300 Commits (99f8f6b07a3315503e7bb1499065953b90ecc5ec)

Author SHA1 Message Date
Eugen Rochko 8a0d677cde
Fix stoplight logging to stderr separate from Rails logger (#10624)
6 years ago
Eugen Rochko 0e8819f0e8
Add rate limit for media proxy requests (#10490)
6 years ago
Eugen Rochko 11fe293e1b
Remove unused ActivityPub `@context` values depending on response (#10378)
6 years ago
Eric 7169928f96 cas_options :validate_url should be :service_validate_url (#10328)
6 years ago
Eugen Rochko 99fa1ce93d
Add tight rate-limit for API deletions (#10042)
6 years ago
Eugen Rochko 016ad37bc8
Fix URL linkifier grabbing full-width spaces and quotations (#9997)
6 years ago
Eugen Rochko 4699cf853c
Add timeouts for S3 (#9842)
6 years ago
Moritz Heiber ecf40d09ed Disable Same-Site cookie implementation to fix SSO issues on WebKit browsers (#9819)
6 years ago
Nolan Lawson f05eb67081 Enable immutable caching for S3 objects (#9722)
6 years ago
Eugen Rochko 5d2fc6de32
Add REST API for creating an account (#9572)
6 years ago
Eugen Rochko 240c122767
Skip mailer job retries when a record no longer exists (#9590)
6 years ago
ThibG 3f12c07ff5 Use same CORS policy for /@:username and /users/:username (#9485)
6 years ago
ThibG 84e5ed43e7 Preload common JSON-LD contexts (#9412)
6 years ago
Ben Lubar 13e049d772 Allow cross-origin requests to /.well-known/* URLs. (#9083)
6 years ago
Eugen Rochko a38a452481
Add unread indicator to conversations (#9009)
6 years ago
ThibG 8ab081ec32 Add manifest_src to CSP, add blob to connect_src (#8967)
6 years ago
Eugen Rochko edc7f895be
Fix CSP headers blocking media and development environment (#8962)
6 years ago
ThibG 2d27c11061 Set Content-Security-Policy rules through RoR's config (#8957)
6 years ago
Sascha b2a57a5d6f add ffmpeg initializer (#8855)
6 years ago
ashleyhull-versent f194857ac9 rubocop issues - Cleaning up (#8912)
6 years ago
aus-social 0a4739c732 lint pass 2 (#8878)
6 years ago
aus-social 1f98eae1cf Lint pass (#8876)
6 years ago
Yamagishi Kazutoshi 65f04e6046 Fix that Rails.cache information could not be sent via StatsD (#8831)
6 years ago
Eugen Rochko f4d549d300
Redesign forms, verify link ownership with rel="me" (#8703)
6 years ago
luzpaz 40dd19be37 Misc. typos (#8694)
6 years ago
Sorin Davidoi 6f3d934bc1 feat(cookies): Use the same-site attribute to lax (#8626)
6 years ago
M Somerville 2bba6e582d Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. (#8423)
6 years ago
ThibG f06fa09962 Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote (#8339)
6 years ago
Immae b0f4fe456b Add ldap search filter (#8151)
6 years ago
Eugen Rochko 018a9e4e7f
Add post-deployment migration system (#8182)
6 years ago
abcang 69bf116345 Add secure option to additional cookie (#8069)
6 years ago
Eugen Rochko 1f6ed4f86a
Add more granular OAuth scopes (#7929)
6 years ago
MIYAGI Hikaru ddd0bb69e1 Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into `ALLOW_ACCESS_TO_HIDDEN_SERVICE` (#7901)
6 years ago
Eugen Rochko 0df91c7b1e
Add dat, dweb, ipfs, ipns, ssb, gopher protocols to URL extractor (#7810)
6 years ago
Eugen Rochko 53f0452b70
Remove rack-timeout (#7809)
6 years ago
Eugen Rochko d87649db07
Disable AMS logging (#7623)
7 years ago
MIYAGI Hikaru 919eef3098 User agent for WebFinger (#7531)
7 years ago
Eugen Rochko b4fb766b23
Add REST API for Web Push Notifications subscriptions (#7445)
7 years ago
Hugo Gameiro ea4e243303 Improve OpenStack v3 compatibility (#7392)
7 years ago
Akihiko Odaki a7e71bbd08 Add a missing question mark in rack_attack.rb (#7338)
7 years ago
Akihiko Odaki b1d4471e36 Throttle media post (#7337)
7 years ago
Eugen Rochko cb5b5cb5f7
Slightly reduce RAM usage (#7301)
7 years ago
MIYAGI Hikaru f58dcbc981 HTTP proxy support for outgoing request, manage access to hidden service (#7134)
7 years ago
Yamagishi Kazutoshi 50529cbceb Upgrade Rails to version 5.2.0 (#5898)
7 years ago
Eugen Rochko 49bbef1202
Use RAILS_LOG_LEVEL to set log level of Sidekiq, too (#7079)
7 years ago
Eugen Rochko 80a944c882
Log rate limit hits (#7096)
7 years ago
Eugen Rochko d4de2239b0
Add a circuit breaker for ActivityPub deliveries (#7053)
7 years ago
Yamagishi Kazutoshi 28384c1771 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808)
7 years ago
Eugen Rochko ac49c7932d
Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env (#6845)
7 years ago
Alexander 33ee347c99 rename pam email environment variable to something more understandable and default to LOCAL_DOMAIN (better fallback) (#6833)
7 years ago
Eugen Rochko 40871caa4b
Revert "Upgrade Paperclip to version 6.0.0" (#6807)
7 years ago
Yamagishi Kazutoshi b88fcd53f7 Upgrade Paperclip to version 6.0.0 (#6754)
7 years ago
Effy Elden dd9d00d293 Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available (#6669)
7 years ago
Alexander 42fe05dea1 fix logic for pam_controlled_service (#6599)
7 years ago
Eugen Rochko 47bdb9b33b
Fix #942: Seamless LDAP login (#6556)
7 years ago
Akihiko Odaki 2e8a492e88 Raise Mastodon::HostValidationError when host for HTTP request is private (#6410)
7 years ago
Ghislain Loaec e668180044 New variable OAUTH_REDIRECT_AT_SIGN_IN + Ref #6538 (not only SAML strategies) (#6540)
7 years ago
Ghislain Loaec 3084fe4959 New env variable: SAML_SECURITY_ASSUME_EMAIL_IS_VERIFIED + fixes #6533 (#6538)
7 years ago
Eugen Rochko 02856073f7
Fix #6509: Use pull queue for chewy jobs (#6513)
7 years ago
Daniel King 6ef3874b2e Fix URLs incorrectly having trailing hyphen removed (#6465)
7 years ago
Eugen Rochko e20700fe8f
Fix Chewy trying to update index with the wrong strategy (#6464)
7 years ago
Eugen Rochko 3ebc0ad4d3
Full-text search for authorized statuses (#6423)
7 years ago
Eugen Rochko 38e0133e1b
Make PAM gem optional, allow configuration over environment (#6415)
7 years ago
Eugen Rochko 26f21fd5a0
CAS + SAML authentication feature (#6425)
7 years ago
Alexander 04fef7b888 pam authentication (#5303)
7 years ago
Eugen Rochko 5276c0a090
HTML e-mails for UserMailer (#6256)
7 years ago
Patrick Figel 537d2939b1 Suppress CSRF token warnings (#6240)
7 years ago
Eugen Rochko 921b781909
Increase rate limit on protected paths (#6229)
7 years ago
Naoki Kosaka 8d51ce4290 Fix enforce HTTPS in production. (#6180)
7 years ago
Patrick Figel 04ecf44c2f Add confirmation step for email changes (#6071)
7 years ago
nightpool 9592b5e31e enforce LOCAL_HTTPS=true in production (#6061)
7 years ago
Yamagishi Kazutoshi 6855baa0c5 Change streaming API URL when remote development (#5942)
7 years ago
Eugen Rochko feed07227b
Apply a 25x rate limit by IP even to authenticated requests (#5948)
7 years ago
Naoki Kosaka 4bce376fdc Missing require 'authorization_decorator'. (#5947)
7 years ago
Eugen Rochko a865b62efc
Rate limit by user instead of IP when API user is authenticated (#5923)
7 years ago
THE BOSS ♨ 17e26f8afe Fix typo in paperclip.rb (#5936)
7 years ago
Yamagishi Kazutoshi b0db4dad79 Revert fog-aws (ref #5604) (#5934)
7 years ago
Eugen Rochko 42bcbd36b7 Remove rabl dependency (#5894)
7 years ago
Eugen Rochko 546257bc7f Allow specifying STATSD_NAMESPACE (#5700)
7 years ago
MitarashiDango cbbeec05be Fix spell miss (SWIIFT_OBJECT_URL -> SWIFT_OBJECT_URL) (#5617)
7 years ago
Yamagishi Kazutoshi 47b0c61853 Unify file upload to using fog (#5604)
7 years ago
Jeong Arm 9d97054fe6 Remove timestamps on any option (#5282)
7 years ago
unarist 7fd66cf2fe Fix migration failure due to StrongMigrations on production env (#5283)
7 years ago
Lynx Kotoura 32e8a87830 adjust public profile pages 2 (#5223)
7 years ago
Nishi, Keisuke 83ffc4dc07 Fix Paperclip::Fog always responds Not Found in OpenStack-v2 like ConoHa (#5155)
7 years ago
Eugen Rochko 35a8cafa35 Replace self-rolled statsd instrumention with localshred/nsa (#5118)
7 years ago
Eugen Rochko db3ed498b0 When OAuth password verification fails, return 401 instead of redirect (#5111)
7 years ago
Eugen Rochko e528114c53 Follow-up to #4582 and #5027, removing dead code (#5101)
7 years ago
Eugen Rochko b982d549f4 Add strong_migrations gem to warn when creating unsafe migrations (#5078)
7 years ago
Eugen Rochko d68df88d4e Disable private status federation over OStatus (#5027)
7 years ago
unarist 6db034a866 Re-allow underscore on valid_url_path_ending_chars (#4999)
7 years ago
ふぁぼ原 3816943e6b Enable to recognize most kinds of characters as URL paths (#4941)
7 years ago
abcang 1aad015bbb Revert unique retry job (#4937)
7 years ago
Patrick Figel 3018043fc2 Add OpenStack Keystone V3 support (#4889)
7 years ago
abcang 6859d4c028 Enable UniqueRetryJobMiddleware even when called from sidekiq worker (#4836)
7 years ago
Adam Thurlow 6994664a13 swift-enable the paperclip! 📎 (#2322)
7 years ago
abcang be7ffa2d75 Do not execute the job with the same arguments as the retry job (#4814)
7 years ago
Eugen Rochko 1b1e025b41 Use updated ActivityStreams context (added: sharedInbox) (#4764)
7 years ago
Eugen Rochko 00840f4f2e Add handling of Linked Data Signatures in payloads (#4687)
7 years ago
Eugen Rochko cf615abbf9 Add configuration to disable private status federation over PuSH (#4582)
7 years ago