GitLab

site_name allow to spoof the origin of the domain and so hacks like:

<!-- served on https://hacktivis.me/tmp/joinmastodon.org.html -->
<meta property="og:image" content="https://hacktivis.me/datalove/img/meme/pleroma/mastodon%2C%20forbidden%20amuse%20yourself.jpeg" />
<meta property="og:title" content="Mastodon: Forbidden Amuse Yourself" />
<meta property="og:site_name" content="joinmastodon.org" />
<meta http-equiv="refresh" content="0; url=http://joinmastodon.org/">

transparency is disabled

Closes #1568

The setting is now simply "attachment_links" and the boolean value does
what you expect. A double negative is never possible and describing the
functionality is no longer a philospher's worst nightmare.

This reverts merge request !2194

I've noticed that sometimes when switching from develop to stable and back,
develop fails to compile and rm -r ing the _build and deps dirs doesn't
help at all.

This is due to Admin API controller needing to generate JSON description
of the config at compile time.  Evaluating `config/description.exs`
calls `Generator.list_modules_in_dir/2`, which in turn predicts the
module names of files in the directory and tries to convert the
predicted name to *existing* atoms. Sometimes the compiler will
call that function before compiling the modules in the said directory,
so the conversion will of course fail.

This fixes it by removing the requirement of the atoms being existent.
The function is not subjected to any untrusted user input so this should
be safe. An ideal fix would be to block the compilation of docs before
all modules are compiled and then get a list of compiled elixir modules
under the namespace we want instead of directory hacks, but I have not
been able to figure out how to do that.

Closes pleroma#1548

Closes #1109

Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the
client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway.

Closes: pleroma/pleroma#1061