dd7e2
Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Date:   Fri Jul 28 12:06:29 2023 +0200

    Fix: Streaming server memory leak in HTTP EventSource cleanup (#26228)

commit 6c321bb5e1543c78dbd0fa8e4962e95e544e1f63
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Sat Jul 22 20:42:31 2023 +0200

    Fix incorrect connect timeout in outgoing requests (#26116)

commit da230600acda1d1a151eab4caa3d536ce828a097
Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Date:   Thu Jul 27 15:38:18 2023 +0200

    Refactor streaming's filtering logic & improve documentation (#26213)

commit 1792be342a3cfad7bdfa54311b3962a8051962bb
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jul 27 15:12:10 2023 +0200

    Fix wrong filters sometimes applying in streaming (#26159)

commit ebf4f034c2e3841fde2d0109667c036fb352f3a8
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 21 14:30:46 2023 +0200

    Bump version to v4.1.5

commit 889102013fd687113cec75fe252b5328707e8cc1
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 21 13:34:15 2023 +0200

    Fix CSP headers being unintendedly wide (#26105)

commit d94a2c8aca731b4986e20401ae8ce5255e041b80
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Jul 18 20:51:20 2023 +0200

    Change request timeout handling to use a longer deadline (#26055)

commit efd066670d67676d5f5e73a75c268a2bd09c59c7
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Jul 10 18:42:10 2023 +0200

    Fix moderation interface for remote instances with a .zip TLD (#25885)

commit 13ec425b721c959415921046d7a24ed8c9994cee
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Jul 10 18:42:19 2023 +0200

    Fix remote accounts being possibly persisted to database with incomplete protocol values (#25886)

commit 7a99f0744d7c69a69b7552e31f6bb3914a6a03e8
Author: Michael Stanclift <mx@vmstan.com>
Date:   Thu Jul 13 04:12:51 2023 -0500

    Fix trending publishers table not rendering correctly on narrow screens (#25945)

commit 69c8f26946a5cdeff09ca8fe410bc11be78c158c
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 21 14:18:04 2023 +0200

    Add check preventing Sidekiq workers from running with Makara configured (#25850)

    Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

commit 3f5af768c8f1401f77d14ad5b6aeccdb7e02a9f0
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 7 18:21:10 2023 +0200

    Bump version to v4.1.4

commit cb8ab46302ad783869078ab4a26de04c09417a09
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 7 18:22:50 2023 +0200

    Update dependencies

commit 53b979d5c73f0b28b161581ec3e824d89f66633c
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 7 13:35:22 2023 +0200

    Fix processing of media files with unusual names (#25788)

commit f2bbac3f9fb37f6f870f25362e140d647d60caf5
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 7 18:10:17 2023 +0200

    Fix crash in admin interface when viewing a remote user with verified links (#25796)

commit 015ed99612241b8dbf2810db478b1485f4c31031
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Jul 7 18:10:00 2023 +0200

    Fix branding:generate_app_icons failing because of disallowed ICO coder (#25794)

commit cf58535193708d9a4bd584266423168cda75f415
Author: nemobis <federicoleva@tiscali.it>
Date:   Fri Jul 7 15:15:54 2023 +0300

    Fix typo in CHANGELOG.md (#25764)

commit 0d5781ca7609590a6d5340bb685bb1804056bb46
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Jun 21 09:13:30 2023 +0200

    Bump version to v4.1.3

commit 32ebeed59ba424732130073474fe03699efe07fc
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jul 6 15:06:50 2023 +0200

    Merge pull request from GHSA-55j9-c3mp-6fcq

commit e75ad1de0f95f38b45748cafb1212560fe7587f5
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jul 6 15:06:24 2023 +0200

    Merge pull request from GHSA-9pxv-6qvf-pjwc

    * Fix timeout handling of outbound HTTP requests

    * Use CLOCK_MONOTONIC instead of Time.now

commit 0aa0b71f2cae9e35cff613b13d05ee3aeaf9f944
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jul 6 15:05:05 2023 +0200

    Merge pull request from GHSA-9928-3cp5-93fm

    * Fix attachments getting processed despite failing content-type validation

    * Add a restrictive ImageMagick security policy tailored for Mastodon

    * Fix misdetection of MP3 files with large cover art

    * Reject unprocessable audio/video files instead of keeping them unchanged

commit c4f2609f7a604daef1648e164ef8181d858bd058
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jul 6 15:03:33 2023 +0200

    Merge pull request from GHSA-ccm4-vgcc-73hp

    * Tighten allowed HTML in oEmbed-based preview cards

    * Sanitize preview cards at render time

    * Add `sandbox` attribute to preview card iframes

commit 9b6c0cac7d435905bdbea6e3b0cbb47da9490270
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jul 6 14:31:37 2023 +0200

    Add hardened headers to user-uploaded files (#25756)

commit fac2c9eb7d904e44244e20a8e1e8f6feb3b9db5b
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Jun 28 12:47:00 2023 +0200

    Update rack, rails, nokogiri and doorkeeper gems

commit a3d69a2c5d3fcc0df61929684fe31567860e7f2e
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Jul 4 18:58:23 2023 +0200

    Fix OAuth apps page crashing when listing apps with certain admin API scopes (#25713)

commit 8eb1bb8ba697bce5b72027a0a5263db29fa5e34b
Author: Renaud Chaput <renchap@gmail.com>
Date:   Thu Jun 1 12:14:49 2023 +0200

    Allow carets in URL search params (#25216)

commit 652ff76462f33f90e257e331009f89c41d600409
Author: Vyr Cossont <VyrCossont@users.noreply.github.com>
Date:   Fri Mar 31 23:28:35 2023 -0700

    Fix Redis client and type errors introduced in #24285 (#24342)

commit 6f484fbbd280294bd8e43b5a9d0e54d6e34604b9
Author: Vyr Cossont <VyrCossont@users.noreply.github.com>
Date:   Fri Mar 31 05:38:47 2023 -0700

    IndexingScheduler: fetch and import in batches (#24285)

    Co-authored-by: Claire <claire.github-309c@sitedethib.com>

commit 79f5b8f156f65c25ada4712f8415c8d5f1f6dde7
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jun 29 14:48:54 2023 +0200

    Fix ResolveURLService not resolving local URLs for remote content (#25637)

commit f8930a67a05f9adcaef5bc3f6e874d86f3228415
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jun 22 14:56:14 2023 +0200

    Change /api/v1/statuses/:id/history to always return at least one item (#25510)

commit e65e3a6d14174378b8bf58f5997cde3de40c3ca7
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jun 22 14:52:25 2023 +0200

    Add finer permission requirements for managing webhooks (#25463)

commit 8acbfc6ab1b1a1f026fd85208089b9f31255aba6
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Jun 20 18:15:35 2023 +0200

    Fix wrong view being displayed when a webhook fails validation (#25464)

commit 3ef53958b27da2edd1f1eba27ef2316fef64099f
Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Date:   Tue Jun 20 18:04:35 2023 +0200

    Prevent UserCleanupScheduler from overwhelming streaming (#25519)

commit fd1ffd72ebec4c435b5e4406c1eafa80da69b317
Author: Daniel M Brasil <danielmbrasil@protonmail.com>
Date:   Mon Jun 19 03:53:05 2023 -0300

    Fix incorrect pagination headers in `/api/v2/admin/accounts` (#25477)

commit 7bd34f8b23f26fc4ebd10bcc3f2e0bae7cdd6520
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu May 4 10:13:00 2023 +0200

    Fix infinite loop in AccountsStatusesCleanupScheduler (#24840)

commit 7012bf6ed3188148e91870d83c446c529d46907d
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed May 3 10:31:40 2023 +0200

    Improve automatic post cleanup worker performances (#24785)

commit d9e45f2fa94449fe367a92b34f12775a0c85a8ee
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Sun Apr 23 22:25:40 2023 +0200

    Fix AccountsStatusesCleanupScheduler not spreading deletes across accounts correctly (#24607)

commit 0e139e3c4d8faa94fe0357d235f84a3f4c2abb50
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri Apr 21 18:14:19 2023 +0200

    Change automatic post deletion thresholds and load detection (#24614)

commit 23e7b4d28dc94ef927f6db4e5832a45e333b252e
Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Date:   Sat Jun 10 18:24:37 2023 +0200

    Fix logging of messages that are binary before closing their connection (#25361)

commit e78ee582f7b845c16cdcada44c96ed7053f07ff1
Author: Emelia Smith <ThisIsMissEm@users.noreply.github.com>
Date:   Fri Jun 9 19:29:16 2023 +0200

    Fix performance of streaming by parsing message JSON once (#25278)

commit a197fc094f9f55379d34a46bb530a7ce97d530b6
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon Jun 5 17:35:05 2023 +0200

    Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273)

commit bd7cbeeadfbb7d087c71cd6e0a016d44ca39a786
Author: Daniel M Brasil <danielmbrasil@protonmail.com>
Date:   Sun Apr 30 01:50:58 2023 -0300

    Fix  `tootctl accounts approve --number N` not aproving N earliest registrations (#24605)

commit 2779bce9a22f556b6c7a2e39eab82ab7438ac240
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue May 2 17:42:42 2023 +0200

    Add fallback redirection when getting a webfinger query `LOCAL_DOMAIN@LOCAL_DOMAIN` (#23600)

    Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>

commit 210ff368605c6752dcd8740b088570f393d322cf
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu May 11 04:40:03 2023 +0200

    Change AccessTokensVacuum to also delete expired tokens (#24868)

commit 99c2bbbec9bb004fd54d4f0920c1109e960ebb04
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Fri May 12 13:13:04 2023 +0200

    Change profile updates to be sent to recently-mentioned servers (#24852)

commit 7e587793004c0558d5131ff8eff359a77617a206
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue May 16 14:56:49 2023 +0200

    Fix reports not being closed when performing batch suspensions (#24988)

commit cca464bce3c2ac43e2759d6a0ab0c977b4098d90
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed May 17 00:08:42 2023 +0200

    Fix being able to vote on your own polls (#25015)

commit 1301af60e042fb9db39172977fb3a5d720ca7a31
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed May 17 00:09:21 2023 +0200

    Fix race condition when reblogging a status (#25016)

commit f962e838567143640036c9a4f01e161e2a88941b
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon May 22 12:25:56 2023 +0200

    Change OpenGraph-based embeds to allow fullscreen (#25058)

commit b3cbcd744719cd3a8a65f6dbefbc0f3912827a55
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Mon May 22 14:03:38 2023 +0200

    Fix “Authorized applications” inefficiently and incorrectly getting last use date (#25060)

commit 72d96bf17a6c44344f5896b2b26d751315650f0e
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue May 23 14:27:17 2023 +0200

    Remove invalid X-Frame-Options: ALLOWALL (#25070)

commit b1ac3562dff4c2e21a51bacf7cf963e3203097b8
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue May 23 15:00:36 2023 +0200

    Change Identity to not destroy associated User on destroy (#25098)

commit 4c6c790f80f598d80e4fce44c06309a17dfd65e6
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Tue Jun 20 18:32:26 2023 +0200

    Fix /api/v1/conversations sometimes returning empty accounts (#25499)

commit 036ac5b5c9597f8a2042a102439f14eaa9474f6c
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Jun 14 08:54:52 2023 +0200

    Fix ArgumentError when loading newer Private Mentions (#25399)

commit 3e1724e97282a2725778eccdf46d7756773d2771
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Thu Jun 1 02:41:51 2023 +0200

    Fix multiple N+1s in ConversationsController (#25134)

commit bc8592627bc7effa94c12d17bd8ee7e0b6ff52be
Author: Claire <claire.github-309c@sitedethib.com>
Date:   Wed Apr 5 19:31:49 2023 +0200

    Fix user archive takeouts when using OpenStack Swift (#24431)
  • Loading branch information
@204504bySE
204504bySE committed Feb 17, 2024
1 parent 8136ac2 commit c41639d
Show file tree
Hide file tree
Showing 20 changed files with 225 additions and 49 deletions.
10 changes: 10 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,16 @@ Changelog

All notable changes to this project will be documented in this file.

## [4.1.15] - 2024-02-16

### Fixed

- Fix OmniAuth tests and edge cases in error handling ([ClearlyClaire](https://github.com/mastodon/mastodon/pull/29201), [ClearlyClaire](https://github.com/mastodon/mastodon/pull/29207))

### Security

- Fix insufficient checking of remote posts ([GHSA-jhrq-qvrm-qr36](https://github.com/mastodon/mastodon/security/advisories/GHSA-jhrq-qvrm-qr36))

## [4.1.14] - 2024-02-14

### Security
Expand Down
2 changes: 1 addition & 1 deletion Gemfile.lock
View file
Original file line number Diff line number Diff line change
Expand Up @@ -472,7 +472,7 @@ GEM
parslet (2.0.0)
pastel (0.8.0)
tty-color (~> 0.5)
pg (1.4.5)
pg (1.4.6)
pghero (3.1.0)
activerecord (>= 6)
pkg-config (1.5.1)
Expand Down
3 changes: 3 additions & 0 deletions app/controllers/auth/omniauth_callbacks_controller.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,9 @@ def self.provides_callback_for(provider)
session["devise.#{provider}_data"] = request.env['omniauth.auth']
redirect_to new_user_registration_url
end
rescue ActiveRecord::RecordInvalid
flash[:alert] = I18n.t('devise.failure.omniauth_user_creation_failure') if is_navigational_format?
redirect_to new_user_session_url
end
end

Expand Down
14 changes: 13 additions & 1 deletion app/helpers/jsonld_helper.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,7 +176,19 @@ def fetch_resource_without_id_validation(uri, on_behalf_of = nil, raise_on_tempo
build_request(uri, on_behalf_of, options: request_options).perform do |response|
raise Mastodon::UnexpectedResponseError, response unless response_successful?(response) || response_error_unsalvageable?(response) || !raise_on_temporary_error

body_to_json(response.body_with_limit) if response.code == 200
body_to_json(response.body_with_limit) if response.code == 200 && valid_activitypub_content_type?(response)
end
end

def valid_activitypub_content_type?(response)
return true if response.mime_type == 'application/activity+json'

# When the mime type is `application/ld+json`, we need to check the profile,
# but `http.rb` does not parse it for us.
return false unless response.mime_type == 'application/ld+json'

response.headers[HTTP::Headers::CONTENT_TYPE]&.split(';')&.map(&:strip)&.any? do |str|
str.start_with?('profile="') && str[9...-1].split.include?('https://www.w3.org/ns/activitystreams')
end
end

Expand Down
2 changes: 1 addition & 1 deletion app/services/fetch_resource_service.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ def process_response(response, terminal = false)
@response_code = response.code
return nil if response.code != 200

if ['application/activity+json', 'application/ld+json'].include?(response.mime_type)
if valid_activitypub_content_type?(response)
body = response.body_with_limit
json = body_to_json(body)

Expand Down
1 change: 1 addition & 0 deletions config/locales/devise.en.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ en:
last_attempt: You have one more attempt before your account is locked.
locked: Your account is locked.
not_found_in_database: Invalid %{authentication_keys} or password.
omniauth_user_creation_failure: Error creating an account for this identity.
pending: Your account is still under review.
timeout: Your session expired. Please sign in again to continue.
unauthenticated: You need to sign in or sign up before continuing.
Expand Down
6 changes: 3 additions & 3 deletions docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ services:

web:
build: .
image: ghcr.io/mastodon/mastodon:v4.1.14
image: ghcr.io/mastodon/mastodon:v4.1.15
restart: always
env_file: .env.production
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
Expand All @@ -77,7 +77,7 @@ services:

streaming:
build: .
image: ghcr.io/mastodon/mastodon:v4.1.14
image: ghcr.io/mastodon/mastodon:v4.1.15
restart: always
env_file: .env.production
command: node ./streaming
Expand All @@ -95,7 +95,7 @@ services:

sidekiq:
build: .
image: ghcr.io/mastodon/mastodon:v4.1.14
image: ghcr.io/mastodon/mastodon:v4.1.15
restart: always
env_file: .env.production
command: bundle exec sidekiq
Expand Down
2 changes: 1 addition & 1 deletion lib/mastodon/version.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ def minor
end

def patch
14
15
end

def flags
Expand Down
14 changes: 7 additions & 7 deletions spec/helpers/jsonld_helper_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,36 +56,36 @@
describe '#fetch_resource' do
context 'when the second argument is false' do
it 'returns resource even if the retrieved ID and the given URI does not match' do
stub_request(:get, 'https://bob.test/').to_return body: '{"id": "https://alice.test/"}'
stub_request(:get, 'https://alice.test/').to_return body: '{"id": "https://alice.test/"}'
stub_request(:get, 'https://bob.test/').to_return(body: '{"id": "https://alice.test/"}', headers: { 'Content-Type': 'application/activity+json' })
stub_request(:get, 'https://alice.test/').to_return(body: '{"id": "https://alice.test/"}', headers: { 'Content-Type': 'application/activity+json' })

expect(fetch_resource('https://bob.test/', false)).to eq({ 'id' => 'https://alice.test/' })
end

it 'returns nil if the object identified by the given URI and the object identified by the retrieved ID does not match' do
stub_request(:get, 'https://mallory.test/').to_return body: '{"id": "https://marvin.test/"}'
stub_request(:get, 'https://marvin.test/').to_return body: '{"id": "https://alice.test/"}'
stub_request(:get, 'https://mallory.test/').to_return(body: '{"id": "https://marvin.test/"}', headers: { 'Content-Type': 'application/activity+json' })
stub_request(:get, 'https://marvin.test/').to_return(body: '{"id": "https://alice.test/"}', headers: { 'Content-Type': 'application/activity+json' })

expect(fetch_resource('https://mallory.test/', false)).to eq nil
end
end

context 'when the second argument is true' do
it 'returns nil if the retrieved ID and the given URI does not match' do
stub_request(:get, 'https://mallory.test/').to_return body: '{"id": "https://alice.test/"}'
stub_request(:get, 'https://mallory.test/').to_return(body: '{"id": "https://alice.test/"}', headers: { 'Content-Type': 'application/activity+json' })
expect(fetch_resource('https://mallory.test/', true)).to eq nil
end
end
end

describe '#fetch_resource_without_id_validation' do
it 'returns nil if the status code is not 200' do
stub_request(:get, 'https://host.test/').to_return status: 400, body: '{}'
stub_request(:get, 'https://host.test/').to_return(status: 400, body: '{}', headers: { 'Content-Type': 'application/activity+json' })
expect(fetch_resource_without_id_validation('https://host.test/')).to eq nil
end

it 'returns hash' do
stub_request(:get, 'https://host.test/').to_return status: 200, body: '{}'
stub_request(:get, 'https://host.test/').to_return(status: 200, body: '{}', headers: { 'Content-Type': 'application/activity+json' })
expect(fetch_resource_without_id_validation('https://host.test/')).to eq({})
end
end
Expand Down
4 changes: 2 additions & 2 deletions spec/lib/activitypub/activity/announce_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@
context 'when sender is followed by a local account' do
before do
Fabricate(:account).follow!(sender)
stub_request(:get, 'https://example.com/actor/hello-world').to_return(body: Oj.dump(unknown_object_json))
stub_request(:get, 'https://example.com/actor/hello-world').to_return(body: Oj.dump(unknown_object_json), headers: { 'Content-Type': 'application/activity+json' })
subject.perform
end

Expand Down Expand Up @@ -118,7 +118,7 @@
subject { described_class.new(json, sender, relayed_through_actor: relay_account) }

before do
stub_request(:get, 'https://example.com/actor/hello-world').to_return(body: Oj.dump(unknown_object_json))
stub_request(:get, 'https://example.com/actor/hello-world').to_return(body: Oj.dump(unknown_object_json), headers: { 'Content-Type': 'application/activity+json' })
end

context 'and the relay is enabled' do
Expand Down
143 changes: 143 additions & 0 deletions spec/requests/omniauth_callbacks_spec.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,143 @@
# frozen_string_literal: true

require 'rails_helper'

describe 'OmniAuth callbacks' do
shared_examples 'omniauth provider callbacks' do |provider|
subject { post send :"user_#{provider}_omniauth_callback_path" }

context 'with full information in response' do
before do
mock_omniauth(provider, {
provider: provider.to_s,
uid: '123',
info: {
verified: 'true',
email: 'user@host.example',
},
})
end

context 'without a matching user' do
it 'creates a user and an identity and redirects to root path' do
expect { subject }
.to change(User, :count)
.by(1)
.and change(Identity, :count)
.by(1)
.and change(LoginActivity, :count)
.by(1)

expect(User.last.email).to eq('user@host.example')
expect(Identity.find_by(user: User.last).uid).to eq('123')
expect(response).to redirect_to(root_path)
end
end

context 'with a matching user and no matching identity' do
before do
Fabricate(:user, email: 'user@host.example')
end

context 'when ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH is set to true' do
around do |example|
ClimateControl.modify ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH: 'true' do
example.run
end
end

it 'matches the existing user, creates an identity, and redirects to root path' do
expect { subject }
.to not_change(User, :count)
.and change(Identity, :count)
.by(1)
.and change(LoginActivity, :count)
.by(1)

expect(Identity.find_by(user: User.last).uid).to eq('123')
expect(response).to redirect_to(root_path)
end
end

context 'when ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH is not set to true' do
it 'does not match the existing user or create an identity, and redirects to login page' do
expect { subject }
.to not_change(User, :count)
.and not_change(Identity, :count)
.and not_change(LoginActivity, :count)

expect(response).to redirect_to(new_user_session_url)
end
end
end

context 'with a matching user and a matching identity' do
before do
user = Fabricate(:user, email: 'user@host.example')
Fabricate(:identity, user: user, uid: '123', provider: provider)
end

it 'matches the existing records and redirects to root path' do
expect { subject }
.to not_change(User, :count)
.and not_change(Identity, :count)
.and change(LoginActivity, :count)
.by(1)

expect(response).to redirect_to(root_path)
end
end
end

context 'with a response missing email address' do
before do
mock_omniauth(provider, {
provider: provider.to_s,
uid: '123',
info: {
verified: 'true',
},
})
end

it 'redirects to the auth setup page' do
expect { subject }
.to change(User, :count)
.by(1)
.and change(Identity, :count)
.by(1)
.and change(LoginActivity, :count)
.by(1)

expect(response).to redirect_to(auth_setup_path(missing_email: '1'))
end
end

context 'when a user cannot be built' do
before do
allow(User).to receive(:find_for_omniauth).and_return(User.new)
end

it 'redirects to the new user signup page' do
expect { subject }
.to not_change(User, :count)
.and not_change(Identity, :count)
.and not_change(LoginActivity, :count)

expect(response).to redirect_to(new_user_registration_url)
end
end
end

describe '#openid_connect', if: ENV['OIDC_ENABLED'] == 'true' && ENV['OIDC_SCOPE'].present? do
include_examples 'omniauth provider callbacks', :openid_connect
end

describe '#cas', if: ENV['CAS_ENABLED'] == 'true' do
include_examples 'omniauth provider callbacks', :cas
end

describe '#saml', if: ENV['SAML_ENABLED'] == 'true' do
include_examples 'omniauth provider callbacks', :saml
end
end
16 changes: 8 additions & 8 deletions spec/services/activitypub/fetch_featured_collection_service_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,10 +60,10 @@

shared_examples 'sets pinned posts' do
before do
stub_request(:get, 'https://example.com/account/pinned/1').to_return(status: 200, body: Oj.dump(status_json_1))
stub_request(:get, 'https://example.com/account/pinned/2').to_return(status: 200, body: Oj.dump(status_json_2))
stub_request(:get, 'https://example.com/account/pinned/1').to_return(status: 200, body: Oj.dump(status_json_1), headers: { 'Content-Type': 'application/activity+json' })
stub_request(:get, 'https://example.com/account/pinned/2').to_return(status: 200, body: Oj.dump(status_json_2), headers: { 'Content-Type': 'application/activity+json' })
stub_request(:get, 'https://example.com/account/pinned/3').to_return(status: 404)
stub_request(:get, 'https://example.com/account/pinned/4').to_return(status: 200, body: Oj.dump(status_json_4))
stub_request(:get, 'https://example.com/account/pinned/4').to_return(status: 200, body: Oj.dump(status_json_4), headers: { 'Content-Type': 'application/activity+json' })

subject.call(actor, note: true, hashtag: false)
end
Expand All @@ -76,7 +76,7 @@
describe '#call' do
context 'when the endpoint is a Collection' do
before do
stub_request(:get, actor.featured_collection_url).to_return(status: 200, body: Oj.dump(payload))
stub_request(:get, actor.featured_collection_url).to_return(status: 200, body: Oj.dump(payload), headers: { 'Content-Type': 'application/activity+json' })
end

it_behaves_like 'sets pinned posts'
Expand All @@ -93,7 +93,7 @@
end

before do
stub_request(:get, actor.featured_collection_url).to_return(status: 200, body: Oj.dump(payload))
stub_request(:get, actor.featured_collection_url).to_return(status: 200, body: Oj.dump(payload), headers: { 'Content-Type': 'application/activity+json' })
end

it_behaves_like 'sets pinned posts'
Expand All @@ -102,7 +102,7 @@
let(:items) { 'https://example.com/account/pinned/4' }

before do
stub_request(:get, 'https://example.com/account/pinned/4').to_return(status: 200, body: Oj.dump(status_json_4))
stub_request(:get, 'https://example.com/account/pinned/4').to_return(status: 200, body: Oj.dump(status_json_4), headers: { 'Content-Type': 'application/activity+json' })
subject.call(actor, note: true, hashtag: false)
end

Expand All @@ -129,7 +129,7 @@
end

before do
stub_request(:get, actor.featured_collection_url).to_return(status: 200, body: Oj.dump(payload))
stub_request(:get, actor.featured_collection_url).to_return(status: 200, body: Oj.dump(payload), headers: { 'Content-Type': 'application/activity+json' })
end

it_behaves_like 'sets pinned posts'
Expand All @@ -138,7 +138,7 @@
let(:items) { 'https://example.com/account/pinned/4' }

before do
stub_request(:get, 'https://example.com/account/pinned/4').to_return(status: 200, body: Oj.dump(status_json_4))
stub_request(:get, 'https://example.com/account/pinned/4').to_return(status: 200, body: Oj.dump(status_json_4), headers: { 'Content-Type': 'application/activity+json' })
subject.call(actor, note: true, hashtag: false)
end

Expand Down
Loading

0 comments on commit c41639d

Please sign in to comment.