145 Commits (800e27716ad70fb5b334efd28e648e155f3cd639)

Author SHA1 Message Date
Claire 5a89279d20 Merge branch 'main' into glitch-soc/merge-upstream
4 years ago
Claire d1deaee77f Fix crash on receiving requests with missing Digest header (#15782)
4 years ago
Claire 1a9e0432ae Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
ThibG 2582047c36 Use Rails' index_by where it makes sense (#15542)
4 years ago
Claire 77a975a964 Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
luigi 944b059f50 Optimize map { ... }.compact calls (#15513)
4 years ago
Claire 2736b1f95e Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
ThibG e1ef5f3b31 Add honeypot fields and minimum fill-out time for sign-up form (#15276)
4 years ago
Thibaut Girka 90f5d780cb Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
Eugen Rochko 90faa8039c Fix 2FA/sign-in token sessions being valid after password change (#14802)
4 years ago
Thibaut Girka 64ef99a31e Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
Eugen Rochko 38be9af436 Add support for reversible suspensions through ActivityPub (#14989)
4 years ago
Thibaut Girka ea4b2caf3a Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
ThibG 9500d00e5f Tweak signature verification (#15069)
4 years ago
Thibaut Girka 7a84a84fc1 Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
Eugen Rochko 403aeeb7e0 Refactor settings controllers (#14767)
4 years ago
Thibaut Girka 5b8a4f96de Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
dependabot[bot] 61b768572e Bump rubocop from 0.86.0 to 0.88.0 (#14412)
4 years ago
Akihiko Odaki b096ad1c0f Make Array-creation behavior of Paginable more predictable (#14687)
4 years ago
Thibaut Girka 37e746eab6 Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
Akihiko Odaki 1c70d8189c Introduce ApplicationController#cache_collection_paginated_by_id (#14677)
4 years ago
ThibG d480442e58 Add support for latest HTTP Signatures spec draft (#14556)
4 years ago
santiagorodriguez96 f142983484 Add WebAuthn as an alternative 2FA method (#14466)
4 years ago
Thibaut Girka c1eb60642b Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
fuyu ad1dfea4fa Fix not working I18n on 2FA and Sign in token page (#14087)
4 years ago
Thibaut Girka 83dc54c487 Merge branch 'master' into glitch-soc/merge-upstream
4 years ago
Eugen Rochko 2dbf6bc5ad Add e-mail-based sign in challenge for users with disabled 2FA (#14013)
4 years ago
ThibG f48e191e8e Fix sr locale being selected over sr-Latn (#13693)
5 years ago
Eugen Rochko a4668d994b Add specific rate limits for posting and following (#13172)
5 years ago
Eugen Rochko 5c4b1db54a Change signature verification to ignore signatures with invalid host (#13033)
5 years ago
Eugen Rochko 413cb7e861 Fix base64-encoded file uploads not being possible (#12748)
5 years ago
Eugen Rochko a2d3728c36 Add account migration UI (#11846)
5 years ago
Eugen Rochko 1781358bd9 Add password challenge to 2FA settings, e-mail notifications (#11878)
5 years ago
Eugen Rochko dc20e1af71 Add HTTP signature keyId to request log (#11591)
5 years ago
Eugen Rochko 825dc3ca22 Add whitelist mode (#11291)
5 years ago
Eugen Rochko 79b9eee938 Add (back) rails-level JSON caching (#11333)
5 years ago
Eugen Rochko 2b4fa0d6fa Change locale detection to run once per session (#8657)
5 years ago
Eugen Rochko 39719ae981 Add ActivityPub secure mode (#11269)
5 years ago
Eugen Rochko d0b0b63b1a Refactor domain block checks (#11268)
5 years ago
Eugen Rochko 56f0203c66 Refactor controllers for statuses, accounts, and more (#11249)
5 years ago
ThibG 806c2f8102 Cleanup various controllers (#10972)
6 years ago
ThibG f5637b174f Move signature verification stoplight to the requests themselves (#10813)
6 years ago
ThibG c967088621 Mark the 410 gone response for suspended accounts as cachable (#10339)
6 years ago
Eugen Rochko 73fb7bfa0f Admission-based registrations mode (#10250)
6 years ago
ThibG e60999c3c5 Improvements to signature verification (#9667)
6 years ago
Eugen Rochko e5ebd4df78 Fix signature verification stoplight triggering on non-timeout errors (#9617)
6 years ago
ysksn af123ea5e8 Remove RemoteAccountControllerConcern never used (#9482)
6 years ago
Eugen Rochko d78aed7a37 Reduce connect timeout limit and limit signature failures by source IP (#9236)
6 years ago
Eugen Rochko 0a5b65533d Improve signature verification safeguards (#8959)
6 years ago
Eugen Rochko 65d1a2d10a Remove dead code (#8919)
6 years ago
Eugen Rochko 13df3889f0 Redesign public profiles and toots (#8068)
6 years ago
Marty McGuire 4aa3f667fc Typo in signature verification failure logging (#7916)
6 years ago
Eugen Rochko 71399bf1d5 HTTP signatures spec no longer requires algorithms field (#7525)
7 years ago
ThibG 6222c7def7 Update session activation time (fixes #5605) (#7408)
7 years ago
Yamagishi Kazutoshi 0939d9ede6 Fix spec for sr-Latn (#7203)
7 years ago
ThibG a91acd2010 Fix follow/unfollow buttons on public profile (fixes #7036) (#7040)
7 years ago
Eugen Rochko 77badbc85a If DEFAULT_LOCALE is set, enforce it instead of HTTP request locale (#6817)
7 years ago
Akihiko Odaki 008bc9f47d Set the default locale in config (#6580)
7 years ago
puckipedia 081ba8fc90 Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225)
7 years ago
Eugen Rochko f378280e49 Fix #6331 (#6341)
7 years ago
Akihiko Odaki b5162e2aff Rename ResolveRemoteAccountService to ResolveAccountService (#6327)
7 years ago
Eugen Rochko 92df0bba59 Fix regeneration marker not expiring (#6290)
7 years ago
Eugen Rochko 9427823d5c Add more instance stats APIs (#6125)
7 years ago
Eugen Rochko 31fe0d067b Apply a 25x rate limit by IP even to authenticated requests (#5948)
7 years ago
Eugen Rochko 87af0bf6cf Rate limit by user instead of IP when API user is authenticated (#5923)
7 years ago
Eugen Rochko efc97d404c Add logging of admin actions (#5757)
7 years ago
Eugen Rochko 97178b6d86 Add moderator role and add pundit policies for admin actions (#5635)
7 years ago
Eugen Rochko 7ccc1c5748 Fix UserTrackingConcern firing on every request, optimize some queries (#5368)
7 years ago
Akihiko Odaki 2e6db37776 Validate id of ActivityPub representations (#5114)
7 years ago
ThibG 707cd936e8 Fix HTTP responses for salmon and ActivityPub inbox processing (#5200)
7 years ago
Eugen Rochko c35e6234ab If HTTP signature is wrong and webfinger cache is stale, retry with resolve (#5129)
7 years ago
Eugen Rochko dccc1a74ad Support more variations of ActivityPub keyId in signature (#4630)
7 years ago
Eugen Rochko 34962d9f9d Add alternate links to ActivityPub resources from HTML/HEAD variants (#4586)
7 years ago
Eugen Rochko 1b6ced5887 Add Digest header to requests with body, handle acct and URI keyId (#4565)
7 years ago
Eugen Rochko c5fa4aba91 HTTP signatures (#4146)
7 years ago
Eugen Rochko 973d6ef93a Fix #2619 - When redis feed is empty, fall back to database (#3721)
8 years ago
Akihiko Odaki (@fn_aki@pawoo.net) a5729feb11 Improve default language decision and spec (#3351)
8 years ago
Matt Jankowski 9a43a1051a Coverage improvement and concern extraction for rate limit headers in API controller (#3625)
8 years ago
Matt Jankowski 18c81c74e5 Remove exports/base controller in favor of shared concern (#3444)
8 years ago
Jack Jennings faf53a5a3e Extract authorization policy for viewing statuses (#3150)
8 years ago
Akihiko Odaki ff2bfea0b3 Remove methods from ObfuscateFilename and spec (#3347)
8 years ago
HANATANI Takuma d19f86f596 Remove unnecessary keep file. (#2902)
8 years ago
yhirano 18e4933432 Fix Rubocop offences (#2630)
8 years ago
Matt Jankowski a5c8ffcaf9 Extract user tracking into concern (#2600)
8 years ago
alpaca-tc 31d49716c6 Localize with i18n for Devise::FailureApp (#2309)
8 years ago
Matt Jankowski 9a8134cea6 Restful refactor of accounts/ routes (#2133)
8 years ago
Matt Jankowski 20170cb4f3 Improve i18n chooser (#1804)
8 years ago
Matt Jankowski d1ebb63c54 Quick best practice cleanup of views/helpers (#1546)
8 years ago
David Authier 9252133084 Use HTTP Accept-Language to detect locale (#1166)
8 years ago
Eugen Rochko 07f42f0824 Fix #1165 - before_action was called before protect_from_forgery
8 years ago
Eugen Rochko 9bb84337a7 Allow setting of default language through config
8 years ago
Eugen Rochko 453d65e6da Obfuscate filenames better, double rate limits
8 years ago
Eugen Rochko 59c8c2b28a Make follow requests federate
8 years ago
Eugen Rochko 8d4ef0b6c3 Per-status control for unlisted mode, also federation for unlisted mode
8 years ago
Eugen Rochko 9c4856bdb1 Initial commit
9 years ago