Merge remote-tracking branch 'parent/main' into upstream-20240913

2024-09-13 10:31:48 +09:00 · 2024-09-13 10:31:48 +09:00 · fc9d27ff91
commit fc9d27ff91
parent 3277819b62 202077517c
392 changed files with 3757 additions and 3233 deletions
--- a/app/controllers/concerns/web_app_controller_concern.rb
+++ b/app/controllers/concerns/web_app_controller_concern.rb
@ -8,6 +8,16 @@ module WebAppControllerConcern

    before_action :redirect_unauthenticated_to_permalinks!
    before_action :set_app_body_class
+
+    content_security_policy do |p|
+      policy = ContentSecurityPolicy.new
+
+      if policy.sso_host.present?
+        p.form_action policy.sso_host
+      else
+        p.form_action :none
+      end
+    end
  end

  def skip_csrf_meta_tags?
--- a/app/controllers/redirect/base_controller.rb
+++ b/app/controllers/redirect/base_controller.rb
@ -4,7 +4,6 @@ class Redirect::BaseController < ApplicationController
  vary_by 'Accept-Language'

  before_action :set_resource
-  before_action :set_app_body_class

  def show
    @redirect_path = ActivityPub::TagManager.instance.url_for(@resource)
@ -14,10 +13,6 @@ class Redirect::BaseController < ApplicationController

  private

-  def set_app_body_class
-    @body_classes = 'app-body'
-  end
-
  def set_resource
    raise NotImplementedError
  end
--- a/app/controllers/settings/verifications_controller.rb
+++ b/app/controllers/settings/verifications_controller.rb
@ -2,14 +2,30 @@

 class Settings::VerificationsController < Settings::BaseController
  before_action :set_account
+  before_action :set_verified_links

-  def show
-    @verified_links = @account.fields.select(&:verified?)
+  def show; end
+
+  def update
+    if UpdateAccountService.new.call(@account, account_params)
+      ActivityPub::UpdateDistributionWorker.perform_async(@account.id)
+      redirect_to settings_verification_path, notice: I18n.t('generic.changes_saved_msg')
+    else
+      render :show
+    end
  end

  private

+  def account_params
+    params.require(:account).permit(:attribution_domains_as_text)
+  end
+
  def set_account
    @account = current_account
  end
+
+  def set_verified_links
+    @verified_links = @account.fields.select(&:verified?)
+  end
 end
--- a/app/controllers/statuses_controller.rb
+++ b/app/controllers/statuses_controller.rb
@ -11,7 +11,6 @@ class StatusesController < ApplicationController
  before_action :require_account_signature!, only: [:show, :activity], if: -> { request.format == :json && authorized_fetch_mode? }
  before_action :set_status
  before_action :redirect_to_original, only: :show
-  before_action :set_body_classes, only: :embed

  after_action :set_link_headers

@ -51,10 +50,6 @@ class StatusesController < ApplicationController

  private

-  def set_body_classes
-    @body_classes = 'with-modals'
-  end
-
  def set_link_headers
    response.headers['Link'] = LinkHeader.new(
      [[ActivityPub::TagManager.instance.uri_for(@status), [%w(rel alternate), %w(type application/activity+json)]]]