134 Commits (1f141f656dc3fd2b3af5d6edde331bac31bb6526)

Author SHA1 Message Date
Claire 5027abecd1
Fix cache_collection crashing when given an empty collection (#15921)
4 years ago
Claire 75189af528
Fix crash on receiving requests with missing Digest header (#15782)
4 years ago
ThibG 54d4e5252b
Use Rails' index_by where it makes sense (#15542)
4 years ago
luigi 087ed84367
Optimize map { ... }.compact calls (#15513)
4 years ago
ThibG 49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
4 years ago
Eugen Rochko 8532429af7
Fix 2FA/sign-in token sessions being valid after password change (#14802)
4 years ago
Eugen Rochko 3134691948
Add support for reversible suspensions through ActivityPub (#14989)
4 years ago
ThibG fa929d8b81
Tweak signature verification (#15069)
4 years ago
Eugen Rochko 4e4b3a0c8e
Refactor settings controllers (#14767)
4 years ago
dependabot[bot] 8972e5f7f6
Bump rubocop from 0.86.0 to 0.88.0 (#14412)
4 years ago
Akihiko Odaki ae871c4d46
Make Array-creation behavior of Paginable more predictable (#14687)
4 years ago
Akihiko Odaki 64ef37b89d
Introduce ApplicationController#cache_collection_paginated_by_id (#14677)
4 years ago
ThibG b241f20bd2
Add support for latest HTTP Signatures spec draft (#14556)
4 years ago
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
4 years ago
fuyu a279acc730
Fix not working I18n on 2FA and Sign in token page (#14087)
4 years ago
Eugen Rochko 72a7cfaa39
Add e-mail-based sign in challenge for users with disabled 2FA (#14013)
5 years ago
ThibG 4bcef12bad
Fix sr locale being selected over sr-Latn (#13693)
5 years ago
Eugen Rochko 339ce1c4e9
Add specific rate limits for posting and following (#13172)
5 years ago
Eugen Rochko 5265df0a8a
Change signature verification to ignore signatures with invalid host (#13033)
5 years ago
Eugen Rochko 49b2f7c0a2
Fix base64-encoded file uploads not being possible (#12748)
5 years ago
Eugen Rochko 3ed94dcc1a
Add account migration UI (#11846)
5 years ago
Eugen Rochko e1066cd431
Add password challenge to 2FA settings, e-mail notifications (#11878)
5 years ago
Eugen Rochko 1bc077dc74
Add HTTP signature keyId to request log (#11591)
5 years ago
Eugen Rochko 24552b5160
Add whitelist mode (#11291)
5 years ago
Eugen Rochko c669bb42ba
Add (back) rails-level JSON caching (#11333)
5 years ago
Eugen Rochko bd1545de5e
Change locale detection to run once per session (#8657)
5 years ago
Eugen Rochko 5bf67ca913
Add ActivityPub secure mode (#11269)
5 years ago
Eugen Rochko 4e92183227
Refactor domain block checks (#11268)
5 years ago
Eugen Rochko 63c7fe8e48
Refactor controllers for statuses, accounts, and more (#11249)
5 years ago
ThibG cac9110533 Cleanup various controllers (#10972)
6 years ago
ThibG 89d600bedb Move signature verification stoplight to the requests themselves (#10813)
6 years ago
ThibG 2361917944 Mark the 410 gone response for suspended accounts as cachable (#10339)
6 years ago
Eugen Rochko 51e154f5e8
Admission-based registrations mode (#10250)
6 years ago
ThibG 28b482874a Improvements to signature verification (#9667)
6 years ago
Eugen Rochko 17cd91c777
Fix signature verification stoplight triggering on non-timeout errors (#9617)
6 years ago
ysksn 189a6b17fb Remove RemoteAccountControllerConcern never used (#9482)
6 years ago
Eugen Rochko 4615512285
Reduce connect timeout limit and limit signature failures by source IP (#9236)
6 years ago
Eugen Rochko 21ad21cb50
Improve signature verification safeguards (#8959)
6 years ago
Eugen Rochko a00ce8c92c
Remove dead code (#8919)
6 years ago
Eugen Rochko bb71538bb5
Redesign public profiles and toots (#8068)
6 years ago
Marty McGuire 8fea9cc311 Typo in signature verification failure logging (#7916)
6 years ago
Eugen Rochko dfb6907e08
HTTP signatures spec no longer requires algorithms field (#7525)
7 years ago
ThibG 352bae8c3e Update session activation time (fixes #5605) (#7408)
7 years ago
Yamagishi Kazutoshi 87e3f0a41d Fix spec for sr-Latn (#7203)
7 years ago
ThibG 1364e9e4ae Fix follow/unfollow buttons on public profile (fixes #7036) (#7040)
7 years ago
Eugen Rochko 39f27b6cf3
If DEFAULT_LOCALE is set, enforce it instead of HTTP request locale (#6817)
7 years ago
Akihiko Odaki 51d760960c Set the default locale in config (#6580)
7 years ago
puckipedia 8e4cf6282b Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225)
7 years ago
Eugen Rochko 1cc44cba81
Fix #6331 (#6341)
7 years ago
Akihiko Odaki 613e7c7521 Rename ResolveRemoteAccountService to ResolveAccountService (#6327)
7 years ago
Eugen Rochko 9b3b40df66
Fix regeneration marker not expiring (#6290)
7 years ago
Eugen Rochko 38fc1b498d
Add more instance stats APIs (#6125)
7 years ago
Eugen Rochko feed07227b
Apply a 25x rate limit by IP even to authenticated requests (#5948)
7 years ago
Eugen Rochko a865b62efc
Rate limit by user instead of IP when API user is authenticated (#5923)
7 years ago
Eugen Rochko e84fecb7e9
Add logging of admin actions (#5757)
7 years ago
Eugen Rochko 7bb8b0b2fc
Add moderator role and add pundit policies for admin actions (#5635)
7 years ago
Eugen Rochko b8db386e05 Fix UserTrackingConcern firing on every request, optimize some queries (#5368)
7 years ago
Akihiko Odaki 63f0979799 Validate id of ActivityPub representations (#5114)
7 years ago
ThibG dfaa219f88 Fix HTTP responses for salmon and ActivityPub inbox processing (#5200)
7 years ago
Eugen Rochko 76f360c625 If HTTP signature is wrong and webfinger cache is stale, retry with resolve (#5129)
7 years ago
Eugen Rochko 72bb3e03fd Support more variations of ActivityPub keyId in signature (#4630)
7 years ago
Eugen Rochko a2aeacbfee Add alternate links to ActivityPub resources from HTML/HEAD variants (#4586)
7 years ago
Eugen Rochko fdea173237 Add Digest header to requests with body, handle acct and URI keyId (#4565)
7 years ago
Eugen Rochko 1618b68bfa HTTP signatures (#4146)
7 years ago
Eugen Rochko dc8a6244fc Fix #2619 - When redis feed is empty, fall back to database (#3721)
8 years ago
Akihiko Odaki (@fn_aki@pawoo.net) 4919b89ab8 Improve default language decision and spec (#3351)
8 years ago
Matt Jankowski f0634ba876 Coverage improvement and concern extraction for rate limit headers in API controller (#3625)
8 years ago
Matt Jankowski 0ebe7d6d23 Remove exports/base controller in favor of shared concern (#3444)
8 years ago
Jack Jennings 3a2003ba86 Extract authorization policy for viewing statuses (#3150)
8 years ago
Akihiko Odaki 922fb74197 Remove methods from ObfuscateFilename and spec (#3347)
8 years ago
HANATANI Takuma 388e70b881 Remove unnecessary keep file. (#2902)
8 years ago
yhirano 3988f2dade Fix Rubocop offences (#2630)
8 years ago
Matt Jankowski fdcf884cf7 Extract user tracking into concern (#2600)
8 years ago
alpaca-tc 9317ec8eb1 Localize with i18n for Devise::FailureApp (#2309)
8 years ago
Matt Jankowski 8bac0350d1 Restful refactor of accounts/ routes (#2133)
8 years ago
Matt Jankowski f5cd138323 Improve i18n chooser (#1804)
8 years ago
Matt Jankowski c44a700252 Quick best practice cleanup of views/helpers (#1546)
8 years ago
David Authier f0bd439486 Use HTTP Accept-Language to detect locale (#1166)
8 years ago
Eugen Rochko 4b621188ad Fix #1165 - before_action was called before protect_from_forgery
8 years ago
Eugen Rochko e3a3422a65 Allow setting of default language through config
8 years ago
Eugen Rochko 02349b3269 Obfuscate filenames better, double rate limits
8 years ago
Eugen Rochko 149887a0ff Make follow requests federate
8 years ago
Eugen Rochko 14bd46946d Per-status control for unlisted mode, also federation for unlisted mode
8 years ago
Eugen Rochko 9c4856bdb1 Initial commit
9 years ago