This fixes some linkname shenanigans previous versions of the library
were using. It's now safe to upgrade to Go 1.23 and beyond once they
become available.
* Set frame-ancestors in the CSP
This ensures we can't be loaded/embedded in an iframe. It also sets the
older X-Frame-Options for fallback.
* Disable MIME type sniffing
* Set Referrer-Policy
This sets the policy such that browsers will never send the Referer
header along with a request, unless it's a request to the same protocol,
host/domain and port. Basically, only send it when navigating through
our own UI, but not anything external.
The default is strict-origin-when-cross-origin when unset, which sends
the Referer header for requests unless it's going from HTTPS to HTTP
(i.e a security downgrade, hence the 'strict').
Since 1.25.1 the newer 'http2 on;' syntax should be used. The previous
syntax still works, but throws warnings when testing the configuration
with 'nginx -t'.
This also updates the certbot template to match what's currently
generated. It removes ipv6only=on as that's the default on a listen
directive binding on a wildcard IPv6 address.
Though the entry point is docs.gotosocial.org, that's redirected by RTD
to docs.gotosocial.org/en/latest/ which is where the actual site is
served from. However, other URLs like docs.gotosocial.org/admin aren't
redirected to docs.gotosocial.org/en/latest/admin. They just 404.
Without us including the /en/latest/ all the generated og:img URLs as
well as the link rel=canonical result in URLs that all 404.
This means that currently the social cards aren't working well, but
indexing the docs site by search engines is probably also partially
broken, since our sitemap.xml is also pointing at things that don't
exist.
* [feature] Default to WASM-based SQLite driver
With 0.16 out this switches our default SQLite driver to the WASM-based
solution instead. So far the driver seems to perform just as well.
Switching our default should result in it getting a bit more testing
during the 0.17 development cycle.
* add the ol' john hancock
---------
Co-authored-by: tobi <tobi.smethurst@protonmail.com>
* start updating media manager interface ready for storing attachments / emoji right away
* store emoji and media as uncached immediately, then (re-)cache on Processing{}.Load()
* remove now unused media workers
* fix tests and issues
* fix another test!
* fix emoji activitypub uri setting behaviour, fix remainder of test compilation issues
* fix more tests
* fix (most of) remaining tests, add debouncing to repeatedly failing media / emojis
* whoops, rebase issue
* remove kim's whacky experiments
* do some reshuffling, ensure emoji uri gets set
* ensure marked as not cached on cleanup
* tweaks to media / emoji processing to handle context canceled better
* ensure newly fetched emojis actually get set in returned slice
* use different varnames to be a bit more obvious
* move emoji refresh rate limiting to dereferencer
* add exported dereferencer functions for remote media, use these for recaching in processor
* add check for nil attachment in updateAttachment()
* remove unused emoji and media fields + columns
* see previous commit
* fix old migrations expecting image_updated_at to exists (from copies of old models)
* remove freshness checking code (seems to be broken...)
* fix error arg causing nil ptr exception
* finish documentating functions with comments, slight tweaks to media / emoji deref error logic
* remove some extra unneeded boolean checking
* finish writing documentation (code comments) for exported media manager methods
* undo changes to migration snapshot gtsmodels, updated failing migration to have its own snapshot
* move doesColumnExist() to util.go in migrations package
This syncs our copy with the current state of the ai.robots.txt
repository. Upstream has tightened their scope to be AI-only, whereas
before it included a bunch of SEO and "web intelligence" marketing
stuff. I've kept those but moved them into their own section.
* [bugfix] add Date and Message-ID headers for email
This should make spam filters more happy, as most of them grant some
negative score for not having those headers. Also the Date is convenient
for the user receiving the mail.
* make golangci-lint happy
* updates go-structr and go-mangler to no longer rely on modern-go/reflect2 (*phew* now we're go1.23 safe)
* update go-structr version
* bump go-structr to improve memory usage (v. slightly) in certain conditions
* improved server shutdown with more precise shutdown of modules + deferring of ALL of it
* move delivery and workers into separate files
* add worker task model and Serialize() / Deserialize() methods for message types
* start adding message serialize / deserialize tests
* start adding test cases
* update body rewinding to rely on standard library mechanism of r.GetBody()
* remove request rewinding (http.Client{} should already handle this)
* standard library already handles rewinding
* improved code comment
* move the newPOST() function contents to prepare(), fits better with current API
* add Serialize() / Deserialize() implementations for Delivery{} type
* finish writing FromClientAPI sserialize / deserialize tests
* start adding FromFediAPI{} serialize / deserialize test cases
* fix FromFediAPI{} tests
* add tests for delivery message type
* fix repeat code
* missing license header
* use testrig status and accounts for marshal / unmarshaling tests
* add a specific test for checking account RSA keys are preserved
* use apiutil + paging in admin processor+handlers
* we're making it happen
* fix little whoopsie
* styling for report list
* don't youuuu forget about meee don't don't don't don't
* last bits
* sanitize content before showing in report statuses
* update report docs
These filter API v2 features were cut late in development because the form encoding version is hard to implement correctly and because I thought no clients actually used `keywords_attributes`. Unfortunately, Phanpy does use `keywords_attributes`.
The memlimit package started to log any error returned by automemlimit.
This updates our implementation to call SetGoMemLimitWithOpts() instead
which uses the same defaults as automemlimit except for being
initialised with a noop logger.
We check the returned error for a particular substring, as when cgroups
isn't available even when running on a Linux system that's not a
problem. If it's anything but that error, we log it at the warning
level so that admins can still diagnose other cgroup related issues.
Fixes#2983
Co-authored-by: tobi <31960611+tsmethurst@users.noreply.github.com>
* Add optional instructions for replicating SQLite for disaster recovery
* Remove references to MacOS from replicating-sqlite.md
Resolve comment on review
* Add mention for replicating SQLite in database_maintenance.md
Adds a reference to the replicating sqlite page under database maintenance
* [bugfix] Deref stats async, allow peek if handshaking
* don't return totalItems when handshaking or hiding collections
* use GetLimit()
* use StubAccountStats
* fix possible infinite recursion if moved accounts are self-referential
* adds a defensive check for a boost being a boost of a boost wrapper
* add checks on input for a boost of a boost
* remove unnecessary check
* add protections on account move to prevent move recursion loops
* separate status conversion without boost logic into separate function to remove risk of recursion
* move boost check to boost function itself
* formatting
* use error 422 instead of 500
* use gtserror not standard errors package for error creation