42 Commits (6894f5c1144a45815ac715f3e14e651cd0259995)

Author SHA1 Message Date
Claire 31bd0da41f Fix anonymous visitors getting a session cookie on first visit (#24584)
2 years ago
Eugen Rochko b61ff36351 Change unauthenticated responses to be cached in REST API (#24348)
2 years ago
Claire d8e7a72597 Fix caching logic with regards to Accept-Language, Cookie, and Signature (#24604)
2 years ago
Eugen Rochko 3ca64638d4 Refactor `Cache-Control` and `Vary` definitions (#24347)
2 years ago
Claire 01f0da2a4f Change CSP directives on API to be tight and concise (#20960)
2 years ago
Daniel Axtens e61dc520ae Add 'private' to Cache-Control, match Rails expectations (#20608)
2 years ago
Eugen Rochko 8b98bebc17 Fix error when passing unknown filter param in REST API (#20626)
2 years ago
Eugen Rochko b38a465476 Change `AUTHORIZED_FETCH` to not block unauthenticated REST API access (#19803)
2 years ago
Eugen Rochko 4435be82db Fix uncaught error when invalid date is supplied to API (#19480)
2 years ago
Claire 534077cea2 Fix REST API sometimes returning HTML on error (#19135)
2 years ago
Eugen Rochko b264197a1d Fix suspended users being able to access APIs that don't require a user (#18524)
3 years ago
Eugen Rochko 41816c8bfa Fix locale not being set in REST API (#17847)
3 years ago
Eugen Rochko 4d0a2968d9 Change authorized applications page (#17656)
3 years ago
Claire b5e603c6ad Add logging of S3-related errors (#16381)
3 years ago
Eugen Rochko 76b0f84cd5 Add stoplight for object storage failures, return HTTP 503 (#13043)
4 years ago
Eugen Rochko 90faa8039c Fix 2FA/sign-in token sessions being valid after password change (#14802)
4 years ago
Eugen Rochko e514304a76 Change account suspensions to be reversible by default (#14726)
4 years ago
dependabot[bot] 61b768572e Bump rubocop from 0.86.0 to 0.88.0 (#14412)
4 years ago
ThibG 6a3e2b0fe5 Fix functional user requirements in whitelist mode (#14093)
4 years ago
Eugen Rochko a4668d994b Add specific rate limits for posting and following (#13172)
5 years ago
Eugen Rochko f95fd62bac Add announcements (#12662)
5 years ago
Eugen Rochko 2eda06b768 Fix generic HTTP 500 error on duplicate records (#12563)
5 years ago
Eugen Rochko f21e27e914 Fix uncaught parameter missing exceptions and missing error templates (#11702)
5 years ago
ThibG bfa0b76a6c Fix ActivityPub and REST API queries setting cookies and preventing caching (#11539)
5 years ago
Eugen Rochko 825dc3ca22 Add whitelist mode (#11291)
5 years ago
Eugen Rochko 6be7b414e2 Change unconfirmed user login behaviour (#11375)
5 years ago
ThibG 4c4f9d78fd Explicitly disable storage of REST API results (#10655)
6 years ago
Eugen Rochko 73fb7bfa0f Admission-based registrations mode (#10250)
6 years ago
Takeshi Umeda 9f74c2b877 Add error message with invalid email confirmation (#9625)
6 years ago
Eugen Rochko bbf9f4f93b Add REST API for creating an account (#9572)
6 years ago
Eugen Rochko 5ddcdf3753 Support min_id-based pagination in REST API (#8736)
6 years ago
Eugen Rochko 72a8ca84e0 Add force_login option to OAuth authorize page (#8655)
6 years ago
Eugen Rochko 413a28499d Allow mods to disable login, improve message when login disabled (#8329)
6 years ago
Eugen Rochko 34fdf77f48 Add more granular OAuth scopes (#7929)
6 years ago
Eugen Rochko af240ff13c Disable API access when login is disabled (#7289)
7 years ago
Eugen Rochko f410afe59e Ensure that boolean params in the API are parsed for truthiness (#6575)
7 years ago
nightpool eac9039a63 Refactor /api/web APIs to use the centralized axios instance (#6223)
7 years ago
abcang cef07895a9 Remove unused function (#5950)
7 years ago
Yamagishi Kazutoshi c0642a0042 Don't send Link header when don't know prev and next links (#4633)
7 years ago
abcang efd907e32e Fix require_user! behavior when not logged in (#4604)
7 years ago
Eugen Rochko 75ab767791 Fix webfinger retries (#4275)
7 years ago
Matt Jankowski 76f986d07b Clean up for api/base controller (#3629)
8 years ago