erik/mastodon
1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-08-20 21:08:15 -07:00
Code Issues Projects Releases Wiki Activity
16045 commits 90 branches 256 tags 992 MiB
Commit graph

16045 commits

This branch
This branch
All branches
Author SHA1 Message Date
Calvin Lee
9eb30dfb1c Sanitize MathML in post content 
Summary:
-------
This commit correctly sanitizes incoming MathML according to [FEP-dc88].
Instead of completely removing MathML nodes, it replaces them with their
LaTeX or plain-text representation, so that the mathematics can be read
in some form by mastodon users.

Test Plan:
----------
```
$ RAILS_ENV=test bundle exec rspec spec/lib/sanitize_config_spec.rb -f d
Run options: exclude {:type=>#<Proc: ./spec/rails_helper.rb:79>}

Randomized with seed 58854

Sanitize::Config
  ::MASTODON_STRICT
    sanitizes math blocks to LaTeX
    converts h1 to p strong
    removes "translate" attribute with invalid value
    removes a without href
    removes a without href and only keeps text content
    math sanitizer falls back to plaintext
    keeps ul
    prefers latex
    removes a with unparsable href
    keeps start and reversed attributes of ol
    removes a with unsupported scheme in href
    keeps a with translate="no"
    keeps a with href
    keeps a with supported scheme and no host
    does not re-interpret HTML when removing unsupported links
    sanitizes math to LaTeX

Finished in 0.17323 seconds (files took 3.28 seconds to load)
16 examples, 0 failures

Randomized with seed 58854

```

observed 100% code coverage of `lib/sanitize_ext/sanitize_config.rb`.

Ran mastodon locally, and fetched [reference post][nyancat] and observed
that math was converted to plaintext form (and was not missing).

[FEP-dc88]: https://codeberg.org/fediverse/fep/src/branch/main/fep/dc88/fep-dc88.md
[tracking]: https://codeberg.org/fediverse/fep/issues/161
[socialhub]: https://socialhub.activitypub.rocks/t/fep-dc88-formatting-mathematics/3564
[nyancat]: https://nyan.network/notice/Aa4IvnBVHysWswRX1s

Related Discussion:
-------------------

Please see [FEP-dc88], the [FEP tracking issue][tracking] and
[FEP forum discussion][socialhub] for more information.

Fixes mastodon/mastodon#26943
 2024-04-25 10:16:39 +00:00
github-actions[bot]
85fdbd0ad5
New Crowdin Translations (automated) (#30062) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2024-04-25 08:50:54 +00:00
Matt Jankowski
d9eee9bf9a
Remove column defaults for status_pins timestamp columns (#29261) 2024-04-24 14:56:54 +00:00
Tim Rogers
b128474625
Fixed rendering of excess whitespace in status card titles (#30017) 2024-04-24 09:09:21 +00:00
Matt Jankowski
f4a53f3fb4
Extract constants for column size length validation limits (#30045) 2024-04-24 08:56:28 +00:00
github-actions[bot]
ebcf9840f4
New Crowdin Translations (automated) (#30050) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2024-04-24 08:45:24 +00:00
Eugen Rochko
74012831f6
Change mute options to be in dropdown on muted users list in web UI (#30049) 2024-04-24 08:45:12 +00:00
Matt Jankowski
b903e6909e
Disable Style/HashAsLastArrayItem cop (#30041) 2024-04-24 08:32:18 +00:00
Renaud Chaput
0e585b9a52
Update to Ruby 3.2.4 (#30036) 2024-04-24 08:21:05 +00:00
Matt Jankowski
3f6887557b
Move JS source from packs to entrypoints (#30037) 2024-04-23 16:45:12 +00:00
Matt Jankowski
32ead51e5a
Add material design icons to admin/settings views (#27780) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-04-23 16:43:49 +00:00
Claire
a2399046ca
Fix string interpolation for software updates admin mailer (#30035) 2024-04-23 12:54:52 +00:00
Emelia Smith
049b159beb
Add read:me OAuth 2.0 scope, allowing more limited access to user data (#29087) 2024-04-23 11:47:00 +00:00
github-actions[bot]
d754b15afb
New Crowdin Translations (automated) (#30034) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2024-04-23 09:07:05 +00:00
renovate[bot]
91c7406b59
Update dependency postcss-preset-env to v9.5.9 (#30029) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-23 08:41:50 +00:00
renovate[bot]
1471c0d4e0
Update dependency rubocop to v1.63.3 (#30031) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-23 08:41:33 +00:00
renovate[bot]
483fabf48a
Update dependency http to '~> 5.2.0' (#30027) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-04-22 14:02:47 +00:00
Claire
2ef098d01c
Revert "Rely on dotenv autoload instead of explicit call (#30007)" (#30028) 2024-04-22 14:02:24 +00:00
Matt Jankowski
33e829763d
Use shared form partial for admin/domain_blocks views (#29609) 2024-04-22 12:22:16 +00:00
Matt Jankowski
ffbbf74c50
Limit http gem version to 5.1.x series (#30010) 2024-04-22 09:01:36 +00:00
Matt Jankowski
56b095edeb
Update Gemfile.lock ruby and bundler versions (#30011) 2024-04-22 09:01:24 +00:00
Tim Rogers
1ca6ff8ca5
Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-04-22 09:00:24 +00:00
Tim Rogers
75163d9daf
Fixed rendering error on /start when not logged in (#30023) 2024-04-22 08:53:08 +00:00
github-actions[bot]
3655fb6a22
New Crowdin Translations (automated) (#30014) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2024-04-22 08:42:35 +00:00
Matt Jankowski
18737aad49
Rely on dotenv autoload instead of explicit call (#30007) 2024-04-22 08:31:20 +00:00
Matt Jankowski
a15139bc02
Fix intermittent order based failure in UpdateStatusService spec (#30008) 2024-04-22 08:30:38 +00:00
renovate[bot]
24e67c4394
Update dependency postcss-preset-env to v9.5.8 (#30018) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-22 08:24:08 +00:00
renovate[bot]
3e21af3e4a
Update dependency @types/react to v18.2.79 (#30024) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-22 08:14:09 +00:00
renovate[bot]
88f946890d
Update peter-evans/create-pull-request action to v6.0.4 (#30025) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-22 08:13:28 +00:00
renovate[bot]
223936c2e8
Update eslint (non-major) to v7.7.0 (#30026) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-22 08:13:04 +00:00
Matt Jankowski
2ec9bff36e
Fix Rubocop Rails/UniqueValidationWithoutIndex cop (#27461) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-04-22 08:04:05 +00:00
Matt Jankowski
35b517c207
Remove remnants of capistrano (#30009) 2024-04-19 20:53:01 +00:00
Matt Jankowski
369b2ef0ed
Fix Style/TrailingCommaInHashLiteral cop (#30004) 2024-04-19 20:52:01 +00:00
Matt Jankowski
c7384adc00
Fix Style/TrailingCommaInArguments cop (#30003) 2024-04-19 20:37:18 +00:00
Matt Jankowski
b6f04aed35
Silence warning about requiring rubocop-rspec_rails (#30002) 2024-04-19 20:35:00 +00:00
Matt Jankowski
933189887b
Fix Style/StringLiterals cop (#30005) 2024-04-19 20:33:00 +00:00
Matt Jankowski
8d47ba893a
Fix Style/PercentLiteralDelimiters cop (#30006) 2024-04-19 20:32:26 +00:00
renovate[bot]
d24462c81a
Update dependency test-prof to v1.3.3 (#30000) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-19 19:46:13 +00:00
Matt Jankowski
fa5e154ee3
Indirect deps gem version bumps (#29998) 2024-04-19 19:45:41 +00:00
Matt Jankowski
f5d341382e
Add any_args to have_enqueued_sidekiq_job call (quiets deprecation) (#29999) 2024-04-19 19:44:59 +00:00
Matt Jankowski
f386eb6c63
Replace deprecated dotenv-rails gem with dotenv gem (#29173) 2024-04-19 14:25:14 +00:00
github-actions[bot]
ec71c02c4b
New Crowdin Translations (automated) (#29994) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2024-04-19 13:57:43 +00:00
Matt Jankowski
4837bfcc6a
Use shared form partial for admin/announcements views (#29608) 2024-04-19 13:57:32 +00:00
renovate[bot]
e5d5bd7ff1
Update dependency postcss-preset-env to v9.5.6 (#29983) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-18 16:24:55 +00:00
Matt Jankowski
75f9c652e2
Fix Bundler/OrderedGems cop (#28400) 2024-04-18 16:24:22 +00:00
github-actions[bot]
443186ff40
New Crowdin Translations (automated) (#29980) 
Co-authored-by: GitHub Actions <noreply@github.com>
 2024-04-18 11:18:39 +00:00
Matt Jankowski
11e0049b08
Use enum-generated scopes/queries for BulkImport (#29975) 2024-04-18 10:13:35 +00:00
renovate[bot]
630572323f
Update dependency ioredis to v5.4.1 (#29977) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-17 21:52:26 +00:00
renovate[bot]
1ad119941f
Update dependency rspec-sidekiq to v4.2.0 (#29964) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-04-17 11:14:09 +00:00
Claire
8bece467f8
Change have_enqueued_sidekiq_job usage to always make argument expectations explicit (#29974) 2024-04-17 11:13:52 +00:00