383 Commits (4afb0ba152fed05a269ecf079908c3b3a67dde41)

Author SHA1 Message Date
Takeshi Umeda 5646786c80 Add guard against DNS rebinding attacks (#16087)
4 years ago
Eugen Rochko 5d0cbe4892 Fix app name, website and redirect URIs not having a maximum length (#16042)
4 years ago
Eugen Rochko 1189a308c9 Fix autoloading deprecation warnings from Rails 6 (#16010)
4 years ago
Eugen Rochko 2e0cdf30d5 Change health check (#15988)
4 years ago
Claire b2a89bf38e Update Mastodon to Rails 6.1 (#15910)
4 years ago
Claire 3feb291d90 Prepare Mastodon for zeitwerk autoloader (#15917)
4 years ago
Claire 1634e71bd6 Prepare Mastodon for Rails 6 (#15911)
4 years ago
Eugen Rochko 9f16bd9c89 Fix configuration for sidekiq-unique-jobs after 7.x upgrade (#15908)
4 years ago
Claire a33f8f787a Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
4 years ago
Eugen Rochko 28399e88b5 Add `POST /api/v1/emails/confirmations` to REST API (#15816)
4 years ago
Shlee b6b7b6a1f5 Delete pagination.rb (#15754)
4 years ago
Claire e47570388a Drop dependency on secure_headers, fix response headers (#15712)
4 years ago
Cecylia Bocovich 6c300f08e5 Onion service related changes to HTTPS handling (#15560)
4 years ago
Shubhendra Singh Chauhan daea469385 Fixed code quality issues (#15541)
4 years ago
luigi c19fe86d66 Optimize some regex matching (#15528)
4 years ago
kaiyou 0d96b710cb Support clock drift in Omniauth SAML provider (#15511)
4 years ago
Eugen Rochko 3489758ff2 Fix unnecessary queries when batch-removing statuses, 100x faster (#15387)
4 years ago
Eugen Rochko 76b0f84cd5 Add stoplight for object storage failures, return HTTP 503 (#13043)
4 years ago
Eugen Rochko 471b8570ad Add cache buster feature for media files (#15155)
4 years ago
Eugen Rochko b788e7eb6f Fix cookies not having a SameSite attribute (#15098)
4 years ago
Josh Leeb-du Toit c94a083b9a Add support for Gemini urls (#15013)
4 years ago
Eugen Rochko da4c730c47 Add IP-based rules (#14963)
4 years ago
tateisu afa951f027 add S3_READ_TIMEOUT environment variable (#14952)
4 years ago
santiagorodriguez96 f142983484 Add WebAuthn as an alternative 2FA method (#14466)
4 years ago
Eugen Rochko ac4f9abce6 Change rate limits for various paths (#14253)
4 years ago
ThibG aa7142b9e2 Fix hashtag column options styling (#14247)
4 years ago
Eugen Rochko ca238c879d Change Redis#exists calls to Redis#exists? to avoid deprecation warning (#14191)
4 years ago
Eugen Rochko 36e5fd547b Fix remote files not using Content-Type header, streaming (#14184)
4 years ago
Eugen Rochko 42d2f45db1 Remove the terms blacklist and whitelist from UX (#14149)
4 years ago
mayaeh db856552ce Suppress Redis#exists(key) warning (#14067)
4 years ago
Eugen Rochko b864e78db8 Add E2EE API (#13820)
5 years ago
Takeshi Umeda e2694a18c7 Fix csv upload (#13835)
5 years ago
Takeshi Umeda 0febf853dd Fix workaround for Elasticsearch 7.x (#13828)
5 years ago
Eugen Rochko 3144f8dbbc Refactor monkey-patching of Goldfinger (#12561)
5 years ago
ThibG b7f47014a7 Fix "tootctl media remove-orphans" crashing on “Import” files (#13685)
5 years ago
ThibG b20d0db1eb Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)
5 years ago
ThibG fe7b81ac6b Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595)
5 years ago
mayaeh 4ec7b137de Fix naming issue (#13551)
5 years ago
Eugen Rochko adfb22a9dd Add separate cache directory for non-local uploads (#12821)
5 years ago
Eugen Rochko efd5db8f21 Fix search not working due to proxy settings when using hidden services (#13488)
5 years ago
Eugen Rochko 6932e0e2af Add ability to filter audit log in admin UI (#13381)
5 years ago
Eugen Rochko b1c596e8f3 Fix background jobs not using locks like they are supposed to (#13361)
5 years ago
Eugen Rochko 8fa78c0ec8 Fix re-sending of e-mail confirmation not being rate limited (#13360)
5 years ago
ThibG 246c4d4fbf Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
5 years ago
dependabot-preview[bot] 75ba543aa5 Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
5 years ago
Eugen Rochko a4668d994b Add specific rate limits for posting and following (#13172)
5 years ago
Eugen Rochko f95fd62bac Add announcements (#12662)
5 years ago
ThibG 25e7aa913c Add support for magnet: URIs (#12905)
5 years ago
ThibG b7927b397d Add support for linking XMPP URIs in toots (#12709)
5 years ago
Eugen Rochko 413cb7e861 Fix base64-encoded file uploads not being possible (#12748)
5 years ago
Eugen Rochko bf2b425057 Fix resource_owner_from_credentials in Doorkeeper initializer (#12743)
5 years ago
Eugen Rochko e8b07657c2 Fix uncaught query param encoding errors (#12741)
5 years ago
Eugen Rochko b3f365f605 Add `S3_OVERRIDE_PATH_STYLE` environment variable (#12594)
5 years ago
Eugen Rochko 0769ef8277 Add `tootctl media remove-orphans` (#12568)
5 years ago
tateisu f00f6bdd36 add S3_OPEN_TIMEOUT environment variable (#12459)
5 years ago
Mathieu Brunot 128a7ab7eb Add an LDAP Mail attribute config (#12053)
5 years ago
Mathieu Brunot 462788cb12 Convert LDAP username (#12461)
5 years ago
ntl-purism 58e52929be LDAP & PAM added to OAuth password grant strategy (#7999) (#12390)
5 years ago
ThibG 517c1cd062 Add bookmarks (#7107)
5 years ago
Eugen Rochko 9f94d4ceb3 Fix preloaded JSON-LD context for identity not being used (#12138)
5 years ago
Eugen Rochko 2e07a901c5 Fix attachment not being re-downloaded even if file is not stored (#12125)
5 years ago
Eugen Rochko d59562c0b2 Fix S3 adapter retrying failing uploads with exponential backoff (#12085)
5 years ago
Eugen Rochko f77337daaf Fix records not being indexed sometimes (#12024)
5 years ago
Eugen Rochko 51a72a802f Add a nodeinfo endpoint (#12002)
5 years ago
Yamagishi Kazutoshi 161b0a0958 Hide error message on /heath (#11947)
5 years ago
Yamagishi Kazutoshi 3592705de5 Cast multipart threshold to integer (#11944)
5 years ago
Eugen Rochko 3773115066 Fix authentication before 2FA challenge (#11943)
5 years ago
Yamagishi Kazutoshi 71ff422997 Add config of multipart threshold for S3 (#11924)
5 years ago
Eugen Rochko 8eb0d880cb Fix 2FA challenge and password challenge for non-database users (#11831)
5 years ago
Yamagishi Kazutoshi 025de313bc Change rate limit for media proxy (#11814)
5 years ago
Yamagishi Kazutoshi 7544167f3c Add healthcheck endpoint for web (#11770)
5 years ago
ThibG 8b271d6d25 Fix ActivityPub context not being dynamically computed (#11746)
5 years ago
ThibG 5a122f1450 Fix CSP needlessly allowing blob URLs in script-src (#11620)
5 years ago
Eugen Rochko b1f116335c Fix media host not being included in connect-src for OCR (#11577)
5 years ago
Eugen Rochko 41b188dce6 Add OCR tool to media editing modal (#11566)
5 years ago
Eugen Rochko 825dc3ca22 Add whitelist mode (#11291)
5 years ago
Eugen Rochko 3ce4cdd552 Remove unused StatsD code and expose StatsD as a global variable (#11232)
5 years ago
Eugen Rochko 433036ab8c Add moderation API (#9387)
5 years ago
Eugen Rochko 8bf8d6d9d9 Change preferences page into appearance, notifications, and other (#10977)
6 years ago
Hinaloe ae5f2716a5 Fix undefined method error (#10868)
6 years ago
mayaeh a08bfea202 Fix undefined method error. (#10867)
6 years ago
ThibG 875faa1da6 Improve rate limiting (#10860)
6 years ago
dependabot[bot] 592ab699fe Bump rack-attack from 5.4.2 to 6.0.0 (#10599)
6 years ago
Eugen Rochko 55449c0b41 Fix stoplight logging to stderr separate from Rails logger (#10624)
6 years ago
Eugen Rochko 1ed2c9c16e Add rate limit for media proxy requests (#10490)
6 years ago
Eugen Rochko 367ab6764f Remove unused ActivityPub `@context` values depending on response (#10378)
6 years ago
Eric a35568286c cas_options :validate_url should be :service_validate_url (#10328)
6 years ago
Eugen Rochko 9bf5658885 Add tight rate-limit for API deletions (#10042)
6 years ago
Eugen Rochko 5adc3f5676 Fix URL linkifier grabbing full-width spaces and quotations (#9997)
6 years ago
Eugen Rochko 14d49e814a Add timeouts for S3 (#9842)
6 years ago
Moritz Heiber f2cefd9d73 Disable Same-Site cookie implementation to fix SSO issues on WebKit browsers (#9819)
6 years ago
Nolan Lawson 4fa76b21b6 Enable immutable caching for S3 objects (#9722)
6 years ago
Eugen Rochko bbf9f4f93b Add REST API for creating an account (#9572)
6 years ago
Eugen Rochko ab443aaba8 Skip mailer job retries when a record no longer exists (#9590)
6 years ago
ThibG fe40452a36 Use same CORS policy for /@:username and /users/:username (#9485)
6 years ago
ThibG 4813053e97 Preload common JSON-LD contexts (#9412)
6 years ago
Ben Lubar e2b221d9f1 Allow cross-origin requests to /.well-known/* URLs. (#9083)
6 years ago
Eugen Rochko e3b2234382 Add unread indicator to conversations (#9009)
6 years ago
ThibG f8e9555e73 Add manifest_src to CSP, add blob to connect_src (#8967)
6 years ago
Eugen Rochko 0dbb3a8786 Fix CSP headers blocking media and development environment (#8962)
6 years ago