385 Commits (370cff9a5d858a3853a6ba377e7ff3fbb66a4c21)

Author SHA1 Message Date
ThibG f8e9555e73 Add manifest_src to CSP, add blob to connect_src (#8967)
6 years ago
Eugen Rochko 0dbb3a8786 Fix CSP headers blocking media and development environment (#8962)
6 years ago
ThibG 51c53e709f Set Content-Security-Policy rules through RoR's config (#8957)
6 years ago
Sascha b7a337f63c add ffmpeg initializer (#8855)
6 years ago
ashleyhull-versent 00d31a292c rubocop issues - Cleaning up (#8912)
6 years ago
aus-social c883b1ffc9 lint pass 2 (#8878)
6 years ago
aus-social a53bcb6213 Lint pass (#8876)
6 years ago
Yamagishi Kazutoshi 78558e5e1c Fix that Rails.cache information could not be sent via StatsD (#8831)
6 years ago
Eugen Rochko d3105031f8 Redesign forms, verify link ownership with rel="me" (#8703)
6 years ago
luzpaz 1bce70d3c7 Misc. typos (#8694)
6 years ago
Sorin Davidoi 0b1c90bf88 feat(cookies): Use the same-site attribute to lax (#8626)
6 years ago
M Somerville 4b27569841 Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. (#8423)
6 years ago
ThibG 97f2dc6761 Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote (#8339)
6 years ago
Immae cbaabe0215 Add ldap search filter (#8151)
6 years ago
Eugen Rochko 98184a889e Add post-deployment migration system (#8182)
6 years ago
abcang b46416fe47 Add secure option to additional cookie (#8069)
6 years ago
Eugen Rochko 34fdf77f48 Add more granular OAuth scopes (#7929)
6 years ago
MIYAGI Hikaru ac56fa3c22 Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into `ALLOW_ACCESS_TO_HIDDEN_SERVICE` (#7901)
6 years ago
Eugen Rochko f8bc071e03 Add dat, dweb, ipfs, ipns, ssb, gopher protocols to URL extractor (#7810)
7 years ago
Eugen Rochko 9ed3212e35 Remove rack-timeout (#7809)
7 years ago
Eugen Rochko b416ba6692 Disable AMS logging (#7623)
7 years ago
MIYAGI Hikaru 7dbf83d6b8 User agent for WebFinger (#7531)
7 years ago
Eugen Rochko e86a4fe36b Add REST API for Web Push Notifications subscriptions (#7445)
7 years ago
Hugo Gameiro 27cfb13b83 Improve OpenStack v3 compatibility (#7392)
7 years ago
Akihiko Odaki 854d974499 Add a missing question mark in rack_attack.rb (#7338)
7 years ago
Akihiko Odaki 5cddff0795 Throttle media post (#7337)
7 years ago
Eugen Rochko ca1c696dbd Slightly reduce RAM usage (#7301)
7 years ago
MIYAGI Hikaru 28808f638e HTTP proxy support for outgoing request, manage access to hidden service (#7134)
7 years ago
Yamagishi Kazutoshi 9761b940ac Upgrade Rails to version 5.2.0 (#5898)
7 years ago
Eugen Rochko dbf7f62cea Use RAILS_LOG_LEVEL to set log level of Sidekiq, too (#7079)
7 years ago
Eugen Rochko 8af5b4ed4b Log rate limit hits (#7096)
7 years ago
Eugen Rochko a814aa8e4d Add a circuit breaker for ActivityPub deliveries (#7053)
7 years ago
Yamagishi Kazutoshi 6daa722e87 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
7 years ago
Eugen Rochko 59b3b38b0e Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env (#6845)
7 years ago
Alexander af08f6042d rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) (#6833)
7 years ago
Eugen Rochko d35272245e Revert "Upgrade Paperclip to version 6.0.0" (#6807)
7 years ago
Yamagishi Kazutoshi cd6dee83a1 Upgrade Paperclip to version 6.0.0 (#6754)
7 years ago
Effy Elden 4a8046df66 Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available (#6669)
7 years ago
Alexander 988f6505e4 fix logic for pam_controlled_service (#6599)
7 years ago
Eugen Rochko 9721b7746a Fix #942: Seamless LDAP login (#6556)
7 years ago
Akihiko Odaki a5a434a8f6 Raise Mastodon::HostValidationError when host for HTTP request is private (#6410)
7 years ago
Ghislain Loaec d1806f5dc4 New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) (#6540)
7 years ago
Ghislain Loaec deea524052 New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 (#6538)
7 years ago
Eugen Rochko 2815ef6d7f Fix #6509: Use pull queue for chewy jobs (#6513)
7 years ago
Daniel King 845ea13622 Fix URLs incorrectly having trailing hyphen removed (#6465)
7 years ago
Eugen Rochko cd925c11e3 Fix Chewy trying to update index with the wrong strategy (#6464)
7 years ago
Eugen Rochko 7ca5a06505 Full-text search for authorized statuses (#6423)
7 years ago
Eugen Rochko 555e7205da Make PAM gem optional, allow configuration over environment (#6415)
7 years ago
Eugen Rochko 5322013f25 CAS + SAML authentication feature (#6425)
7 years ago
Alexander 23ce0c86da pam authentication (#5303)
7 years ago
Eugen Rochko 9613c3238c HTML e-mails for UserMailer (#6256)
7 years ago
Patrick Figel 2a27afc656 Suppress CSRF token warnings (#6240)
7 years ago
Eugen Rochko b7b0f630a0 Increase rate limit on protected paths (#6229)
7 years ago
Naoki Kosaka 3bc13de62f Fix enforce HTTPS in production. (#6180)
7 years ago
Patrick Figel 3c20cfd734 Add confirmation step for email changes (#6071)
7 years ago
nightpool e921778dd3 enforce LOCAL_HTTPS=true in production (#6061)
7 years ago
Yamagishi Kazutoshi 9dcead778c Change streaming API URL when remote development (#5942)
7 years ago
Eugen Rochko 31fe0d067b Apply a 25x rate limit by IP even to authenticated requests (#5948)
7 years ago
Naoki Kosaka 77660c4624 Missing require 'authorization_decorator'. (#5947)
7 years ago
Eugen Rochko 87af0bf6cf Rate limit by user instead of IP when API user is authenticated (#5923)
7 years ago
THE BOSS ♨ 33b40397f8 Fix typo in paperclip.rb (#5936)
7 years ago
Yamagishi Kazutoshi f76681ebd6 Revert fog-aws (ref #5604) (#5934)
7 years ago
Eugen Rochko b037fbf9f4 Remove rabl dependency (#5894)
7 years ago
Eugen Rochko a71791e3f1 Allow specifying STATSD_NAMESPACE (#5700)
7 years ago
MitarashiDango 7a5fb781ce Fix spell miss (SWIIFT_OBJECT_URL -> SWIFT_OBJECT_URL) (#5617)
7 years ago
Yamagishi Kazutoshi a624688ebd Unify file upload to using fog (#5604)
7 years ago
Jeong Arm a5582bf9f5 Remove timestamps on any option (#5282)
7 years ago
unarist 12bdbf38ba Fix migration failure due to StrongMigrations on production env (#5283)
7 years ago
Lynx Kotoura 4e822d41b9 adjust public profile pages 2 (#5223)
7 years ago
Nishi, Keisuke 8f344b7bb0 Fix Paperclip::Fog always responds Not Found in OpenStack-v2 like ConoHa (#5155)
7 years ago
Eugen Rochko 6033b8eac1 Replace self-rolled statsd instrumention with localshred/nsa (#5118)
7 years ago
Eugen Rochko 7031e350b3 When OAuth password verification fails, return 401 instead of redirect (#5111)
7 years ago
Eugen Rochko 10a2b3dd4c Follow-up to #4582 and #5027, removing dead code (#5101)
7 years ago
Eugen Rochko 65827bd2b4 Add strong_migrations gem to warn when creating unsafe migrations (#5078)
7 years ago
Eugen Rochko f8e734ff9a Disable private status federation over OStatus (#5027)
7 years ago
unarist 938a99c89d Re-allow underscore on valid_url_path_ending_chars (#4999)
7 years ago
ふぁぼ原 c71727ca55 Enable to recognize most kinds of characters as URL paths (#4941)
7 years ago
abcang 579a7c2654 Revert unique retry job (#4937)
7 years ago
Patrick Figel 759bbdd9ca Add OpenStack Keystone V3 support (#4889)
7 years ago
abcang 0080804f44 Enable UniqueRetryJobMiddleware even when called from sidekiq worker (#4836)
7 years ago
Adam Thurlow 57a821d4b9 swift-enable the paperclip! 📎 (#2322)
7 years ago
abcang 892aeb7ffe Do not execute the job with the same arguments as the retry job (#4814)
7 years ago
Eugen Rochko 068bdd4c24 Use updated ActivityStreams context (added: sharedInbox) (#4764)
7 years ago
Eugen Rochko 5147147da9 Add handling of Linked Data Signatures in payloads (#4687)
7 years ago
Eugen Rochko cab7fa158a Add configuration to disable private status federation over PuSH (#4582)
7 years ago
Colin Mitchell 63b98318c5 Application prefs section (#2758)
7 years ago
Eugen Rochko 1c7cbbcb8c Set correct content-type for ActivityPub JSON (#4592)
7 years ago
Eugen Rochko 506508f30c Extend Devise remember_me longevity to 1 year instead of 2 weeks (#4587)
7 years ago
Eugen Rochko f18739fd60 Add ActivityPub inbox (#4216)
7 years ago
unarist 527eacf403 Add Content-Type header on throttled response to fix mojibake (#4558)
7 years ago
Eugen Rochko fd69694749 Add "signed in as" header to some pages (#4523)
7 years ago
Eugen Rochko f3e8fca1a7 Fix sessions being replaced needlessly (#4292)
7 years ago
Eugen Rochko 3852032953 Correct OStatus inflection (Ostatus -> OStatus) (#4255)
7 years ago
Eugen Rochko c99f41dc3c Improve ActivityPub representations (#3844)
7 years ago
Yamagishi Kazutoshi 7be29a500d Add Rake task for generate VAPID key (#4195)
7 years ago
Sorin Davidoi ecab38fd66 Web Push Notifications (#3243)
7 years ago
Eugen Rochko 8abeec1f4f Improve UI of admin site settings (#4163)
7 years ago
Eugen Rochko 0217e15dd3 Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091)
7 years ago
Yamagishi Kazutoshi 46a69513d4 Add recursive object support to API response (#4095)
7 years ago
Eugen Rochko c465c5b3a8 Add overview of active sessions (#3929)
7 years ago
Sorin Davidoi 1280559503 Revocable sessions (#3616)
7 years ago
Eugen Rochko 8bed91d94c Rename FollowRemoteAccountService to ResolveRemoteAccountService (#3847)
8 years ago
Matt Jankowski eea027c5c2 Update Rails to version 5.1.1 (#3121)
8 years ago
Immae ae917bfb23 Allow alternate domains for mastodon handlers (#3187)
8 years ago
Clworld 2214d1ecd7 Set config.cache_store in environments file. (#3219)
8 years ago
Eugen Rochko d9797075e2 Adjust REDIS_URL usage in node_redis (#3183)
8 years ago
Eugen Rochko 9ade22cd04 Improve language filter preferences look (#3184)
8 years ago
beatrix f88ff75a8d namespace redis usage (#2869)
8 years ago
alpaca-tc 3ceb700ea2 Fixes unknown mime type (#2822)
8 years ago
Akihiko Odaki 8546649425 Use ws protocol in streaming API base URL (#2606)
8 years ago
alpaca-tc 62738bf1a9 Localize 'throttled' (#2755)
8 years ago
Eugen Rochko 0951a2f9f3 Clean up redis configuration. Allow using REDIS_URL to set advanced (#2732)
8 years ago
Eugen Rochko ef2af79a48 Replace sprockets/browserify with Webpack (#2617)
8 years ago
Tristan Mahé 19881e24fe allow localhost to bypass the ratelimit (#2554)
8 years ago
yhirano f7883d0f32 Change permission from 0755 to 0644 (#2536)
8 years ago
Eugen Rochko 4a7dc4fadc OEmbed support for PreviewCard (#2337)
8 years ago
ばん 824d37671c fix can toot whitespace (#2218)
8 years ago
Ash Furrow 9b1a881d40 Removes timestamp from URLs. (#2185)
8 years ago
tmyt 2e1e061f24 Make configuarable s3_permissions for paperclip (#2139)
8 years ago
Yamagishi Kazutoshi a3358f438f Change to switch signature version for Amazon S3 (#2124)
8 years ago
Eugen 21816d08ec Fix #1642, fix #1912 - Dictate content-type file extension (#2078)
8 years ago
Eugen e47b32072f Add rate limits for logins and sign-ups by IP (5 in 5 minutes) (#2079)
8 years ago
Joachim Viide c923b8bb63 Leave out the "Expires" header from S3 uploads (#1886)
8 years ago
Naouak 85ff7666f3 Check for a custom css file to help customization of instances (#1368)
8 years ago
Patrick Figel 15b393201e Add recovery code support for two-factor auth (#1773)
8 years ago
Les Orchard 492e8ec00e Add REDIS_DB env variable to configure Redis database (#1366)
8 years ago
ThibG c45c67c2ac Allow running mastodon on a different domain as the one used for identifying users (#1267)
8 years ago
Valentin Lorentz 5da8581563 Custom Paperclip path. (#778)
8 years ago
Yusuke Abe f3ae46a512 Add filename extension to paperclip (#1718)
8 years ago
Matt Jankowski d1ebb63c54 Quick best practice cleanup of views/helpers (#1546)
8 years ago
Yann GUERN dc7ea0225a Avoid user enumeration with devise paranoid mode (#1527)
8 years ago
Matt Jankowski fcec9fcd99 Pagination improvements (#1445)
8 years ago
Matt Jankowski b4950a59bb Version bumps for ruby and misc gems (#1159)
8 years ago
Eugen Rochko 06e3d9bdd8 Make sure Rabl is using Oj
8 years ago
Pete Keen f28fcf9080 [#817] Add email whitelist
8 years ago
Eugen Rochko 00e99e58db Add proper error page for request timeouts
8 years ago
leopku 11f8faa6ba 🔧 S3 protocol from ENV
8 years ago
Eugen Rochko a19062b726 Federate header images, fix open-uri http->https redirection error
8 years ago
Eugen Rochko 453d65e6da Obfuscate filenames better, double rate limits
8 years ago
Eugen Rochko 250beb1971 Revert earlier fix due to new bug reports
8 years ago
Eugen Rochko 65b49d95b7 Make the paperclip filename interpolator smarter about the :original style
8 years ago
Eugen Rochko 03ce24d3bf Update service timeout setting from 15s to 90s
8 years ago
Eugen 7037774d6e Merge pull request #603 from evanminto/activitypub-account
8 years ago
Evan Minto db7affbf5b Reuse existing controller and route
8 years ago
Eugen Rochko 9bd2b6be86 Make the streaming API also handle websockets (because trying to get the browser EventSource interface to
8 years ago
Eugen Rochko 557de8e24c Update settings to re-use admin layout, one big navigation tree, improve settings forms
8 years ago
Eugen Rochko 0bf8c1b5d8 Do not automatically login after password reset, as it would circumvent two-factor auth (if enabled)
8 years ago
Eugen Rochko 9b8670c939 Added optional two-factor authentication
8 years ago
Eugen Rochko 8008b60324 Fix key names in statsd
8 years ago
Eugen Rochko fd23876e75 Improve StatsD instrumentation
8 years ago
Eugen Rochko 4bd0286045 Fix up timeout, improve contrast on "show more", add responsive style
8 years ago
Eugen f80c55b591 Fix error
8 years ago
Eugen Rochko e161d2acdc Override Rack::Request to use the same trusted proxy settings as Rails
8 years ago
Eugen Rochko f748a91ec7 Fix #463 - Fetch and display previews of URLs using OpenGraph tags
8 years ago
Eugen Rochko 86264a950c Add optional StatsD performance tracking
8 years ago
Effy Elden a898072d76 Add Heroku deployment support
8 years ago
Effy Elden db40fd4641 Change default S3 ACL string used by Paperclip from 'public' (which is invalid) to 'public-read'
8 years ago
Eugen Rochko f29df16eea Fix Paperclip timeout setting. Fix bug introduced in #437
8 years ago
Eugen Rochko 438446b397 Add read timeout to paperclip when it's downloading remote images
8 years ago
Eugen Rochko 238233440f Follow call on locked account creates follow request instead
8 years ago
Eugen Rochko 7855a9b58b Don't use rack timeout in any but production environments
8 years ago
Eugen Rochko 9d4f96f440 Removing external hub completely, fix #333 fixing digit-only hashtags,
8 years ago
Eugen Rochko 4a167885b2 Fix paperclip config
8 years ago
Eugen Rochko 311f2354cf Update Paperclip config to allow plugging in Minio instead of AWS
8 years ago
Eugen Rochko 5522606989 Add single user mode
8 years ago
Eugen Rochko e5e702a976 Adding configurable e-mail blacklist
8 years ago
Eugen Rochko f6b99b05d3 Do not use expiring links after all
8 years ago
Eugen Rochko 595f592304 Do not autoplay videos, display play button instead. Use expiring links when using S3. Do not keep originals
8 years ago
Eugen Rochko e20d57a9e6 Fix cloudfront config
8 years ago
Eugen Rochko b245dc1575 Add Cloudfront support
8 years ago
Eugen Rochko 67db2cd871 Upgrade Paperclip to 5, AWS-SDK to 2, do not generate medium/small versions of avatars
8 years ago
Eugen Rochko 3c1c2b0e06 Adding rack timeout of 30sec, PuSH jobs moved to push queue so they
8 years ago
Eugen Rochko 56b9edd476 Don't rate-limit PuSH endpoints
8 years ago
Eugen Rochko 79075e1303 Fix URLs in inline-rendered XML
8 years ago
Eugen 4d3cd93221 Fix URLs in ApplicationController.renderer
8 years ago
Eugen Rochko de5764c372 Fix reset date format when rate limited
8 years ago
Eugen Rochko 30f9e9e624 Remove Neo4J
8 years ago
Eugen Rochko 8ab2fcbb2c Mini Profiler not working well, remove it
8 years ago
Eugen Rochko 30010a6dbd Moving some counter queries out of subqueries in the API
8 years ago
Eugen Rochko 0e0b4f9e59 i18n for devise mailer too
8 years ago
Eugen Rochko 1b61e404b4 Localizations for most server-side strings
8 years ago
Eugen Rochko e71b152d89 Fix rubocop issues, introduce usage of frozen literal to improve performance
8 years ago
Eugen Rochko 46191e7071 Adding Emoji One
8 years ago
Eugen Rochko 9da30e31c8 Fix region setting for AWS gem
8 years ago
Eugen Rochko 8f0869876b Improved configuration from ENV, cleaned up timeline filter methods
8 years ago
Eugen Rochko 89e887b44a Fix insecure S3 URLs
8 years ago
Eugen Rochko 54b9a42b3a Fix URL configuration when S3 is enabled
8 years ago
Eugen Rochko ec43fb73ed Improve S3 config
8 years ago
Eugen Rochko eb6ad973d1 Adding optional S3, fail-mastodon
8 years ago
Eugen Rochko e7035a4d39 Make cookies https-only if LOCAL_HTTPS is true, set X-Frame-Options to DENY,
8 years ago
Eugen Rochko ff0eca7337 Restrict access to oauth/applications to admins only
8 years ago
Eugen Rochko 6657414266 Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting
8 years ago
Eugen Rochko be98addccc Improving all forms
8 years ago
Eugen Rochko 02613aef3b Adding application/jrd+json webfinger resource
8 years ago
Eugen Rochko 5860094354 Adding sync of follow relationships to Neo4J, accounts/suggestions API
8 years ago
Eugen Rochko 10395fd275 Fix #72 - add follow/unfollow button to public profiles
8 years ago
Eugen Rochko f06f295890 Fix doorkeeper skip_authorization
8 years ago
Eugen Rochko 4909bbf415 Add logging for outgoing http requests
8 years ago
Eugen Rochko 492224b93f Allow non-https redirect URIs for OAuth apps (AndStatus seems to require this)
8 years ago
Eugen Rochko 7e14eefc81 Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app
8 years ago