From dcfc9b7885e7ed4f7886a35ccb3e007c293d3521 Mon Sep 17 00:00:00 2001 From: tobi Date: Wed, 9 Jul 2025 16:50:25 +0200 Subject: [feature] Use `hidesToPublicFromUnauthedWeb` and `hidesCcPublicFromUnauthedWeb` properties for web visibility of statuses (#4315) This pull request implements two new properties on ActivityPub actors: `hidesToPublicFromUnauthedWeb` and `hidesCcPublicFromUnauthedWeb`. As documented, these properties allow actors to signal their preference for whether or not their posts should be hidden from unauthenticated web views (ie., web pages like the GtS frontend, web apps like the Mastodon frontend, web APIs like the Mastodon public timeline API, etc). This allows remote accounts to *opt in* to having their unlisted visibility posts shown in (for example) the replies section of the web view of a GtS thread. In future, we can also use these properties to determine whether we should show boosts of a remote actor's post on a GtS profile, and that sort of thing. In keeping with our stance around privacy by default, GtS assumes `true` for `hidesCcPublicFromUnauthedWeb` if the property is not set on a remote actor, ie., hide unlisted/unlocked posts by default. `hidesToPublicFromUnauthedWeb` is assumed to be `false` if the property is not set on a remote actor, ie., show public posts by default. ~~WIP as I still want to work on the documentation for this a bit.~~ New props are already in the namespace document: https://gotosocial.org/ns Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4315 Reviewed-by: kim Co-authored-by: tobi Co-committed-by: tobi --- internal/processing/timeline/public_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'internal/processing/timeline/public_test.go') diff --git a/internal/processing/timeline/public_test.go b/internal/processing/timeline/public_test.go index 3320a45da..cf3ade7e5 100644 --- a/internal/processing/timeline/public_test.go +++ b/internal/processing/timeline/public_test.go @@ -67,7 +67,7 @@ func (suite *PublicTestSuite) TestPublicTimelineGetNotEmpty() { ctx = suite.T().Context() requester = suite.testAccounts["local_account_1"] // Select 1 *just above* a status we know should - // not be in the public timeline -- a public + // not be in the public timeline -- an unlisted // reply to one of admin's statuses. maxID = "01HE7XJ1CG84TBKH5V9XKBVGF6" sinceID = "" @@ -91,9 +91,9 @@ func (suite *PublicTestSuite) TestPublicTimelineGetNotEmpty() { // some other statuses were filtered out. suite.NoError(errWithCode) suite.Len(resp.Items, 1) - suite.Equal(`; rel="next", ; rel="prev"`, resp.LinkHeader) + suite.Equal(`; rel="next", ; rel="prev"`, resp.LinkHeader) suite.Equal(`http://localhost:8080/api/v1/timelines/public?limit=1&local=false&max_id=01F8MHCP5P2NWYQ416SBA0XSEV`, resp.NextLink) - suite.Equal(`http://localhost:8080/api/v1/timelines/public?limit=1&local=false&min_id=01HE7XJ1CG84TBKH5V9XKBVGF5`, resp.PrevLink) + suite.Equal(`http://localhost:8080/api/v1/timelines/public?limit=1&local=false&min_id=01FF25D5Q0DH7CHD57CTRS6WK0`, resp.PrevLink) } // A timeline containing a status hidden due to filtering should return other statuses with no error. -- cgit v1.2.3