67 Commits (0dc372314d81a96be768cfa9e5c9448b0c415bab)

Author SHA1 Message Date
Eugen Rochko a4668d994b Add specific rate limits for posting and following (#13172)
5 years ago
Eugen Rochko 5c4b1db54a Change signature verification to ignore signatures with invalid host (#13033)
5 years ago
Eugen Rochko 413cb7e861 Fix base64-encoded file uploads not being possible (#12748)
5 years ago
Eugen Rochko a2d3728c36 Add account migration UI (#11846)
5 years ago
Eugen Rochko 1781358bd9 Add password challenge to 2FA settings, e-mail notifications (#11878)
5 years ago
Eugen Rochko dc20e1af71 Add HTTP signature keyId to request log (#11591)
5 years ago
Eugen Rochko 825dc3ca22 Add whitelist mode (#11291)
5 years ago
Eugen Rochko 79b9eee938 Add (back) rails-level JSON caching (#11333)
5 years ago
Eugen Rochko 2b4fa0d6fa Change locale detection to run once per session (#8657)
5 years ago
Eugen Rochko 39719ae981 Add ActivityPub secure mode (#11269)
5 years ago
Eugen Rochko d0b0b63b1a Refactor domain block checks (#11268)
5 years ago
Eugen Rochko 56f0203c66 Refactor controllers for statuses, accounts, and more (#11249)
5 years ago
ThibG 806c2f8102 Cleanup various controllers (#10972)
6 years ago
ThibG f5637b174f Move signature verification stoplight to the requests themselves (#10813)
6 years ago
ThibG c967088621 Mark the 410 gone response for suspended accounts as cachable (#10339)
6 years ago
Eugen Rochko 73fb7bfa0f Admission-based registrations mode (#10250)
6 years ago
ThibG e60999c3c5 Improvements to signature verification (#9667)
6 years ago
Eugen Rochko e5ebd4df78 Fix signature verification stoplight triggering on non-timeout errors (#9617)
6 years ago
ysksn af123ea5e8 Remove RemoteAccountControllerConcern never used (#9482)
6 years ago
Eugen Rochko d78aed7a37 Reduce connect timeout limit and limit signature failures by source IP (#9236)
6 years ago
Eugen Rochko 0a5b65533d Improve signature verification safeguards (#8959)
6 years ago
Eugen Rochko 65d1a2d10a Remove dead code (#8919)
6 years ago
Eugen Rochko 13df3889f0 Redesign public profiles and toots (#8068)
6 years ago
Marty McGuire 4aa3f667fc Typo in signature verification failure logging (#7916)
6 years ago
Eugen Rochko 71399bf1d5 HTTP signatures spec no longer requires algorithms field (#7525)
7 years ago
ThibG 6222c7def7 Update session activation time (fixes #5605) (#7408)
7 years ago
Yamagishi Kazutoshi 0939d9ede6 Fix spec for sr-Latn (#7203)
7 years ago
ThibG a91acd2010 Fix follow/unfollow buttons on public profile (fixes #7036) (#7040)
7 years ago
Eugen Rochko 77badbc85a If DEFAULT_LOCALE is set, enforce it instead of HTTP request locale (#6817)
7 years ago
Akihiko Odaki 008bc9f47d Set the default locale in config (#6580)
7 years ago
puckipedia 081ba8fc90 Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225)
7 years ago
Eugen Rochko f378280e49 Fix #6331 (#6341)
7 years ago
Akihiko Odaki b5162e2aff Rename ResolveRemoteAccountService to ResolveAccountService (#6327)
7 years ago
Eugen Rochko 92df0bba59 Fix regeneration marker not expiring (#6290)
7 years ago
Eugen Rochko 9427823d5c Add more instance stats APIs (#6125)
7 years ago
Eugen Rochko 31fe0d067b Apply a 25x rate limit by IP even to authenticated requests (#5948)
7 years ago
Eugen Rochko 87af0bf6cf Rate limit by user instead of IP when API user is authenticated (#5923)
7 years ago
Eugen Rochko efc97d404c Add logging of admin actions (#5757)
7 years ago
Eugen Rochko 97178b6d86 Add moderator role and add pundit policies for admin actions (#5635)
7 years ago
Eugen Rochko 7ccc1c5748 Fix UserTrackingConcern firing on every request, optimize some queries (#5368)
7 years ago
Akihiko Odaki 2e6db37776 Validate id of ActivityPub representations (#5114)
7 years ago
ThibG 707cd936e8 Fix HTTP responses for salmon and ActivityPub inbox processing (#5200)
7 years ago
Eugen Rochko c35e6234ab If HTTP signature is wrong and webfinger cache is stale, retry with resolve (#5129)
7 years ago
Eugen Rochko dccc1a74ad Support more variations of ActivityPub keyId in signature (#4630)
7 years ago
Eugen Rochko 34962d9f9d Add alternate links to ActivityPub resources from HTML/HEAD variants (#4586)
7 years ago
Eugen Rochko 1b6ced5887 Add Digest header to requests with body, handle acct and URI keyId (#4565)
7 years ago
Eugen Rochko c5fa4aba91 HTTP signatures (#4146)
7 years ago
Eugen Rochko 973d6ef93a Fix #2619 - When redis feed is empty, fall back to database (#3721)
8 years ago
Akihiko Odaki (@fn_aki@pawoo.net) a5729feb11 Improve default language decision and spec (#3351)
8 years ago
Matt Jankowski 9a43a1051a Coverage improvement and concern extraction for rate limit headers in API controller (#3625)
8 years ago