384 Commits (a9472f8ff15523c13ab7e32592f11a6c51cc14e3)

Author SHA1 Message Date
Takeshi Umeda 2360191434
Fix guard against DNS rebinding attacks (#16095)
4 years ago
Takeshi Umeda 8323023464
Add guard against DNS rebinding attacks (#16087)
4 years ago
Eugen Rochko 3b8d085436
Fix app name, website and redirect URIs not having a maximum length (#16042)
4 years ago
Eugen Rochko 3f2533ca8e
Fix autoloading deprecation warnings from Rails 6 (#16010)
4 years ago
Eugen Rochko 82cce18227
Change health check (#15988)
4 years ago
Claire cbd0ee1d07
Update Mastodon to Rails 6.1 (#15910)
4 years ago
Claire a4dcaef53b
Prepare Mastodon for zeitwerk autoloader (#15917)
4 years ago
Claire 43eff898a0
Prepare Mastodon for Rails 6 (#15911)
4 years ago
Eugen Rochko e89e976e92
Fix configuration for sidekiq-unique-jobs after 7.x upgrade (#15908)
4 years ago
Claire 65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
4 years ago
Eugen Rochko ee1119208c
Add `POST /api/v1/emails/confirmations` to REST API (#15816)
4 years ago
Shlee ab9c2ed98d
Delete pagination.rb (#15754)
4 years ago
Claire 21fb3f3684
Drop dependency on secure_headers, fix response headers (#15712)
4 years ago
Cecylia Bocovich e79f8dd85c
Onion service related changes to HTTPS handling (#15560)
4 years ago
Shubhendra Singh Chauhan c8d11b8bdb
Fixed code quality issues (#15541)
4 years ago
luigi eb51e43fb4
Optimize some regex matching (#15528)
4 years ago
kaiyou f47c177eb7
Support clock drift in Omniauth SAML provider (#15511)
4 years ago
Eugen Rochko 9915d11c0d
Fix unnecessary queries when batch-removing statuses, 100x faster (#15387)
4 years ago
Eugen Rochko 1045549f85
Add stoplight for object storage failures, return HTTP 503 (#13043)
4 years ago
Eugen Rochko df1653174b
Add cache buster feature for media files (#15155)
4 years ago
Eugen Rochko acc1c03861
Fix cookies not having a SameSite attribute (#15098)
4 years ago
Josh Leeb-du Toit 0c24f4dce2
Add support for Gemini urls (#15013)
4 years ago
Eugen Rochko 5e1364c448
Add IP-based rules (#14963)
4 years ago
tateisu 7919418e4c
add S3_READ_TIMEOUT environment variable (#14952)
4 years ago
santiagorodriguez96 e8d41bc2fe
Add WebAuthn as an alternative 2FA method (#14466)
4 years ago
Eugen Rochko 81a3db1564
Change rate limits for various paths (#14253)
4 years ago
ThibG a783bdf4ad
Fix hashtag column options styling (#14247)
4 years ago
Eugen Rochko 6d23d40420
Change Redis#exists calls to Redis#exists? to avoid deprecation warning (#14191)
4 years ago
Eugen Rochko 7aaf2b44ec
Fix remote files not using Content-Type header, streaming (#14184)
4 years ago
Eugen Rochko 8c04e37b03
Remove the terms blacklist and whitelist from UX (#14149)
4 years ago
mayaeh f56129a947
Suppress Redis#exists(key) warning (#14067)
4 years ago
Eugen Rochko 5d8398c8b8
Add E2EE API (#13820)
5 years ago
Takeshi Umeda 8e056bd82e
Fix csv upload (#13835)
5 years ago
Takeshi Umeda 1c434615b3
Fix workaround for Elasticsearch 7.x (#13828)
5 years ago
Eugen Rochko 4b766f9846
Refactor monkey-patching of Goldfinger (#12561)
5 years ago
ThibG 34756cc4e0
Fix "tootctl media remove-orphans" crashing on “Import” files (#13685)
5 years ago
ThibG e1629a7758
Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)
5 years ago
ThibG dea5db0e25
Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595)
5 years ago
mayaeh acc367fd14
Fix naming issue (#13551)
5 years ago
Eugen Rochko c3ca3801f2
Add separate cache directory for non-local uploads (#12821)
5 years ago
Eugen Rochko d18d6c29f3
Fix search not working due to proxy settings when using hidden services (#13488)
5 years ago
Eugen Rochko f65568f1d4
Add ability to filter audit log in admin UI (#13381)
5 years ago
Eugen Rochko 9014367bd8
Fix background jobs not using locks like they are supposed to (#13361)
5 years ago
Eugen Rochko 9241cbf861
Fix re-sending of e-mail confirmation not being rate limited (#13360)
5 years ago
ThibG 7ddbbdea6d
Fix OCR not working on Safari because of unsupported worker-src CSP (#13323)
5 years ago
dependabot-preview[bot] 56531d646e
Bump sidekiq from 5.2.7 to 6.0.4 (#11727)
5 years ago
Eugen Rochko 339ce1c4e9
Add specific rate limits for posting and following (#13172)
5 years ago
Eugen Rochko f52c988e12
Add announcements (#12662)
5 years ago
ThibG a8e46cf7a1 Add support for magnet: URIs (#12905)
5 years ago
ThibG ea436b355b Add support for linking XMPP URIs in toots (#12709)
5 years ago
Eugen Rochko 49b2f7c0a2
Fix base64-encoded file uploads not being possible (#12748)
5 years ago
Eugen Rochko 59c697a30c
Fix resource_owner_from_credentials in Doorkeeper initializer (#12743)
5 years ago
Eugen Rochko 09d54d1f62
Fix uncaught query param encoding errors (#12741)
5 years ago
Eugen Rochko 17159625b3
Add `S3_OVERRIDE_PATH_STYLE` environment variable (#12594)
5 years ago
Eugen Rochko f3d232381d
Add `tootctl media remove-orphans` (#12568)
5 years ago
tateisu f1ef777d40 add S3_OPEN_TIMEOUT environment variable (#12459)
5 years ago
Mathieu Brunot bd8dc9bd0c Add an LDAP Mail attribute config (#12053)
5 years ago
Mathieu Brunot d70268f099 Convert LDAP username (#12461)
5 years ago
ntl-purism f3a93987b6 LDAP & PAM added to OAuth password grant strategy (#7999) (#12390)
5 years ago
ThibG dfea7368c9 Add bookmarks (#7107)
5 years ago
Eugen Rochko 45eccaf8c5
Fix preloaded JSON-LD context for identity not being used (#12138)
5 years ago
Eugen Rochko 354fdd317e
Fix attachment not being re-downloaded even if file is not stored (#12125)
5 years ago
Eugen Rochko 086fc7ed77
Fix S3 adapter retrying failing uploads with exponential backoff (#12085)
5 years ago
Eugen Rochko 5c42f47617
Fix records not being indexed sometimes (#12024)
5 years ago
Eugen Rochko 5f69eb89e2
Add a nodeinfo endpoint (#12002)
5 years ago
Yamagishi Kazutoshi a5c558f052 Hide error message on /heath (#11947)
5 years ago
Yamagishi Kazutoshi b02169f124 Cast multipart threshold to integer (#11944)
5 years ago
Eugen Rochko a1f04c1e34
Fix authentication before 2FA challenge (#11943)
5 years ago
Yamagishi Kazutoshi 172eaeba3f Add config of multipart threshold for S3 (#11924)
5 years ago
Eugen Rochko c707ef49d9
Fix 2FA challenge and password challenge for non-database users (#11831)
5 years ago
Yamagishi Kazutoshi 4e1b742cb2 Change rate limit for media proxy (#11814)
5 years ago
Yamagishi Kazutoshi d7268befa8 Add healthcheck endpoint for web (#11770)
5 years ago
ThibG 692c5b439a Fix ActivityPub context not being dynamically computed (#11746)
5 years ago
ThibG 8203e24cf4 Fix CSP needlessly allowing blob URLs in script-src (#11620)
5 years ago
Eugen Rochko b7f5f0ec10
Fix media host not being included in connect-src for OCR (#11577)
5 years ago
Eugen Rochko 28636f43e4
Add OCR tool to media editing modal (#11566)
5 years ago
Eugen Rochko 24552b5160
Add whitelist mode (#11291)
5 years ago
Eugen Rochko 3bc0c4a884
Remove unused StatsD code and expose StatsD as a global variable (#11232)
5 years ago
Eugen Rochko 7696f77245
Add moderation API (#9387)
5 years ago
Eugen Rochko 1db4117030
Change preferences page into appearance, notifications, and other (#10977)
6 years ago
Hinaloe b793722d7d Fix undefined method error (#10868)
6 years ago
mayaeh afb17b7045 Fix undefined method error. (#10867)
6 years ago
ThibG 0e9b8be18a Improve rate limiting (#10860)
6 years ago
dependabot[bot] ecbea2e3c6 Bump rack-attack from 5.4.2 to 6.0.0 (#10599)
6 years ago
Eugen Rochko 8a0d677cde
Fix stoplight logging to stderr separate from Rails logger (#10624)
6 years ago
Eugen Rochko 0e8819f0e8
Add rate limit for media proxy requests (#10490)
6 years ago
Eugen Rochko 11fe293e1b
Remove unused ActivityPub `@context` values depending on response (#10378)
6 years ago
Eric 7169928f96 cas_options :validate_url should be :service_validate_url (#10328)
6 years ago
Eugen Rochko 99fa1ce93d
Add tight rate-limit for API deletions (#10042)
6 years ago
Eugen Rochko 016ad37bc8
Fix URL linkifier grabbing full-width spaces and quotations (#9997)
6 years ago
Eugen Rochko 4699cf853c
Add timeouts for S3 (#9842)
6 years ago
Moritz Heiber ecf40d09ed Disable Same-Site cookie implementation to fix SSO issues on WebKit browsers (#9819)
6 years ago
Nolan Lawson f05eb67081 Enable immutable caching for S3 objects (#9722)
6 years ago
Eugen Rochko 5d2fc6de32
Add REST API for creating an account (#9572)
6 years ago
Eugen Rochko 240c122767
Skip mailer job retries when a record no longer exists (#9590)
6 years ago
ThibG 3f12c07ff5 Use same CORS policy for /@:username and /users/:username (#9485)
6 years ago
ThibG 84e5ed43e7 Preload common JSON-LD contexts (#9412)
6 years ago
Ben Lubar 13e049d772 Allow cross-origin requests to /.well-known/* URLs. (#9083)
6 years ago
Eugen Rochko a38a452481
Add unread indicator to conversations (#9009)
6 years ago
ThibG 8ab081ec32 Add manifest_src to CSP, add blob to connect_src (#8967)
6 years ago