Federating uses POST requests, which don't work for redirects (unless
used with 307/308, but almost nobody uses these), so this was basically
broken anyway. The idea behind this was to follow http -> https
redirects, but as all pods nowadays have https already anyway, and
webfinger already enforces https, there is no need to follow redirects
anymore.
This is enabled by default since rails 5.2, but it doesn't make sense
for the /receive/ routes, because they are called without a session and
without a token.
This can be set to the URL on the new pod when photos were
migrated/imported, so other pods can adjust the `remote_photo_path` of
the photos of the old account.
A child elements should only appear once or it is part of a
nested array (photos, poll answers). So each element name only needs to
be parsed once, because the way `parse_array_from_node` works is, that
it already parses the full array with one call, so calling it multiple
times again parses the full array a second time.
closes#118
Using the real entities for the tests also uncovered some bugs where for
example empty strings are converted to nil and the validation wasn't
invalid in this case, but should be.
This is much easier and safer than "guessing" the class name based on
the validator name. That can cause a problem when another class with the
same name is found. The "guessing" was only added because we used
OpenStruct in the tests, but we shouldn't change the code only to make
tests run. I changed the tests to use the real entities, with
auto-validation disabled in the constructor, so we can test the
validator manually.
Sometimes messages contain characters that are invalid for XML, but they
are filteres out before creating the XML, otherwise the property would
be empty in the XML.
But for relayables the value is also used for creating the signatures,
so we need to filter the invalid characters earlier, before calculating
the signature.
This is needed so we can make sure to not overwrite newer data by older
one, for example when there are two edits close together and the newer
arrives faster.
The limit was added in 2012 to prevent spam, but since the participants
need to be a mutual contact with the author nowadays, I don't think it's
a spam problem anymore.
I also added a validation for the minimum count of the participants,
because a conversion without participants doesn't make much sense.
