Merge commit '2f932cb2bb' into kb_migration

2023-08-03 15:48:07 +09:00 · 2023-08-03 15:48:07 +09:00 · 82d61dad96
commit 82d61dad96
parent c2324203fd 2f932cb2bb
65 changed files with 909 additions and 162 deletions
--- a/app/controllers/accounts_controller.rb
+++ b/app/controllers/accounts_controller.rb
@ -12,7 +12,7 @@ class AccountsController < ApplicationController
  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }

  skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?

  def show
    respond_to do |format|
--- a/app/controllers/admin/instances_controller.rb
+++ b/app/controllers/admin/instances_controller.rb
@ -65,7 +65,7 @@ module Admin
    end

    def filtered_instances
-      InstanceFilter.new(whitelist_mode? ? { allowed: true } : filter_params).results
+      InstanceFilter.new(limited_federation_mode? ? { allowed: true } : filter_params).results
    end

    def filter_params
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@ -8,7 +8,7 @@ class Api::BaseController < ApplicationController
  include AccessTokenTrackingConcern
  include ApiCachingConcern

-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?

  before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
  before_action :require_not_suspended!
@ -150,7 +150,7 @@ class Api::BaseController < ApplicationController
  end

  def disallow_unauthenticated_api_access?
-    ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.whitelist_mode
+    ENV['DISALLOW_UNAUTHENTICATED_API_ACCESS'] == 'true' || Rails.configuration.x.limited_federation_mode
  end

  private
--- a/app/controllers/api/v1/instances/activity_controller.rb
+++ b/app/controllers/api/v1/instances/activity_controller.rb
@ -3,7 +3,7 @@
 class Api::V1::Instances::ActivityController < Api::BaseController
  before_action :require_enabled_api!

-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?

  vary_by ''

@ -33,6 +33,6 @@ class Api::V1::Instances::ActivityController < Api::BaseController
  end

  def require_enabled_api!
-    head 404 unless Setting.activity_api_enabled && !whitelist_mode?
+    head 404 unless Setting.activity_api_enabled && !limited_federation_mode?
  end
 end
--- a/app/controllers/api/v1/instances/domain_blocks_controller.rb
+++ b/app/controllers/api/v1/instances/domain_blocks_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Instances::DomainBlocksController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?

  before_action :require_enabled_api!
  before_action :set_domain_blocks
--- a/app/controllers/api/v1/instances/extended_descriptions_controller.rb
+++ b/app/controllers/api/v1/instances/extended_descriptions_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale

  before_action :set_extended_description
@ -10,7 +10,7 @@ class Api::V1::Instances::ExtendedDescriptionsController < Api::BaseController

  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end

  def show
--- a/app/controllers/api/v1/instances/peers_controller.rb
+++ b/app/controllers/api/v1/instances/peers_controller.rb
@ -3,14 +3,14 @@
 class Api::V1::Instances::PeersController < Api::BaseController
  before_action :require_enabled_api!

-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale

  vary_by ''

  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end

  def index
@ -21,6 +21,6 @@ class Api::V1::Instances::PeersController < Api::BaseController
  private

  def require_enabled_api!
-    head 404 unless Setting.peers_api_enabled && !whitelist_mode?
+    head 404 unless Setting.peers_api_enabled && !limited_federation_mode?
  end
 end
--- a/app/controllers/api/v1/instances/privacy_policies_controller.rb
+++ b/app/controllers/api/v1/instances/privacy_policies_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Instances::PrivacyPoliciesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?

  before_action :set_privacy_policy

--- a/app/controllers/api/v1/instances/rules_controller.rb
+++ b/app/controllers/api/v1/instances/rules_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Instances::RulesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale

  before_action :set_rules
@ -10,7 +10,7 @@ class Api::V1::Instances::RulesController < Api::BaseController

  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end

  def index
--- a/app/controllers/api/v1/instances/translation_languages_controller.rb
+++ b/app/controllers/api/v1/instances/translation_languages_controller.rb
@ -1,7 +1,7 @@
 # frozen_string_literal: true

 class Api::V1::Instances::TranslationLanguagesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?

  before_action :set_languages

--- a/app/controllers/api/v1/instances_controller.rb
+++ b/app/controllers/api/v1/instances_controller.rb
@ -1,14 +1,14 @@
 # frozen_string_literal: true

 class Api::V1::InstancesController < Api::BaseController
-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale

  vary_by ''

  # Override `current_user` to avoid reading session cookies unless in whitelist mode
  def current_user
-    super if whitelist_mode?
+    super if limited_federation_mode?
  end

  def show
--- a/app/controllers/api/v1/peers/search_controller.rb
+++ b/app/controllers/api/v1/peers/search_controller.rb
@ -4,7 +4,7 @@ class Api::V1::Peers::SearchController < Api::BaseController
  before_action :require_enabled_api!
  before_action :set_domains

-  skip_before_action :require_authenticated_user!, unless: :whitelist_mode?
+  skip_before_action :require_authenticated_user!, unless: :limited_federation_mode?
  skip_around_action :set_locale

  vary_by ''
@ -17,7 +17,7 @@ class Api::V1::Peers::SearchController < Api::BaseController
  private

  def require_enabled_api!
-    head 404 unless Setting.peers_api_enabled && !whitelist_mode?
+    head 404 unless Setting.peers_api_enabled && !limited_federation_mode?
  end

  def set_domains
@ -27,7 +27,7 @@ class Api::V1::Peers::SearchController < Api::BaseController
      @domains = InstancesIndex.query(function_score: {
        query: {
          prefix: {
-            domain: params[:q],
+            domain: TagManager.instance.normalize_domain(params[:q].strip),
          },
        },

--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -19,7 +19,7 @@ class ApplicationController < ActionController::Base
  helper_method :use_seamless_external_login?
  helper_method :omniauth_only?
  helper_method :sso_account_settings
-  helper_method :whitelist_mode?
+  helper_method :limited_federation_mode?
  helper_method :body_class_string
  helper_method :skip_csrf_meta_tags?

@ -52,7 +52,7 @@ class ApplicationController < ActionController::Base
  private

  def authorized_fetch_mode?
-    ENV['AUTHORIZED_FETCH'] == 'true' || Rails.configuration.x.whitelist_mode
+    ENV['AUTHORIZED_FETCH'] == 'true' || Rails.configuration.x.limited_federation_mode
  end

  def public_fetch_mode?
--- a/app/controllers/concerns/account_owned_concern.rb
+++ b/app/controllers/concerns/account_owned_concern.rb
@ -4,7 +4,7 @@ module AccountOwnedConcern
  extend ActiveSupport::Concern

  included do
-    before_action :authenticate_user!, if: -> { whitelist_mode? && request.format != :json }
+    before_action :authenticate_user!, if: -> { limited_federation_mode? && request.format != :json }
    before_action :set_account, if: :account_required?
    before_action :check_account_approval, if: :account_required?
    before_action :check_account_suspension, if: :account_required?
--- a/app/controllers/concerns/api_caching_concern.rb
+++ b/app/controllers/concerns/api_caching_concern.rb
@ -8,6 +8,6 @@ module ApiCachingConcern
  end

  def cache_even_if_authenticated!
-    expires_in(5.minutes, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless whitelist_mode?
+    expires_in(5.minutes, public: true, stale_while_revalidate: 30.seconds, stale_if_error: 1.day) unless limited_federation_mode?
  end
 end
--- a/app/controllers/follower_accounts_controller.rb
+++ b/app/controllers/follower_accounts_controller.rb
@ -10,7 +10,7 @@ class FollowerAccountsController < ApplicationController
  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }

  skip_around_action :set_locale, if: -> { request.format == :json }
-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?

  def index
    respond_to do |format|
--- a/app/controllers/following_accounts_controller.rb
+++ b/app/controllers/following_accounts_controller.rb
@ -10,7 +10,7 @@ class FollowingAccountsController < ApplicationController
  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }

  skip_around_action :set_locale, if: -> { request.format == :json }
-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?

  def index
    respond_to do |format|
--- a/app/controllers/mail_subscriptions_controller.rb
+++ b/app/controllers/mail_subscriptions_controller.rb
@ -9,6 +9,8 @@ class MailSubscriptionsController < ApplicationController
  before_action :set_user
  before_action :set_type

+  protect_from_forgery with: :null_session
+
  def show; end

  def create
@ -20,6 +22,7 @@ class MailSubscriptionsController < ApplicationController

  def set_user
    @user = GlobalID::Locator.locate_signed(params[:token], for: 'unsubscribe')
+    not_found unless @user
  end

  def set_body_classes
@ -35,7 +38,7 @@ class MailSubscriptionsController < ApplicationController
    when 'follow', 'reblog', 'favourite', 'mention', 'follow_request'
      "notification_emails.#{params[:type]}"
    else
-      raise ArgumentError
+      not_found
    end
  end
 end
--- a/app/controllers/media_controller.rb
+++ b/app/controllers/media_controller.rb
@ -3,9 +3,9 @@
 class MediaController < ApplicationController
  include Authorization

-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?

-  before_action :authenticate_user!, if: :whitelist_mode?
+  before_action :authenticate_user!, if: :limited_federation_mode?
  before_action :set_media_attachment
  before_action :verify_permitted_status!
  before_action :check_playable, only: :player
--- a/app/controllers/media_proxy_controller.rb
+++ b/app/controllers/media_proxy_controller.rb
@ -8,7 +8,7 @@ class MediaProxyController < ApplicationController

  skip_before_action :require_functional!

-  before_action :authenticate_user!, if: :whitelist_mode?
+  before_action :authenticate_user!, if: :limited_federation_mode?

  rescue_from ActiveRecord::RecordInvalid, with: :not_found
  rescue_from Mastodon::UnexpectedResponseError, with: :not_found
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@ -17,7 +17,7 @@ class StatusesController < ApplicationController
  after_action :set_link_headers

  skip_around_action :set_locale, if: -> { request.format == :json }
-  skip_before_action :require_functional!, only: [:show, :embed], unless: :whitelist_mode?
+  skip_before_action :require_functional!, only: [:show, :embed], unless: :limited_federation_mode?

  content_security_policy only: :embed do |policy|
    policy.frame_ancestors(false)
--- a/app/controllers/tags_controller.rb
+++ b/app/controllers/tags_controller.rb
@ -10,13 +10,13 @@ class TagsController < ApplicationController
  vary_by -> { public_fetch_mode? ? 'Accept, Accept-Language, Cookie' : 'Accept, Accept-Language, Cookie, Signature' }

  before_action :require_account_signature!, if: -> { request.format == :json && authorized_fetch_mode? }
-  before_action :authenticate_user!, if: :whitelist_mode?
+  before_action :authenticate_user!, if: :limited_federation_mode?
  before_action :set_local
  before_action :set_tag
  before_action :set_statuses, if: -> { request.format == :rss }
  before_action :set_instance_presenter

-  skip_before_action :require_functional!, unless: :whitelist_mode?
+  skip_before_action :require_functional!, unless: :limited_federation_mode?

  def show
    respond_to do |format|
--- a/app/helpers/domain_control_helper.rb
+++ b/app/helpers/domain_control_helper.rb
@ -10,14 +10,14 @@ module DomainControlHelper
               uri_or_domain
             end

-    if whitelist_mode?
+    if limited_federation_mode?
      !DomainAllow.allowed?(domain)
    else
      DomainBlock.blocked?(domain)
    end
  end

-  def whitelist_mode?
-    Rails.configuration.x.whitelist_mode
+  def limited_federation_mode?
+    Rails.configuration.x.limited_federation_mode
  end
 end
--- a/app/javascript/mastodon/components/badge.jsx
+++ b/app/javascript/mastodon/components/badge.jsx
@ -0,0 +1,34 @@
+import PropTypes from 'prop-types';
+
+import { FormattedMessage } from 'react-intl';
+
+import { ReactComponent as GroupsIcon } from '@material-design-icons/svg/outlined/group.svg';
+import { ReactComponent as PersonIcon } from '@material-design-icons/svg/outlined/person.svg';
+import { ReactComponent as SmartToyIcon } from '@material-design-icons/svg/outlined/smart_toy.svg';
+
+
+export const Badge = ({ icon, label, domain }) => (
+  <div className='account-role'>
+    {icon}
+    {label}
+    {domain && <span className='account-role__domain'>{domain}</span>}
+  </div>
+);
+
+Badge.propTypes = {
+  icon: PropTypes.node,
+  label: PropTypes.node,
+  domain: PropTypes.node,
+};
+
+Badge.defaultProps = {
+  icon: <PersonIcon />,
+};
+
+export const GroupBadge = () => (
+  <Badge icon={<GroupsIcon />} label={<FormattedMessage id='account.badges.group' defaultMessage='Group' />} />
+);
+
+export const AutomatedBadge = () => (
+  <Badge icon={<SmartToyIcon />} label={<FormattedMessage id='account.badges.bot' defaultMessage='Automated' />} />
+);
--- a/app/javascript/mastodon/features/account/components/header.jsx
+++ b/app/javascript/mastodon/features/account/components/header.jsx
@ -10,6 +10,7 @@ import ImmutablePropTypes from 'react-immutable-proptypes';
 import ImmutablePureComponent from 'react-immutable-pure-component';

 import { Avatar } from 'mastodon/components/avatar';
+import { Badge, AutomatedBadge, GroupBadge } from 'mastodon/components/badge';
 import Button from 'mastodon/components/button';
 import { FollowersCounter, FollowingCounter, StatusesCounter } from 'mastodon/components/counters';
 import { Icon }  from 'mastodon/components/icon';
@ -376,28 +377,13 @@ class Header extends ImmutablePureComponent {
    const badges = [];

    if (account.get('bot')) {
-      badges.push(
-        <div key='bot-badge' className='account-role bot'>
-          <Icon id='cogs' /> { ' ' }
-          <FormattedMessage id='account.badges.bot' defaultMessage='Automated' />
-        </div>
-      );
+      badges.push(<AutomatedBadge key='bot-badge' />);
    } else if (account.get('group')) {
-      badges.push(
-        <div key='group-badge' className='account-role group'>
-          <Icon id='users' /> { ' ' }
-          <FormattedMessage id='account.badges.group' defaultMessage='Group' />
-        </div>
-      );
+      badges.push(<GroupBadge key='group-badge' />);
    }

    account.get('roles', []).forEach((role) => {
-      badges.push(
-        <div key={`role-badge-${role.get('id')}`} className={`account-role user-role-${account.getIn(['roles', 0, 'id'])}`}>
-          <Icon id='circle' /> { ' ' }
-          <span>{role.get('name')} ({domain})</span>
-        </div>
-      );
+      badges.push(<Badge key={`role-badge-${role.get('id')}`} label={<span>{role.get('name')}</span>} domain={domain} />);
    });

    return (
--- a/app/javascript/mastodon/features/interaction_modal/index.jsx
+++ b/app/javascript/mastodon/features/interaction_modal/index.jsx
@ -250,6 +250,9 @@ class LoginForm extends React.PureComponent {
            onFocus={this.handleFocus}
            onBlur={this.handleBlur}
            onKeyDown={this.handleKeyDown}
+            autocomplete='off'
+            autocapitalize='off'
+            spellcheck='false'
          />

          <Button onClick={this.handleSubmit} disabled={isSubmitting}><FormattedMessage id='interaction_modal.login.action' defaultMessage='Take me home' /></Button>
--- a/app/javascript/packs/sign_up.js
+++ b/app/javascript/packs/sign_up.js
@ -13,4 +13,30 @@ ready(() => {
      console.error(error);
    });
  }, 5000);
+
+  document.querySelectorAll('.timer-button').forEach(button => {
+    let counter = 30;
+
+    const container = document.createElement('span');
+
+    const updateCounter = () => {
+      container.innerText = ` (${counter})`;
+    };
+
+    updateCounter();
+
+    const countdown = setInterval(() => {
+      counter--;
+
+      if (counter === 0) {
+        button.disabled = false;
+        button.removeChild(container);
+        clearInterval(countdown);
+      } else {
+        updateCounter();
+      }
+    }, 1000);
+
+    button.appendChild(container);
+  });
 });
--- a/app/javascript/styles/mastodon/accounts.scss
+++ b/app/javascript/styles/mastodon/accounts.scss
@ -187,7 +187,6 @@
  }
 }

-.account-role,
 .information-badge,
 .simple_form .recommended,
 .simple_form .not_recommended,
@ -213,10 +212,30 @@
 }

 .account-role {
+  display: inline-flex;
+  padding: 4px;
+  padding-inline-end: 8px;
  border: 1px solid $highlight-text-color;
+  color: $highlight-text-color;
+  font-weight: 500;
+  font-size: 12px;
+  letter-spacing: 0.5px;
+  line-height: 16px;
+  gap: 4px;
+  border-radius: 6px;
+  align-items: center;

-  .fa {
-    color: var(--user-role-accent, $highlight-text-color);
+  svg {
+    width: auto;
+    height: 15px;
+    opacity: 0.85;
+    fill: currentColor;
+  }
+
+  &__domain {
+    font-weight: 400;
+    opacity: 0.75;
+    letter-spacing: 0;
  }
 }

--- a/app/javascript/styles/mastodon/basics.scss
+++ b/app/javascript/styles/mastodon/basics.scss
@ -164,7 +164,7 @@ body {
 a {
  &:focus {
    border-radius: 4px;
-    outline: $ui-button-icon-focus-outline;
+    outline: $ui-button-focus-outline;
  }

  &:focus:not(:focus-visible) {
--- a/app/javascript/styles/mastodon/components.scss
+++ b/app/javascript/styles/mastodon/components.scss
@ -3343,6 +3343,8 @@ $ui-header-height: 55px;
  text-decoration: none;
  overflow: hidden;
  white-space: nowrap;
+  border: 0;
+  border-left: 4px solid transparent;

  &:hover,
  &:focus,
@ -3354,6 +3356,11 @@ $ui-header-height: 55px;
    outline: 0;
  }

+  &:focus-visible {
+    border-color: $ui-button-focus-outline-color;
+    border-radius: 0;
+  }
+
  &--transparent {
    background: transparent;
    color: $ui-secondary-color;
@ -3693,7 +3700,9 @@ a.status-card {

 .status-card.expanded .status-card__title {
  white-space: normal;
+  display: -webkit-box;
  -webkit-line-clamp: 2;
+  -webkit-box-orient: vertical;
 }

 .status-card__content {
@ -3742,9 +3751,6 @@ a.status-card {
  aspect-ratio: 1;
  background: lighten($ui-base-color, 8%);
  position: relative;
-  border-radius: 8px;
-  border-start-end-radius: 0;
-  border-end-end-radius: 0;

  & > .fa {
    font-size: 21px;
@ -3757,9 +3763,6 @@ a.status-card {
 }

 .status-card__image-image {
-  border-radius: 8px;
-  border-start-end-radius: 0;
-  border-end-end-radius: 0;
  display: block;
  margin: 0;
  width: 100%;
@ -3771,9 +3774,6 @@ a.status-card {
 }

 .status-card__image-preview {
-  border-radius: 8px;
-  border-start-end-radius: 0;
-  border-end-end-radius: 0;
  display: block;
  margin: 0;
  width: 100%;
@ -3800,6 +3800,15 @@ a.status-card {
  aspect-ratio: auto;
 }

+.status-card__image,
+.status-card__image-image,
+.status-card__image-preview {
+  border-start-start-radius: 8px;
+  border-start-end-radius: 0;
+  border-end-end-radius: 0;
+  border-end-start-radius: 8px;
+}
+
 .status-card.expanded .status-card__image,
 .status-card.expanded .status-card__image-image,
 .status-card.expanded .status-card__image-preview {
@ -4017,7 +4026,7 @@ a.status-card {
  }

  &:focus-visible {
-    outline: $ui-button-icon-focus-outline;
+    outline: $ui-button-focus-outline;
  }

  &.active {
--- a/app/javascript/styles/mastodon/variables.scss
+++ b/app/javascript/styles/mastodon/variables.scss
@ -48,6 +48,8 @@ $ui-highlight-color: $classic-highlight-color !default;
 $ui-button-color: $white !default;
 $ui-button-background-color: $blurple-500 !default;
 $ui-button-focus-background-color: $blurple-600 !default;
+$ui-button-focus-outline-color: $blurple-400 !default;
+$ui-button-focus-outline: solid 2px $ui-button-focus-outline-color !default;

 $ui-button-secondary-color: $grey-100 !default;
 $ui-button-secondary-border-color: $grey-100 !default;
@ -62,7 +64,7 @@ $ui-button-tertiary-focus-color: $white !default;
 $ui-button-destructive-background-color: $red-500 !default;
 $ui-button-destructive-focus-background-color: $red-600 !default;

-$ui-button-icon-focus-outline: solid 2px $blurple-400 !default;
+$ui-button-icon-focus-outline: $ui-button-focus-outline !default;
 $ui-button-icon-hover-background-color: rgba(140, 141, 255, 40%) !default;

 // Variables for texts
--- a/app/lib/request.rb
+++ b/app/lib/request.rb
@ -76,8 +76,8 @@ class Request
    HTTP::URI.new(
      scheme: uri.normalized_scheme,
      authority: uri.normalized_authority,
-      path: Addressable::URI.normalize_path(uri.path),
-      query: uri.query
+      path: Addressable::URI.normalize_path(encode_non_ascii(uri.path)).presence || '/',
+      query: encode_non_ascii(uri.query)
    )
  end

@ -151,6 +151,12 @@ class Request
      %w(http https).include?(parsed_url.scheme) && parsed_url.host.present?
    end

+    NON_ASCII_PATTERN = /[^\x00-\x7F]+/
+
+    def encode_non_ascii(str)
+      str&.gsub(NON_ASCII_PATTERN) { |substr| CGI.escape(substr.encode(Encoding::UTF_8)) }
+    end
+
    def http_client
      HTTP.use(:auto_inflate).use(normalize_uri: { normalizer: URI_NORMALIZER }).follow(max_hops: 3)
    end
--- a/app/mailers/notification_mailer.rb
+++ b/app/mailers/notification_mailer.rb
@ -8,6 +8,7 @@ class NotificationMailer < ApplicationMailer
  before_action :process_params
  before_action :set_status, only: [:mention, :favourite, :reblog]
  before_action :set_account, only: [:follow, :favourite, :reblog, :follow_request]
+  after_action :set_list_headers!

  default to: -> { email_address_with_name(@user.email, @me.username) }

@ -61,6 +62,7 @@ class NotificationMailer < ApplicationMailer
    @me = params[:recipient]
    @user = @me.user
    @type = action_name
+    @unsubscribe_url = unsubscribe_url(token: @user.to_sgid(for: 'unsubscribe').to_s, type: @type)
  end

  def set_status
@ -71,6 +73,12 @@ class NotificationMailer < ApplicationMailer
    @account = @notification.from_account
  end

+  def set_list_headers!
+    headers['List-ID'] = "<#{@type}.#{@me.username}.#{Rails.configuration.x.local_domain}>"
+    headers['List-Unsubscribe'] = "<#{@unsubscribe_url}>"
+    headers['List-Unsubscribe-Post'] = 'List-Unsubscribe=One-Click'
+  end
+
  def thread_by_conversation(conversation)
    return if conversation.nil?

--- a/app/models/media_attachment.rb
+++ b/app/models/media_attachment.rb
@ -62,7 +62,7 @@ class MediaAttachment < ApplicationRecord
  ).freeze

  IMAGE_MIME_TYPES             = %w(image/jpeg image/png image/gif image/heic image/heif image/webp image/avif).freeze
-  IMAGE_CONVERTIBLE_MIME_TYPES = %w(image/heic image/heif).freeze
+  IMAGE_CONVERTIBLE_MIME_TYPES = %w(image/heic image/heif image/avif).freeze
  VIDEO_MIME_TYPES             = %w(video/webm video/mp4 video/quicktime video/ogg).freeze
  VIDEO_CONVERTIBLE_MIME_TYPES = %w(video/webm video/quicktime).freeze
  AUDIO_MIME_TYPES             = %w(audio/wave audio/wav audio/x-wav audio/x-pn-wave audio/vnd.wave audio/ogg audio/vorbis audio/mpeg audio/mp3 audio/webm audio/flac audio/aac audio/m4a audio/x-m4a audio/mp4 audio/3gpp video/x-ms-asf).freeze
--- a/app/serializers/initial_state_serializer.rb
+++ b/app/serializers/initial_state_serializer.rb
@ -22,7 +22,7 @@ class InitialStateSerializer < ActiveModel::Serializer
      repository: Mastodon::Version.repository,
      source_url: instance_presenter.source_url,
      version: instance_presenter.version,
-      limited_federation_mode: Rails.configuration.x.whitelist_mode,
+      limited_federation_mode: Rails.configuration.x.limited_federation_mode,
      mascot: instance_presenter.mascot&.file&.url,
      profile_directory: Setting.profile_directory,
      trends_enabled: Setting.trends,
--- a/app/services/concerns/payloadable.rb
+++ b/app/services/concerns/payloadable.rb
@ -23,6 +23,6 @@ module Payloadable
  end

  def signing_enabled?
-    ENV['AUTHORIZED_FETCH'] != 'true' && !Rails.configuration.x.whitelist_mode
+    ENV['AUTHORIZED_FETCH'] != 'true' && !Rails.configuration.x.limited_federation_mode
  end
 end
--- a/app/services/unallow_domain_service.rb
+++ b/app/services/unallow_domain_service.rb
@ -4,7 +4,7 @@ class UnallowDomainService < BaseService
  include DomainControlHelper

  def call(domain_allow)
-    suspend_accounts!(domain_allow.domain) if whitelist_mode?
+    suspend_accounts!(domain_allow.domain) if limited_federation_mode?

    domain_allow.destroy
  end
--- a/app/views/admin/instances/index.html.haml
+++ b/app/views/admin/instances/index.html.haml
@ -5,7 +5,7 @@
  = javascript_pack_tag 'admin', async: true, crossorigin: 'anonymous'

 - content_for :heading_actions do
-  - if whitelist_mode?
+  - if limited_federation_mode?
    = link_to t('admin.domain_allows.add_new'), new_admin_domain_allow_path, class: 'button', id: 'add-instance-button'
    = link_to t('admin.domain_allows.export'), export_admin_export_domain_allows_path(format: :csv), class: 'button'
    = link_to t('admin.domain_allows.import'), new_admin_export_domain_allow_path, class: 'button'
@ -20,7 +20,7 @@
    %ul
      %li= filter_link_to t('admin.instances.moderation.all'), limited: nil

-      - unless whitelist_mode?
+      - unless limited_federation_mode?
        %li= filter_link_to t('admin.instances.moderation.limited'), limited: '1'

  .filter-subset
@ -30,7 +30,7 @@
      %li= filter_link_to t('admin.instances.delivery.failing'), availability: 'failing'
      %li= filter_link_to t('admin.instances.delivery.unavailable'), availability: 'unavailable'

- unless whitelist_mode?
+- unless limited_federation_mode?
  = form_tag admin_instances_url, method: 'GET', class: 'simple_form' do
    .fields-group
      - InstanceFilter::KEYS.each do |key|
--- a/app/views/admin/instances/show.html.haml
+++ b/app/views/admin/instances/show.html.haml
@ -36,7 +36,7 @@

 %h3= t('admin.instances.content_policies.title')

- if whitelist_mode?
+- if limited_federation_mode?
  %p= t('admin.instances.content_policies.limited_federation_mode_description_html')

  - if @instance.domain_allow
--- a/app/views/auth/setup/show.html.haml
+++ b/app/views/auth/setup/show.html.haml
@ -19,6 +19,6 @@
    = f.input :email, required: true, hint: false, input_html: { 'aria-label': t('simple_form.labels.defaults.email'), autocomplete: 'off' }

  .actions
-    = f.submit t('auth.resend_confirmation'), class: 'button'
+    = f.button :button, t('auth.resend_confirmation'), type: :submit, class: 'button timer-button', disabled: true

 .form-footer= render 'auth/shared/links'
--- a/app/views/layouts/mailer.html.haml
+++ b/app/views/layouts/mailer.html.haml
@ -46,9 +46,9 @@
                                %p= t 'about.hosted_on', domain: site_hostname
                                %p
                                  = link_to t('application_mailer.notification_preferences'), settings_preferences_notifications_url
-                                  - if defined?(@type)
+                                  - if defined?(@unsubscribe_url)
                                    ·
-                                    = link_to t('application_mailer.unsubscribe'), unsubscribe_url(token: @user.to_sgid(for: 'unsubscribe').to_s, type: @type)
+                                    = link_to t('application_mailer.unsubscribe'), @unsubscribe_url
                              %td.column-cell.text-right
                                = link_to root_url do
                                  = image_tag full_pack_url('media/images/mailer/logo.png'), alt: 'Mastodon', height: 24