gtsocial-umbx

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE

posts.md (11042B)

      1 # Posts
      2 
      3 ## Privacy Settings
      4 
      5 GoToSocial offers Mastodon-style privacy settings for posts. In order from most to least private, these are:
      6 
      7 * Direct
      8 * Mutuals-only
      9 * Private/Followers-only
     10 * Unlisted
     11 * Public
     12 
     13 Whatever privacy setting you choose for a post, GoToSocial will do the best it can to ensure that your posts don't appear to users on instances that you've blocked, or to users that you've blocked directly.
     14 
     15 Unlike with some other fediverse server implementations, GoToSocial uses a default post setting of `unlisted` rather than `public` for new accounts. Our philosophy here is that posting something public should always be a conscious decision rather than a default.
     16 
     17 Please note that while GoToSocial respects these privacy settings very strictly, other server implementations cannot necessarily be trusted to do so: there are bad actors on the fediverse. As with any social media, you should think carefully about what you post and to whom.
     18 
     19 ### Direct
     20 
     21 Posts with a visibility of `direct` will only appear to the post author, and to users who are mentioned in the post. Take the following post for example:
     22 
     23 ```text
     24 Hey @whoever@example.org, this is a private/direct post! Only we can see this!
     25 ```
     26 
     27 If this message was written by `@someone@server.com` then only `@whoever@example.org` and `@someone@server.com` would be able to see it.
     28 
     29 As the name implies, `direct` posts are best used when you want to communicate directly with one or more people.
     30 
     31 However, `direct` posts are **not** a suitable replacement for end-to-end encrypted messaging offered by things like [Signal](https://signal.org/) and [Matrix](https://matrix.org/). If you want to communicate directly, but you're not communicating sensitive information, then direct posts are fine. If you need to have a sensitive + secure conversation, use something else!
     32 
     33 Direct posts can be liked/faved, but they cannot be boosted.
     34 
     35 Direct posts are **not** accessible via a web URL on your GoToSocial instance.
     36 
     37 ### Mutuals-only
     38 
     39 Posts with a visibility of `mutuals_only` will only appear to the post author, and to *mutual follows* of the post author. In other words, they can only be seen by others if two conditions are met:
     40 
     41 1. The other account follows the post author.
     42 2. The post author follows the other account back.
     43 
     44 This is useful for when you want to post something that you only want friends to see.
     45 
     46 Mutuals-only posts can be liked/faved, but they cannot be boosted.
     47 
     48 Mutuals-only posts are **not** accessible via a web URL on your GoToSocial instance.
     49 
     50 ### Private/Followers-only
     51 
     52 Posts with a visibility of `private` will only be visible to the post author, and to people who follow the post author. This is similar to `mutuals_only`, but only the first condition needs to met; the post author doesn't need to follow the other account back.
     53 
     54 This is useful for when you want to make announcements to people who follow you, or share something slightly less private than `mutuals_only`.
     55 
     56 Private/followers-only posts can be liked/faved, but they cannot be boosted.
     57 
     58 Private/followers-only posts are **not** accessible via a web URL on your GoToSocial instance.
     59 
     60 ### Unlisted
     61 
     62 Posts with a visibility of `unlisted` (sometimes called `unlocked` posts) are semi-public. They will be sent to anyone who follows you, and they can be boosted into the timelines of people who don't follow you, but they won't appear on Federated or Local timelines, and they won't appear on your public profile.
     63 
     64 Unlisted posts are useful when you want to allow a post to spread, but you don't want it to be immediately visible to everyone. They are also useful when you want to make public-ish posts, but without clogging up Federated/Local timelines.
     65 
     66 Unlisted posts can be liked/faved, and they can be boosted.
     67 
     68 Unlike with Mastodon, unlisted posts are **not** accessible via a web URL on your GoToSocial instance!
     69 
     70 ### Public
     71 
     72 Posts with a visibility of `public` are *fully* public. That is, they can be seen via the web, and they will appear in Local and Federated timelines, and they are fully boostable. `public` is the ultimate 'let my post be seen everywhere' setting, for when you want something to be widely available and easy to distribute.
     73 
     74 Public posts can be liked/faved, and they can be boosted.
     75 
     76 **Public posts are accessible via a web URL on your GoToSocial instance!**
     77 
     78 ## Extra Flags
     79 
     80 GoToSocial offers four extra flags on posts, which can be used to tweak how your post can be interacted with by others. These are:
     81 
     82 * `federated`
     83 * `boostable`
     84 * `replyable`
     85 * `likeable`
     86 
     87 By default, all these flags are set to `true`.
     88 
     89 Please note that while GoToSocial strictly respects these settings, other fediverse server implementations might not be aware of them. A consequence of this is that users on non-GoToSocial servers might think they are replying/boosting/liking your post, and their instance might behave as though that behavior was allowed, but those interactions will be denied by your GoToSocial server and you won't see them.
     90 
     91 ### Federated
     92 
     93 When set to `false`, this post will not be federated out to other fediverse servers, and will be viewable only to accounts on your GoToSocial instance. This is sometimes called 'local-only' posting.
     94 
     95 ### Boostable
     96 
     97 When set to `false`, your post will not be boostable, even if it is unlisted or public. GoToSocial enforces this by refusing dereferencing requests from remote servers in the event that someone tries to boost the post.
     98 
     99 ### Replyable
    100 
    101 When set to `false`, replies to your post will not be accepted by your GoToSocial server, and will not appear in your timeline or create notifications. GoToSocial enforces this by giving an error message to attempted replies to the post from federated servers.
    102 
    103 ### Likeable
    104 
    105 When set to `false`, likes/faves of your post will not be accepted by your GoToSocial server, and will not create notifications. GoToSocial enforces this by giving an error message to attempted likes/faves on the post from federated servers.
    106 
    107 ## Input Types
    108 
    109 GoToSocial currently accepts two different types of input for posts (and user bio). The [user settings page](./settings.md) allows you to select between them. These are:
    110 
    111 * `plain`
    112 * `markdown`
    113 
    114 Plain is the default method of posting: GtS accepts some plain looking text, and converts it into some nice HTML by parsing links and mentions etc. If you're used to Mastodon or Twitter or most other social media platforms, this way of writing posts will be immediately familiar.
    115 
    116 Markdown is a more complex way of organizing text, which gives you more control over how your text is parsed and formatted.
    117 
    118 GoToSocial supports the [Basic Markdown Syntax](https://www.markdownguide.org/basic-syntax), and some of the [Extended Markdown Syntax](https://www.markdownguide.org/extended-syntax/) as well, including fenced code blocks, footnotes, strikethrough, subscript, superscript, and automated URL linking.
    119 
    120 You can also include snippets of basic HTML in your markdown!
    121 
    122 For more information on Markdown, see [The Markdown Guide](https://www.markdownguide.org/).
    123 
    124 For a quick reference on Markdown syntax, see the [Markdown Cheat Sheet](https://www.markdownguide.org/cheat-sheet).
    125 
    126 ## Formatting
    127 
    128 When a post is submitted in `plain` format, GoToSocial automatically does some tidying up and formatting of the post in order to convert it to HTML, as described below.
    129 
    130 ### Whitespace
    131 
    132 Any leading or trailing whitespaces and newlines are removed from the post. So for example:
    133 
    134 ```text
    135 
    136 
    137 this post starts with some newlines
    138 ```
    139 
    140 will become:
    141 
    142 ```text
    143 this post starts with some newlines
    144 ```
    145 
    146 ### Wrapping
    147 
    148 The whole post will be wrapped in `<p></p>`.
    149 
    150 So the following text:
    151 
    152 ```text
    153 Hi here's a little post!
    154 ```
    155 
    156 Will become:
    157 
    158 ```html
    159 <p>Hi here's a little post!</p>
    160 ```
    161 
    162 ### Linebreaks
    163 
    164 Any newlines will be replaced with `<br />`
    165 
    166 So to continue the above example:
    167 
    168 ```text
    169 Hi here's a little post!
    170 
    171 And here's another line.
    172 ```
    173 
    174 Will become:
    175 
    176 ```html
    177 <p>Hi here's a little post!<br /><br />And here's another line</p>
    178 ```
    179 
    180 ### Links
    181 
    182 Any recognizable links in the text will be shortened and turned into proper hyperlinks, and have some additional attributes added to them.
    183 
    184 For example:
    185 
    186 ```text
    187 Here's a link to something: https://example.org/some/link/address
    188 ```
    189 
    190 will become:
    191 
    192 ```html
    193 Here's a link to something: <a href="https://example.org/some/link/address" rel="nofollow" rel="noreferrer" rel="noopener">example.org/some/link/address</a>
    194 ```
    195 
    196 which will be rendered as:
    197 
    198 > Here's a link to something: [example.org/some/link/address](https://example.org/some/link/address)
    199 
    200 Note that this will only work for `http` and `https` links; other schemes are not supported.
    201 
    202 ### Mentions
    203 
    204 You can 'mention' another account by referring to the account in the following way:
    205 
    206 > @some_account@example.org
    207 
    208 In this example, `some_account` is the username of the account you want to mention, and `example.org` is the domain that hosts their account.
    209 
    210 The mentioned account will get a notification that you've mentioned them, and be able to see the post in which they were mentioned.
    211 
    212 Mentions are formatted in a similar way to links, so:
    213 
    214 ```text
    215 hi @some_account@example.org how's it going?
    216 ```
    217 
    218 will become:
    219 
    220 ```html
    221 hi <span class="h-card"><a href="https://example.org/@some_account" class="u-url mention">@<span>some_account</span></a></span> how's it going?
    222 ```
    223 
    224 which will be rendered as:
    225 
    226 > hi <span class="h-card"><a href="https://example.org/@some_account" class="u-url mention">@<span>some_account</span></a></span> how's it going?
    227 
    228 When mentioning local accounts (ie., accounts on your instance), the second part of the mention is not necessary. If there's an account with username `local_account_person` on your instance, you can mention them just by writing:
    229 
    230 ```text
    231 hey @local_account_person you're my neighbour
    232 ```
    233 
    234 This will become:
    235 
    236 ```html
    237 hey <span class="h-card"><a href="https://my.instance.org/@local_account_person" class="u-url mention">@<span>local_account_person</span></a></span> you're my neighbour
    238 ```
    239 
    240 which will be rendered as:
    241 
    242 > hey <span class="h-card"><a href="https://my.instance.org/@local_account_person" class="u-url mention">@<span>local_account_person</span></a></span> you're my neighbour
    243 
    244 ## Input Sanitization
    245 
    246 In order not to spread scripts, vulnerabilities, and glitchy HTML all over the place, GoToSocial performs the following types of input sanitization:
    247 
    248 `plain` input type:
    249 
    250 * Before parsing, any existing HTML is completely removed from the post body and content-warning fields.
    251 * After parsing, all generated HTML is run through a sanitizer to remove harmful elements.
    252 
    253 `markdown` input type:
    254 
    255 * Before parsing, any existing HTML is completely removed from the content-warning field.
    256 * Before parsing, any existing HTML in the post body is run through a sanitizer to remove harmful elements.
    257 * After parsing, all generated HTML is run through a sanitizer to remove harmful elements.
    258 
    259 GoToSocial uses [bluemonday](https://github.com/microcosm-cc/bluemonday) for HTML sanitization.