64108aa51d
There was no checking of attributedTo, actors and referent object IDs to make sure they exist in the same domain. Therefore, one could spoof messages from people by doing attributedTo: whoever-i-want-to-spoof |
||
---|---|---|
.. | ||
actions | ||
classes | ||
doc | ||
lib | ||
locale | ||
scripts | ||
ActivityPubPlugin.php | ||
CONTRIBUTING.md | ||
COPYING | ||
phpunit.xml | ||
README.md |
ActivityPub plugin for GNU social
(c) 2018-2019 Free Software Foundation, Inc
This is the README file for GNU social's ActivityPub plugin. It includes general information about the plugin.
About
This plugin adds ActivityPub support to GNU social.
Additional functionality
The RemoteFollow plugin is recommended as it increases the UX significatively, it adds a remote follow button to user profiles.
Credits
Special thanks
License
This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License along with this program, in the file "COPYING". If not, see http://www.gnu.org/licenses/.
IMPORTANT NOTE: The GNU Affero General Public License (AGPL) has
*different requirements* from the "regular" GPL. In particular, if
you make modifications to the plugin source code on your server,
you *MUST MAKE AVAILABLE* the modified version of the source code
to your users under the same license. This is a legal requirement
of using the software, and if you do not wish to share your
modifications, *YOU MAY NOT USE THIS PLUGIN*.