glitchier-soc

History

Sorin Davidoi 6f3d934bc1 feat(cookies): Use the same-site attribute to lax (#8626 ) CSFR-prevention is already implemented but adding this doesn't hurt. A brief introduction to Same-Site cookies (and the difference between strict and lax) can be found at https://blog.mozilla.org/security/2018/04/24/same-site-cookies-in-firefox-60/ TLDR: We use lax since we want the cookies to be sent when the user navigates safely from an external site.		6 years ago
..
0_post_deployment_migrations.rb	Add post-deployment migration system (#8182 )	6 years ago
active_model_serializers.rb	Disable AMS logging (#7623 )	7 years ago
application_controller_renderer.rb	Upgrade to Rails 5.0.0.1	8 years ago
assets.rb	HTML e-mails for UserMailer (#6256 )	7 years ago
backtrace_silencers.rb	Initial commit	9 years ago
blacklists.rb	Quick best practice cleanup of views/helpers (#1546 )	8 years ago
chewy.rb	Fix #6509 : Use pull queue for chewy jobs (#6513 )	7 years ago
content_security_policy.rb	Upgrade Rails to version 5.2.0 (#5898 )	7 years ago
cookies_serializer.rb	Upgrade to Rails 5.0.0.1	8 years ago
cors.rb	Upgrade Rails to version 5.2.0 (#5898 )	7 years ago
devise.rb	feat(cookies): Use the same-site attribute to lax (#8626 )	6 years ago
doorkeeper.rb	Add more granular OAuth scopes (#7929 )	6 years ago
fast_blank.rb	fix can toot whitespace (#2218 )	8 years ago
filter_parameter_logging.rb	Added optional two-factor authentication	8 years ago
http_client_proxy.rb	Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into `ALLOW_ACCESS_TO_HIDDEN_SERVICE` (#7901 )	6 years ago
httplog.rb	Version bumps for ruby and misc gems (#1159 )	8 years ago
inflections.rb	Add ActivityPub inbox (#4216 )	7 years ago
instrumentation.rb	Improve StatsD instrumentation	8 years ago
kaminari_config.rb	adjust public profile pages 2 (#5223 )	7 years ago
mime_types.rb	Set correct content-type for ActivityPub JSON (#4592 )	7 years ago
oj.rb	Remove rabl dependency (#5894 )	7 years ago
omniauth.rb	Add additional first_name and last_name SAML attribute statement options, and modify Omniauthable concern to use full_name or first_name + last_name if not available (#6669 )	7 years ago
open_uri_redirection.rb	Federate header images, fix open-uri http->https redirection error	8 years ago
ostatus.rb	enforce LOCAL_HTTPS=true in production (#6061 )	7 years ago
pagination.rb	Pagination improvements (#1445 )	8 years ago
paperclip.rb	Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. (#8423 )	6 years ago
premailer_rails.rb	HTML e-mails for UserMailer (#6256 )	7 years ago
rack_attack.rb	Add a missing question mark in rack_attack.rb (#7338 )	7 years ago
rack_attack_logging.rb	Log rate limit hits (#7096 )	7 years ago
redis.rb	Set config.cache_store in environments file. (#3219 )	8 years ago
session_activations.rb	Revocable sessions (#3616 )	7 years ago
session_store.rb	feat(cookies): Use the same-site attribute to lax (#8626 )	6 years ago
sidekiq.rb	Use RAILS_LOG_LEVEL to set log level of Sidekiq, too (#7079 )	7 years ago
simple_form.rb	Improve UI of admin site settings (#4163 )	7 years ago
single_user_mode.rb	Add single user mode	8 years ago
statsd.rb	Allow specifying STATSD_NAMESPACE (#5700 )	7 years ago
stoplight.rb	Add a circuit breaker for ActivityPub deliveries (#7053 )	7 years ago
strong_migrations.rb	Fix migration failure due to StrongMigrations on production env (#5283 )	7 years ago
suppress_csrf_warnings.rb	Suppress CSRF token warnings (#6240 )	7 years ago
trusted_proxies.rb	Fix error	8 years ago
twitter_regex.rb	Add dat, dweb, ipfs, ipns, ssb, gopher protocols to URL extractor (#7810 )	6 years ago
vapid.rb	Add Rake task for generate VAPID key (#4195 )	7 years ago
wrap_parameters.rb	Upgrade to Rails 5.0.0.1	8 years ago