Merge branch 'main' into since-latest-param

2025-07-20 10:04:08 +00:00 · 2025-05-22 20:57:52 -04:00 · 2025-05-22 20:57:52 -04:00 · f4aba12546
commit f4aba12546
parent 9241b0550c 521fe791b0
27 changed files with 2648 additions and 2298 deletions
--- a/server/server.go
+++ b/server/server.go
@ -413,7 +413,8 @@ func (s *Server) handleError(w http.ResponseWriter, r *http.Request, v *visitor,
 		} else {
 			ev.Info("WebSocket error: %s", err.Error())
 		}
-		return // Do not attempt to write to upgraded connection
+		w.WriteHeader(httpErr.HTTPCode)
+		return // Do not attempt to write any body to upgraded connection
 	}
 	if isNormalError {
 		ev.Debug("Connection closed with HTTP %d (ntfy error %d)", httpErr.HTTPCode, httpErr.Code)
@ -1016,7 +1017,7 @@ func (s *Server) parsePublishParams(r *http.Request, m *message) (cache bool, fi
 	if actionsStr != "" {
 		m.Actions, e = parseActions(actionsStr)
 		if e != nil {
-			return false, false, "", "", false, false, errHTTPBadRequestActionsInvalid.Wrap(e.Error())
+			return false, false, "", "", false, false, errHTTPBadRequestActionsInvalid.Wrap("%s", e.Error())
 		}
 	}
 	contentType, markdown := readParam(r, "content-type", "content_type"), readBoolParam(r, false, "x-markdown", "markdown", "md")
@ -1025,7 +1026,8 @@ func (s *Server) parsePublishParams(r *http.Request, m *message) (cache bool, fi
 	}
 	template = readBoolParam(r, false, "x-template", "template", "tpl")
 	unifiedpush = readBoolParam(r, false, "x-unifiedpush", "unifiedpush", "up") // see GET too!
-	if unifiedpush {
+	contentEncoding := readParam(r, "content-encoding")
+	if unifiedpush || contentEncoding == "aes128gcm" {
 		firebase = false
 		unifiedpush = true
 	}
@ -1887,14 +1889,14 @@ func (s *Server) transformMatrixJSON(next handleFunc) handleFunc {
 }

 func (s *Server) authorizeTopicWrite(next handleFunc) handleFunc {
-	return s.autorizeTopic(next, user.PermissionWrite)
+	return s.authorizeTopic(next, user.PermissionWrite)
 }

 func (s *Server) authorizeTopicRead(next handleFunc) handleFunc {
-	return s.autorizeTopic(next, user.PermissionRead)
+	return s.authorizeTopic(next, user.PermissionRead)
 }

-func (s *Server) autorizeTopic(next handleFunc, perm user.Permission) handleFunc {
+func (s *Server) authorizeTopic(next handleFunc, perm user.Permission) handleFunc {
 	return func(w http.ResponseWriter, r *http.Request, v *visitor) error {
 		if s.userManager == nil {
 			return next(w, r, v)
--- a/server/server_firebase.go
+++ b/server/server_firebase.go
@ -50,7 +50,7 @@ func (c *firebaseClient) Send(v *visitor, m *message) error {
 		ev.Field("firebase_message", util.MaybeMarshalJSON(fbm)).Trace("Firebase message")
 	}
 	err = c.sender.Send(fbm)
-	if err == errFirebaseQuotaExceeded {
+	if errors.Is(err, errFirebaseQuotaExceeded) {
 		logvm(v, m).
 			Tag(tagFirebase).
 			Err(err).
@ -133,7 +133,7 @@ func toFirebaseMessage(m *message, auther user.Auther) (*messaging.Message, erro
 			"time":    fmt.Sprintf("%d", m.Time),
 			"event":   m.Event,
 			"topic":   m.Topic,
-			"message": m.Message,
+			"message": newMessageBody,
 			"poll_id": m.PollID,
 		}
 		apnsConfig = createAPNSAlertConfig(m, data)
@ -173,15 +173,29 @@ func toFirebaseMessage(m *message, auther user.Auther) (*messaging.Message, erro
 			}
 			apnsConfig = createAPNSAlertConfig(m, data)
 		} else {
-			// If anonymous read for a topic is not allowed, we cannot send the message along
+			// If "anonymous read" for a topic is not allowed, we cannot send the message along
 			// via Firebase. Instead, we send a "poll_request" message, asking the client to poll.
+			//
+			// The data map needs to contain all the fields for it to function properly. If not all
+			// fields are set, the iOS app fails to decode the message.
+			//
+			// See https://github.com/binwiederhier/ntfy/pull/1345
 			data = map[string]string{
-				"id":    m.ID,
-				"time":  fmt.Sprintf("%d", m.Time),
-				"event": pollRequestEvent,
-				"topic": m.Topic,
+				"id":           m.ID,
+				"time":         fmt.Sprintf("%d", m.Time),
+				"event":        pollRequestEvent,
+				"topic":        m.Topic,
+				"priority":     fmt.Sprintf("%d", m.Priority),
+				"tags":         "",
+				"click":        "",
+				"icon":         "",
+				"title":        "",
+				"message":      newMessageBody,
+				"content_type": m.ContentType,
+				"encoding":     m.Encoding,
+				"poll_id":      m.ID,
 			}
-			// TODO Handle APNS?
+			apnsConfig = createAPNSAlertConfig(m, data)
 		}
 	}
 	var androidConfig *messaging.AndroidConfig
--- a/server/util.go
+++ b/server/util.go
@ -82,7 +82,7 @@ func extractIPAddress(r *http.Request, behindProxy bool) netip.Addr {
 		ip, err = netip.ParseAddr(remoteAddr)
 		if err != nil {
 			ip = netip.IPv4Unspecified()
-			if remoteAddr != "@" || !behindProxy { // RemoteAddr is @ when unix socket is used
+			if remoteAddr != "@" && !behindProxy { // RemoteAddr is @ when unix socket is used
 				logr(r).Err(err).Warn("unable to parse IP (%s), new visitor with unspecified IP (0.0.0.0) created", remoteAddr)
 			}
 		}