382 Commits (64bea717145521d9bc913ba90966b36595b6082b)

Author SHA1 Message Date
Sascha b2a57a5d6f add ffmpeg initializer (#8855)
6 years ago
ashleyhull-versent f194857ac9 rubocop issues - Cleaning up (#8912)
6 years ago
aus-social 0a4739c732 lint pass 2 (#8878)
6 years ago
aus-social 1f98eae1cf Lint pass (#8876)
6 years ago
Yamagishi Kazutoshi 65f04e6046 Fix that Rails.cache information could not be sent via StatsD (#8831)
6 years ago
Eugen Rochko f4d549d300
Redesign forms, verify link ownership with rel="me" (#8703)
6 years ago
luzpaz 40dd19be37 Misc. typos (#8694)
6 years ago
Sorin Davidoi 6f3d934bc1 feat(cookies): Use the same-site attribute to lax (#8626)
6 years ago
M Somerville 2bba6e582d Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. (#8423)
6 years ago
ThibG f06fa09962 Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote (#8339)
6 years ago
Immae b0f4fe456b Add ldap search filter (#8151)
6 years ago
Eugen Rochko 018a9e4e7f
Add post-deployment migration system (#8182)
6 years ago
abcang 69bf116345 Add secure option to additional cookie (#8069)
6 years ago
Eugen Rochko 1f6ed4f86a
Add more granular OAuth scopes (#7929)
6 years ago
MIYAGI Hikaru ddd0bb69e1 Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into `ALLOW_ACCESS_TO_HIDDEN_SERVICE` (#7901)
6 years ago
Eugen Rochko 0df91c7b1e
Add dat, dweb, ipfs, ipns, ssb, gopher protocols to URL extractor (#7810)
6 years ago
Eugen Rochko 53f0452b70
Remove rack-timeout (#7809)
6 years ago
Eugen Rochko d87649db07
Disable AMS logging (#7623)
7 years ago
MIYAGI Hikaru 919eef3098 User agent for WebFinger (#7531)
7 years ago
Eugen Rochko b4fb766b23
Add REST API for Web Push Notifications subscriptions (#7445)
7 years ago
Hugo Gameiro ea4e243303 Improve OpenStack v3 compatibility (#7392)
7 years ago
Akihiko Odaki a7e71bbd08 Add a missing question mark in rack_attack.rb (#7338)
7 years ago
Akihiko Odaki b1d4471e36 Throttle media post (#7337)
7 years ago
Eugen Rochko cb5b5cb5f7
Slightly reduce RAM usage (#7301)
7 years ago
MIYAGI Hikaru f58dcbc981 HTTP proxy support for outgoing request, manage access to hidden service (#7134)
7 years ago
Yamagishi Kazutoshi 50529cbceb Upgrade Rails to version 5.2.0 (#5898)
7 years ago
Eugen Rochko 49bbef1202
Use RAILS_LOG_LEVEL to set log level of Sidekiq, too (#7079)
7 years ago
Eugen Rochko 80a944c882
Log rate limit hits (#7096)
7 years ago
Eugen Rochko d4de2239b0
Add a circuit breaker for ActivityPub deliveries (#7053)
7 years ago
Yamagishi Kazutoshi 28384c1771 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
7 years ago
Eugen Rochko ac49c7932d
Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env (#6845)
7 years ago
Alexander 33ee347c99 rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) (#6833)
7 years ago
Eugen Rochko 40871caa4b
Revert "Upgrade Paperclip to version 6.0.0" (#6807)
7 years ago
Yamagishi Kazutoshi b88fcd53f7 Upgrade Paperclip to version 6.0.0 (#6754)
7 years ago
Effy Elden dd9d00d293 Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available (#6669)
7 years ago
Alexander 42fe05dea1 fix logic for pam_controlled_service (#6599)
7 years ago
Eugen Rochko 47bdb9b33b
Fix #942: Seamless LDAP login (#6556)
7 years ago
Akihiko Odaki 2e8a492e88 Raise Mastodon::HostValidationError when host for HTTP request is private (#6410)
7 years ago
Ghislain Loaec e668180044 New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) (#6540)
7 years ago
Ghislain Loaec 3084fe4959 New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 (#6538)
7 years ago
Eugen Rochko 02856073f7
Fix #6509: Use pull queue for chewy jobs (#6513)
7 years ago
Daniel King 6ef3874b2e Fix URLs incorrectly having trailing hyphen removed (#6465)
7 years ago
Eugen Rochko e20700fe8f
Fix Chewy trying to update index with the wrong strategy (#6464)
7 years ago
Eugen Rochko 3ebc0ad4d3
Full-text search for authorized statuses (#6423)
7 years ago
Eugen Rochko 38e0133e1b
Make PAM gem optional, allow configuration over environment (#6415)
7 years ago
Eugen Rochko 26f21fd5a0
CAS + SAML authentication feature (#6425)
7 years ago
Alexander 04fef7b888 pam authentication (#5303)
7 years ago
Eugen Rochko 5276c0a090
HTML e-mails for UserMailer (#6256)
7 years ago
Patrick Figel 537d2939b1 Suppress CSRF token warnings (#6240)
7 years ago
Eugen Rochko 921b781909
Increase rate limit on protected paths (#6229)
7 years ago
Naoki Kosaka 8d51ce4290 Fix enforce HTTPS in production. (#6180)
7 years ago
Patrick Figel 04ecf44c2f Add confirmation step for email changes (#6071)
7 years ago
nightpool 9592b5e31e enforce LOCAL_HTTPS=true in production (#6061)
7 years ago
Yamagishi Kazutoshi 6855baa0c5 Change streaming API URL when remote development (#5942)
7 years ago
Eugen Rochko feed07227b
Apply a 25x rate limit by IP even to authenticated requests (#5948)
7 years ago
Naoki Kosaka 4bce376fdc Missing require 'authorization_decorator'. (#5947)
7 years ago
Eugen Rochko a865b62efc
Rate limit by user instead of IP when API user is authenticated (#5923)
7 years ago
THE BOSS ♨ 17e26f8afe Fix typo in paperclip.rb (#5936)
7 years ago
Yamagishi Kazutoshi b0db4dad79 Revert fog-aws (ref #5604) (#5934)
7 years ago
Eugen Rochko 42bcbd36b7 Remove rabl dependency (#5894)
7 years ago
Eugen Rochko 546257bc7f Allow specifying STATSD_NAMESPACE (#5700)
7 years ago
MitarashiDango cbbeec05be Fix spell miss (SWIIFT_OBJECT_URL -> SWIFT_OBJECT_URL) (#5617)
7 years ago
Yamagishi Kazutoshi 47b0c61853 Unify file upload to using fog (#5604)
7 years ago
Jeong Arm 9d97054fe6 Remove timestamps on any option (#5282)
7 years ago
unarist 7fd66cf2fe Fix migration failure due to StrongMigrations on production env (#5283)
7 years ago
Lynx Kotoura 32e8a87830 adjust public profile pages 2 (#5223)
7 years ago
Nishi, Keisuke 83ffc4dc07 Fix Paperclip::Fog always responds Not Found in OpenStack-v2 like ConoHa (#5155)
7 years ago
Eugen Rochko 35a8cafa35 Replace self-rolled statsd instrumention with localshred/nsa (#5118)
7 years ago
Eugen Rochko db3ed498b0 When OAuth password verification fails, return 401 instead of redirect (#5111)
7 years ago
Eugen Rochko e528114c53 Follow-up to #4582 and #5027, removing dead code (#5101)
7 years ago
Eugen Rochko b982d549f4 Add strong_migrations gem to warn when creating unsafe migrations (#5078)
7 years ago
Eugen Rochko d68df88d4e Disable private status federation over OStatus (#5027)
7 years ago
unarist 6db034a866 Re-allow underscore on valid_url_path_ending_chars (#4999)
7 years ago
ふぁぼ原 3816943e6b Enable to recognize most kinds of characters as URL paths (#4941)
7 years ago
abcang 1aad015bbb Revert unique retry job (#4937)
7 years ago
Patrick Figel 3018043fc2 Add OpenStack Keystone V3 support (#4889)
7 years ago
abcang 6859d4c028 Enable UniqueRetryJobMiddleware even when called from sidekiq worker (#4836)
7 years ago
Adam Thurlow 6994664a13 swift-enable the paperclip! 📎 (#2322)
7 years ago
abcang be7ffa2d75 Do not execute the job with the same arguments as the retry job (#4814)
7 years ago
Eugen Rochko 1b1e025b41 Use updated ActivityStreams context (added: sharedInbox) (#4764)
7 years ago
Eugen Rochko 00840f4f2e Add handling of Linked Data Signatures in payloads (#4687)
7 years ago
Eugen Rochko cf615abbf9 Add configuration to disable private status federation over PuSH (#4582)
7 years ago
Colin Mitchell 871c0d251a Application prefs section (#2758)
7 years ago
Eugen Rochko 6df8bd277b Set correct content-type for ActivityPub JSON (#4592)
7 years ago
Eugen Rochko 40be4ea239 Extend Devise remember_me longevity to 1 year instead of 2 weeks (#4587)
7 years ago
Eugen Rochko dd7ef0dc41 Add ActivityPub inbox (#4216)
7 years ago
unarist b42c018bb8 Add Content-Type header on throttled response to fix mojibake (#4558)
7 years ago
Eugen Rochko df605f0f8b Add "signed in as" header to some pages (#4523)
7 years ago
Eugen Rochko 8d6c3cd48a Fix sessions being replaced needlessly (#4292)
7 years ago
Eugen Rochko a5a07da892 Correct OStatus inflection (Ostatus -> OStatus) (#4255)
7 years ago
Eugen Rochko 8c45cd0e36 Improve ActivityPub representations (#3844)
7 years ago
Yamagishi Kazutoshi 0fa9dd8527 Add Rake task for generate VAPID key (#4195)
7 years ago
Sorin Davidoi 0c7c188c45 Web Push Notifications (#3243)
7 years ago
Eugen Rochko 056b5ed72f Improve UI of admin site settings (#4163)
7 years ago
Eugen Rochko 00df69bc89 Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091)
7 years ago
Yamagishi Kazutoshi 76eda2fc21 Add recursive object support to API response (#4095)
7 years ago
Eugen Rochko f7301bd5b9 Add overview of active sessions (#3929)
7 years ago
Sorin Davidoi 2211e8d1cd Revocable sessions (#3616)
7 years ago
Eugen Rochko f3be605286 Rename FollowRemoteAccountService to ResolveRemoteAccountService (#3847)
8 years ago
Matt Jankowski 2212dc4aaa Update Rails to version 5.1.1 (#3121)
8 years ago
Immae a94c152fd3 Allow alternate domains for mastodon handlers (#3187)
8 years ago
Clworld df92f010ad Set config.cache_store in environments file. (#3219)
8 years ago
Eugen Rochko 20c0054460 Adjust REDIS_URL usage in node_redis (#3183)
8 years ago
Eugen Rochko d78f555254 Improve language filter preferences look (#3184)
8 years ago
beatrix 5c1f70b5c5 namespace redis usage (#2869)
8 years ago
alpaca-tc ee3e0a93f4 Fixes unknown mime type (#2822)
8 years ago
Akihiko Odaki 0cdcf32865 Use ws protocol in streaming API base URL (#2606)
8 years ago
alpaca-tc db92eec876 Localize 'throttled' (#2755)
8 years ago
Eugen Rochko c997091166 Clean up redis configuration. Allow using REDIS_URL to set advanced (#2732)
8 years ago
Eugen Rochko f5bf5ebb82 Replace sprockets/browserify with Webpack (#2617)
8 years ago
Tristan Mahé 964035b118 allow localhost to bypass the ratelimit (#2554)
8 years ago
yhirano 3d776de2cb Change permission from 0755 to 0644 (#2536)
8 years ago
Eugen Rochko 88725d6ce8 OEmbed support for PreviewCard (#2337)
8 years ago
ばん 5817bae2da fix can toot whitespace (#2218)
8 years ago
Ash Furrow 66b39ccaed Removes timestamp from URLs. (#2185)
8 years ago
tmyt 6c83fec971 Make configuarable s3_permissions for paperclip (#2139)
8 years ago
Yamagishi Kazutoshi 8b8e140c71 Change to switch signature version for Amazon S3 (#2124)
8 years ago
Eugen e09ab2c0bd Fix #1642, fix #1912 - Dictate content-type file extension (#2078)
8 years ago
Eugen ff5baa5349 Add rate limits for logins and sign-ups by IP (5 in 5 minutes) (#2079)
8 years ago
Joachim Viide 363de2dffd Leave out the "Expires" header from S3 uploads (#1886)
8 years ago
Naouak 3d3e32befb Check for a custom css file to help customization of instances (#1368)
8 years ago
Patrick Figel df4ff9a8e1 Add recovery code support for two-factor auth (#1773)
8 years ago
Les Orchard 7609593e48 Add REDIS_DB env variable to configure Redis database (#1366)
8 years ago
ThibG a9529d3b4b Allow running mastodon on a different domain as the one used for identifying users (#1267)
8 years ago
Valentin Lorentz 5ab0ffc6c8 Custom Paperclip path. (#778)
8 years ago
Yusuke Abe 169c68a739 Add filename extension to paperclip (#1718)
8 years ago
Matt Jankowski c44a700252 Quick best practice cleanup of views/helpers (#1546)
8 years ago
Yann GUERN a85d4473aa Avoid user enumeration with devise paranoid mode (#1527)
8 years ago
Matt Jankowski 4ada50985a Pagination improvements (#1445)
8 years ago
Matt Jankowski 64dbde0dbf Version bumps for ruby and misc gems (#1159)
8 years ago
Eugen Rochko 29ffe1cad3 Make sure Rabl is using Oj
8 years ago
Pete Keen e9a6da6bc7 [#817] Add email whitelist
8 years ago
Eugen Rochko 5b12624847 Add proper error page for request timeouts
8 years ago
leopku c46843c65c 🔧 S3 protocol from ENV
8 years ago
Eugen Rochko 2816b1bf8e Federate header images, fix open-uri http->https redirection error
8 years ago
Eugen Rochko 02349b3269 Obfuscate filenames better, double rate limits
8 years ago
Eugen Rochko 1fb3e8988b Revert earlier fix due to new bug reports
8 years ago
Eugen Rochko ebc01bf0f6 Make the paperclip filename interpolator smarter about the :original style
8 years ago
Eugen Rochko 138d21aea8 Update service timeout setting from 15s to 90s
8 years ago
Eugen 9d5fb49cd8 Merge pull request #603 from evanminto/activitypub-account
8 years ago
Evan Minto 94e213c6c1 Reuse existing controller and route
8 years ago
Eugen Rochko ccb8ac8573 Make the streaming API also handle websockets (because trying to get the browser EventSource interface to
8 years ago
Eugen Rochko f4bc9620a9 Update settings to re-use admin layout, one big navigation tree, improve settings forms
8 years ago
Eugen Rochko 76e970c856 Do not automatically login after password reset, as it would circumvent two-factor auth (if enabled)
8 years ago
Eugen Rochko ba192f12e3 Added optional two-factor authentication
8 years ago
Eugen Rochko f6a5977f0b Fix key names in statsd
8 years ago
Eugen Rochko d567f21d4f Improve StatsD instrumentation
8 years ago
Eugen Rochko 7329fbd8a4 Fix up timeout, improve contrast on "show more", add responsive style
8 years ago
Eugen 956da43e19 Fix error
8 years ago
Eugen Rochko 61aee0006e Override Rack::Request to use the same trusted proxy settings as Rails
8 years ago
Eugen Rochko f0de621e76 Fix #463 - Fetch and display previews of URLs using OpenGraph tags
8 years ago
Eugen Rochko 306eb6e9c9 Add optional StatsD performance tracking
8 years ago
Effy Elden ab4f5f5da5 Add Heroku deployment support
8 years ago
Effy Elden a097dd489b Change default S3 ACL string used by Paperclip from 'public' (which is invalid) to 'public-read'
8 years ago
Eugen Rochko 2e71bb031b Fix Paperclip timeout setting. Fix bug introduced in #437
8 years ago
Eugen Rochko 7ddec6e7c3 Add read timeout to paperclip when it's downloading remote images
8 years ago
Eugen Rochko b891a81008 Follow call on locked account creates follow request instead
8 years ago
Eugen Rochko 6d71044c85 Don't use rack timeout in any but production environments
8 years ago
Eugen Rochko 6de079a5af Removing external hub completely, fix #333 fixing digit-only hashtags,
8 years ago
Eugen Rochko 8b93f45f3d Fix paperclip config
8 years ago
Eugen Rochko f114bc7bb7 Update Paperclip config to allow plugging in Minio instead of AWS
8 years ago
Eugen Rochko 1357c1cb3d Add single user mode
8 years ago
Eugen Rochko b362de2232 Adding configurable e-mail blacklist
8 years ago
Eugen Rochko f763e844e8 Do not use expiring links after all
8 years ago
Eugen Rochko 80c44ed9c1 Do not autoplay videos, display play button instead. Use expiring links when using S3. Do not keep originals
8 years ago
Eugen Rochko 290ffb63cd Fix cloudfront config
8 years ago
Eugen Rochko d3bd10dfe4 Add Cloudfront support
8 years ago
Eugen Rochko 5973ca3d11 Upgrade Paperclip to 5, AWS-SDK to 2, do not generate medium/small versions of avatars
8 years ago
Eugen Rochko cc70f28f19 Adding rack timeout of 30sec, PuSH jobs moved to push queue so they
8 years ago
Eugen Rochko c0555f2db6 Don't rate-limit PuSH endpoints
8 years ago
Eugen Rochko 4e351baf88 Fix URLs in inline-rendered XML
8 years ago
Eugen 41ef277da3 Fix URLs in ApplicationController.renderer
8 years ago
Eugen Rochko dda9ac9222 Fix reset date format when rate limited
8 years ago
Eugen Rochko 8efa081f21 Remove Neo4J
8 years ago
Eugen Rochko 8e34bed7cc Mini Profiler not working well, remove it
8 years ago
Eugen Rochko fc90d38893 Moving some counter queries out of subqueries in the API
8 years ago
Eugen Rochko 116ab27e08 i18n for devise mailer too
8 years ago
Eugen Rochko 546c4718e7 Localizations for most server-side strings
8 years ago
Eugen Rochko fdc17bea58 Fix rubocop issues, introduce usage of frozen literal to improve performance
8 years ago
Eugen Rochko 86574ea524 Adding Emoji One
8 years ago
Eugen Rochko 2f21f4cc01 Fix region setting for AWS gem
8 years ago
Eugen Rochko dbe00a4156 Improved configuration from ENV, cleaned up timeline filter methods
8 years ago
Eugen Rochko b835f4aa1c Fix insecure S3 URLs
8 years ago
Eugen Rochko d14967e1c8 Fix URL configuration when S3 is enabled
8 years ago
Eugen Rochko 45230c56ab Improve S3 config
8 years ago
Eugen Rochko 3ab193bc3f Adding optional S3, fail-mastodon
8 years ago
Eugen Rochko 9467b900a2 Make cookies https-only if LOCAL_HTTPS is true, set X-Frame-Options to DENY,
8 years ago
Eugen Rochko 720d1f8f3d Restrict access to oauth/applications to admins only
8 years ago
Eugen Rochko a9e40a3d80 Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting
8 years ago
Eugen Rochko 43df35213e Improving all forms
8 years ago
Eugen Rochko d5e086a47b Adding application/jrd+json webfinger resource
8 years ago
Eugen Rochko e21a3fe0cd Adding sync of follow relationships to Neo4J, accounts/suggestions API
8 years ago
Eugen Rochko 3554d638b3 Fix #72 - add follow/unfollow button to public profiles
8 years ago
Eugen Rochko f06f295890 Fix doorkeeper skip_authorization
8 years ago
Eugen Rochko 4909bbf415 Add logging for outgoing http requests
8 years ago
Eugen Rochko 492224b93f Allow non-https redirect URIs for OAuth apps (AndStatus seems to require this)
8 years ago
Eugen Rochko 7e14eefc81 Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app
8 years ago
Eugen Rochko 3b56350121 Fix #6 - Rate limit GET reqs to 300/5min, POST to 100/5min
8 years ago
Eugen Rochko 1022d682dc Normalized data in Redux, fix for asset URLs when rendered outside request
8 years ago
Eugen Rochko 92afd29650 The frontend will now be an OAuth app, auto-authorized. The frontend will use an access token for API requests
8 years ago