mirrors/snac2
3
0
Fork 0
mirror of https://codeberg.org/grunfink/snac2.git synced 2024-09-19 18:00:23 +03:00
Code Issues Packages Projects Releases Wiki Activity

Rollback to 86f507410b for some reasons.

Browse Source 
Signed-off-by: Yonle <yonle@lecturify.net>
This commit is contained in:
Yonle 2023-07-24 22:56:18 +07:00
parent 34963e0abc
commit 25bb8f0dd2
4 changed files with 42 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
RELEASE_NOTES.md
View File

@ -1,9 +1,5 @@
# Release Notes # Release Notes
## 2.39
User settings have been moved to their own page.
## 2.38 ## 2.38
More vulnerability fixes (contributed by yonle). More vulnerability fixes (contributed by yonle).

74
html.c
View File

@ -1,4 +1,4 @@
/* snac - A simple, minimalistic ActivityPub instance */ /* snac - A simple, minimalistic ActivityPub instance */
/* copyright (c) 2022 - 2023 grunfink / MIT license */ /* copyright (c) 2022 - 2023 grunfink / MIT license */
#include "xs.h" #include "xs.h"
@ -325,8 +325,8 @@ d_char *html_user_header(snac *snac, d_char *s, int local)
s1 = xs_fmt( s1 = xs_fmt(
"<a href=\"%s.rss\">%s</a> - " "<a href=\"%s.rss\">%s</a> - "
"<a href=\"%s/admin\" rel=\"nofollow\">%s</a></nav>\n", "<a href=\"%s/admin\" rel=\"nofollow\">%s</a></nav>\n",
snac->uid, L("RSS"), snac->actor, L("RSS"),
snac->uid, L("private")); snac->actor, L("private"));
else { else {
xs *n_list = notify_list(snac, 1); xs *n_list = notify_list(snac, 1);
int n_len = xs_list_len(n_list); int n_len = xs_list_len(n_list);
@ -340,14 +340,14 @@ d_char *html_user_header(snac *snac, d_char *s, int local)
n_str = xs_str_new(""); n_str = xs_str_new("");
s1 = xs_fmt( s1 = xs_fmt(
"<a href=\"../%s\">%s</a> - " "<a href=\"%s\">%s</a> - "
"<a href=\"admin\">%s</a> - " "<a href=\"%s/admin\">%s</a> - "
"<a href=\"notifications\">%s</a>%s - " "<a href=\"%s/notifications\">%s</a>%s - "
"<a href=\"people\">%s</a></nav>\n", "<a href=\"%s/people\">%s</a></nav>\n",
snac->uid, L("public"), snac->actor, L("public"),
L("private"), snac->actor, L("private"),
L("notifications"), n_str, snac->actor, L("notifications"), n_str,
L("people")); snac->actor, L("people"));
} }
s = xs_str_cat(s, s1); s = xs_str_cat(s, s1);
@ -394,7 +394,7 @@ d_char *html_top_controls(snac *snac, d_char *s)
"<div class=\"snac-note\">\n" "<div class=\"snac-note\">\n"
"<details><summary>%s</summary>\n" "<details><summary>%s</summary>\n"
"<form autocomplete=\"off\" method=\"post\" " "<form autocomplete=\"off\" method=\"post\" "
"action=\"admin/note\" enctype=\"multipart/form-data\">\n" "action=\"%s/admin/note\" enctype=\"multipart/form-data\">\n"
"<textarea class=\"snac-textarea\" name=\"content\" " "<textarea class=\"snac-textarea\" name=\"content\" "
"rows=\"8\" wrap=\"virtual\" required=\"required\" placeholder=\"What's on your mind?\"></textarea>\n" "rows=\"8\" wrap=\"virtual\" required=\"required\" placeholder=\"What's on your mind?\"></textarea>\n"
"<input type=\"hidden\" name=\"in_reply_to\" value=\"\">\n" "<input type=\"hidden\" name=\"in_reply_to\" value=\"\">\n"
@ -431,22 +431,21 @@ d_char *html_top_controls(snac *snac, d_char *s)
"<div class=\"snac-top-controls-more\">\n" "<div class=\"snac-top-controls-more\">\n"
"<details><summary>%s</summary>\n" "<details><summary>%s</summary>\n"
"<form autocomplete=\"off\" method=\"post\" action=\"admin/action\">\n" /** follow **/ "<form autocomplete=\"off\" method=\"post\" action=\"%s/admin/action\">\n" /** follow **/
"<input type=\"text\" name=\"actor\" required=\"required\" placeholder=\"bob@example.com\">\n" "<input type=\"text\" name=\"actor\" required=\"required\" placeholder=\"bob@example.com\">\n"
"<input type=\"submit\" name=\"action\" value=\"%s\"> %s\n" "<input type=\"submit\" name=\"action\" value=\"%s\"> %s\n"
"</form><p>\n" "</form><p>\n"
"<form autocomplete=\"off\" method=\"post\" action=\"admin/action\">\n" /** boost **/ "<form autocomplete=\"off\" method=\"post\" action=\"%s/admin/action\">\n" /** boost **/
"<input type=\"text\" name=\"id\" required=\"required\" placeholder=\"https://fedi.example.com/bob/....\">\n" "<input type=\"text\" name=\"id\" required=\"required\" placeholder=\"https://fedi.example.com/bob/....\">\n"
"<input type=\"submit\" name=\"action\" value=\"%s\"> %s\n" "<input type=\"submit\" name=\"action\" value=\"%s\"> %s\n"
"</form><p>\n" "</form><p>\n"
"</details>\n"
"<details><summary>%s</summary>\n" "<details><summary>%s</summary>\n"
"<div class=\"snac-user-setup\">\n" /** user setup **/ "<div class=\"snac-user-setup\">\n" /** user setup **/
"<form autocomplete=\"off\" method=\"post\" " "<form autocomplete=\"off\" method=\"post\" "
"action=\"admin/user-setup\" enctype=\"multipart/form-data\">\n" "action=\"%s/admin/user-setup\" enctype=\"multipart/form-data\">\n"
"<p>%s:<br>\n" "<p>%s:<br>\n"
"<input type=\"text\" name=\"name\" value=\"%s\" placeholder=\"Your name.\"></p>\n" "<input type=\"text\" name=\"name\" value=\"%s\" placeholder=\"Your name.\"></p>\n"
@ -485,6 +484,7 @@ d_char *html_top_controls(snac *snac, d_char *s)
"</div>\n" "</div>\n"
"</details>\n" "</details>\n"
"</details>\n"
"</div>\n" "</div>\n"
"</div>\n"; "</div>\n";
@ -531,6 +531,7 @@ d_char *html_top_controls(snac *snac, d_char *s)
xs *s1 = xs_fmt(_tmpl, xs *s1 = xs_fmt(_tmpl,
L("New Post..."), L("New Post..."),
snac->actor,
L("Sensitive content"), L("Sensitive content"),
L("Sensitive content description"), L("Sensitive content description"),
L("Only for mentioned people"), L("Only for mentioned people"),
@ -549,11 +550,16 @@ d_char *html_top_controls(snac *snac, d_char *s)
L("Post"), L("Post"),
L("Operations..."), L("Preferences..."),
snac->actor,
L("Follow"), L("(by URL or user@host)"), L("Follow"), L("(by URL or user@host)"),
snac->actor,
L("Boost"), L("(by URL)"), L("Boost"), L("(by URL)"),
L("User Settings..."), L("User Settings"),
snac->actor,
L("Display name"), L("Display name"),
es1, es1,
L("Avatar"), L("Avatar"),
@ -657,13 +663,13 @@ xs_str *html_entry_controls(snac *snac, xs_str *os, const xs_dict *msg, const ch
{ {
xs *s1 = xs_fmt( xs *s1 = xs_fmt(
"<form autocomplete=\"off\" method=\"post\" action=\"admin/action\">\n" "<form autocomplete=\"off\" method=\"post\" action=\"%s/admin/action\">\n"
"<input type=\"hidden\" name=\"id\" value=\"%s\">\n" "<input type=\"hidden\" name=\"id\" value=\"%s\">\n"
"<input type=\"hidden\" name=\"actor\" value=\"%s\">\n" "<input type=\"hidden\" name=\"actor\" value=\"%s\">\n"
"<input type=\"hidden\" name=\"redir\" value=\"%s_entry\">\n" "<input type=\"hidden\" name=\"redir\" value=\"%s_entry\">\n"
"\n", "\n",
id, actor, md5 snac->actor, id, actor, md5
); );
s = xs_str_cat(s, s1); s = xs_str_cat(s, s1);
@ -717,7 +723,7 @@ xs_str *html_entry_controls(snac *snac, xs_str *os, const xs_dict *msg, const ch
xs *s1 = xs_fmt( xs *s1 = xs_fmt(
"<p><details><summary>%s</summary>\n" "<p><details><summary>%s</summary>\n"
"<p><div class=\"snac-note\" id=\"%s_edit\">\n" "<p><div class=\"snac-note\" id=\"%s_edit\">\n"
"<form autocomplete=\"off\" method=\"post\" action=\"admin/note\" " "<form autocomplete=\"off\" method=\"post\" action=\"%s/admin/note\" "
"enctype=\"multipart/form-data\" id=\"%s_edit_form\">\n" "enctype=\"multipart/form-data\" id=\"%s_edit_form\">\n"
"<textarea class=\"snac-textarea\" name=\"content\" " "<textarea class=\"snac-textarea\" name=\"content\" "
"rows=\"4\" wrap=\"virtual\" required=\"required\">%s</textarea>\n" "rows=\"4\" wrap=\"virtual\" required=\"required\">%s</textarea>\n"
@ -740,7 +746,7 @@ xs_str *html_entry_controls(snac *snac, xs_str *os, const xs_dict *msg, const ch
L("Edit..."), L("Edit..."),
md5, md5,
md5, snac->actor, md5,
prev_src, prev_src,
id, id,
L("Sensitive content"), L("Sensitive content"),
@ -768,7 +774,7 @@ xs_str *html_entry_controls(snac *snac, xs_str *os, const xs_dict *msg, const ch
xs *s1 = xs_fmt( xs *s1 = xs_fmt(
"<p><details><summary>%s</summary>\n" "<p><details><summary>%s</summary>\n"
"<p><div class=\"snac-note\" id=\"%s_reply\">\n" "<p><div class=\"snac-note\" id=\"%s_reply\">\n"
"<form autocomplete=\"off\" method=\"post\" action=\"admin/note\" " "<form autocomplete=\"off\" method=\"post\" action=\"%s/admin/note\" "
"enctype=\"multipart/form-data\" id=\"%s_reply_form\">\n" "enctype=\"multipart/form-data\" id=\"%s_reply_form\">\n"
"<textarea class=\"snac-textarea\" name=\"content\" " "<textarea class=\"snac-textarea\" name=\"content\" "
"rows=\"4\" wrap=\"virtual\" required=\"required\">%s</textarea>\n" "rows=\"4\" wrap=\"virtual\" required=\"required\">%s</textarea>\n"
@ -791,7 +797,7 @@ xs_str *html_entry_controls(snac *snac, xs_str *os, const xs_dict *msg, const ch
L("Reply..."), L("Reply..."),
md5, md5,
md5, snac->actor, md5,
ct, ct,
id, id,
L("Sensitive content"), L("Sensitive content"),
@ -1086,10 +1092,10 @@ xs_str *html_entry(snac *snac, xs_str *os, const xs_dict *msg, int local,
/* poll still active */ /* poll still active */
xs *s1 = xs_fmt("<div class=\"snac-poll-form\">\n" xs *s1 = xs_fmt("<div class=\"snac-poll-form\">\n"
"<form autocomplete=\"off\" " "<form autocomplete=\"off\" "
"method=\"post\" action=\"admin/vote\">\n" "method=\"post\" action=\"%s/admin/vote\">\n"
"<input type=\"hidden\" name=\"actor\" value= \"%s\">\n" "<input type=\"hidden\" name=\"actor\" value= \"%s\">\n"
"<input type=\"hidden\" name=\"irt\" value=\"%s\">\n", "<input type=\"hidden\" name=\"irt\" value=\"%s\">\n",
actor, id); snac->actor, actor, id);
while (xs_list_iter(&p, &v)) { while (xs_list_iter(&p, &v)) {
const char *name = xs_dict_get(v, "name"); const char *name = xs_dict_get(v, "name");
@ -1479,11 +1485,11 @@ d_char *html_people_list(snac *snac, d_char *os, d_char *list, const char *heade
s = xs_str_cat(s, "<div class=\"snac-controls\">\n"); s = xs_str_cat(s, "<div class=\"snac-controls\">\n");
xs *s1 = xs_fmt( xs *s1 = xs_fmt(
"<p><form autocomplete=\"off\" method=\"post\" action=\"admin/action\">\n" "<p><form autocomplete=\"off\" method=\"post\" action=\"%s/admin/action\">\n"
"<input type=\"hidden\" name=\"actor\" value=\"%s\">\n" "<input type=\"hidden\" name=\"actor\" value=\"%s\">\n"
"<input type=\"hidden\" name=\"actor-form\" value=\"yes\">\n", "<input type=\"hidden\" name=\"actor-form\" value=\"yes\">\n",
actor_id snac->actor, actor_id
); );
s = xs_str_cat(s, s1); s = xs_str_cat(s, s1);
@ -1507,7 +1513,7 @@ d_char *html_people_list(snac *snac, d_char *os, d_char *list, const char *heade
xs *s2 = xs_fmt( xs *s2 = xs_fmt(
"<p><details><summary>%s</summary>\n" "<p><details><summary>%s</summary>\n"
"<p><div class=\"snac-note\" id=\"%s_%s_dm\">\n" "<p><div class=\"snac-note\" id=\"%s_%s_dm\">\n"
"<form autocomplete=\"off\" method=\"post\" action=\"admin/note\" " "<form autocomplete=\"off\" method=\"post\" action=\"%s/admin/note\" "
"enctype=\"multipart/form-data\" id=\"%s_reply_form\">\n" "enctype=\"multipart/form-data\" id=\"%s_reply_form\">\n"
"<textarea class=\"snac-textarea\" name=\"content\" " "<textarea class=\"snac-textarea\" name=\"content\" "
"rows=\"4\" wrap=\"virtual\" required=\"required\"></textarea>\n" "rows=\"4\" wrap=\"virtual\" required=\"required\"></textarea>\n"
@ -1519,7 +1525,7 @@ d_char *html_people_list(snac *snac, d_char *os, d_char *list, const char *heade
L("Direct Message..."), L("Direct Message..."),
md5, t, md5, t,
md5, snac->actor, md5,
actor_id, actor_id,
L("Post") L("Post")
); );
@ -1570,9 +1576,9 @@ xs_str *html_notifications(snac *snac)
xs *s1 = xs_fmt( xs *s1 = xs_fmt(
"<form autocomplete=\"off\" " "<form autocomplete=\"off\" "
"method=\"post\" action=\"admin/clear-notifications\" id=\"clear\">\n" "method=\"post\" action=\"%s/admin/clear-notifications\" id=\"clear\">\n"
"<input type=\"submit\" class=\"snac-btn-like\" value=\"%s\">\n" "<input type=\"submit\" class=\"snac-btn-like\" value=\"%s\">\n"
"</form><p>\n", L("Clear all")); "</form><p>\n", snac->actor, L("Clear all"));
s = xs_str_cat(s, s1); s = xs_str_cat(s, s1);
while (xs_list_iter(&p, &v)) { while (xs_list_iter(&p, &v)) {
@ -2372,9 +2378,9 @@ int html_post_handler(const xs_dict *req, const char *q_path,
char *redir = xs_dict_get(p_vars, "redir"); char *redir = xs_dict_get(p_vars, "redir");
if (xs_is_null(redir)) if (xs_is_null(redir))
redir = ""; redir = "snac-posts";
*body = xs_fmt("../admin#%s", redir); *body = xs_fmt("%s/admin#%s", snac.actor, redir);
*b_size = strlen(*body); *b_size = strlen(*body);
} }

2
httpd.c
View File

@ -91,7 +91,7 @@ int server_get_handler(xs_dict *req, char *q_path,
if (user_open(&snac, uid)) { if (user_open(&snac, uid)) {
xs *u = xs_fmt( xs *u = xs_fmt(
"<li><a href=\"%s\">@%s@%s (%s)</a></li>\n", "<li><a href=\"%s\">@%s@%s (%s)</a></li>\n",
uid, uid, host, snac.actor, uid, host,
xs_dict_get(snac.config, "name")); xs_dict_get(snac.config, "name"));
ul = xs_str_cat(ul, u); ul = xs_str_cat(ul, u);

2
snac.h
View File

@ -1,7 +1,7 @@
/* snac - A simple, minimalistic ActivityPub instance */ /* snac - A simple, minimalistic ActivityPub instance */
/* copyright (c) 2022 - 2023 grunfink / MIT license */ /* copyright (c) 2022 - 2023 grunfink / MIT license */
#define VERSION "2.39-dev" #define VERSION "2.38"
#define USER_AGENT "snac/" VERSION #define USER_AGENT "snac/" VERSION