Commit Graph

104 Commits (03dbebdfef47eda19b1b86e56004119f723e667e)

Author SHA1 Message Date
Matt Jankowski 5405bdd344
Remove unused E2EE messaging code (#31193) 3 months ago
Eugen Rochko e0c27a5047
Add ability to manage which websites can credit you in link previews (#31819) 4 months ago
Matt Jankowski 02df1b4e4a
Finish email allow/deny list naming migration (#30530) 5 months ago
Emelia Smith 4655be0da6
Fix add validation to webpush subscription keys (#30542) 7 months ago
Matt Jankowski 4a77e477ee
Consolidate account scopes for `LOWER` (index using) username/domain queries (#30451) 7 months ago
Claire 38b9d31f63
Improve email address validation (#29838) 9 months ago
Matt Jankowski 67f54c4e75
Fix `Rails/WhereExists` cop in app/validators (#28854) 11 months ago
Claire 6ad0fb5a77
Fix NULL MX handling and tighten DNS resolving specs (#28607) 12 months ago
Matt Jankowski 00c6ebd86f
Reduce `.times` usage in `StatusPin` and add `PIN_LIMIT` constant in validator (#27945) 1 year ago
Matt Jankowski 19900f647e
Add coverage for `UnreservedUsernameValidator` (#25590) 1 year ago
Matt Jankowski f5bc1f20e2
Add coverage for `ExistingUsernameValidator` (#25592)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
1 year ago
Matt Jankowski 660993b415
Add coverage for `URLValidator` (#25591) 1 year ago
Matt Jankowski 6602edf064
Add coverage for `LanguageValidator` (#25593) 1 year ago
Matt Jankowski 30f5ec7303
Rubocop fix: `Perfomance/UnfreezeString` (#26217) 1 year ago
Matt Jankowski b8b2470cf8
Fix `Style/SlicingWithRange` cop (#25923) 1 year ago
Matt Jankowski 9f5deb310b
Fix Performance/MapCompact cop (#24797)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2 years ago
Claire 5cd55d8aaf
Fix being able to vote on your own polls (#25015) 2 years ago
Matt Jankowski 88d33f361f
Fix Lint/DuplicateBranch cop (#24766) 2 years ago
Claire 32a030dd74
Rewrite import feature (#21054) 2 years ago
Matt Jankowski c40d5e5a8f
Misc coverage improvements for validators (#23928) 2 years ago
Matt Jankowski 4bb39ac3c3
Fix single-record invalid condition on PollVote (#23810) 2 years ago
Matt Jankowski 730bb3e211
Remove unused HTML Validator (#23866) 2 years ago
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2 years ago
Nick Schonning 2177daeae9
Autofix Rubocop Style/RedundantBegin (#23703) 2 years ago
Claire a5a00d7f7a
Fix email with empty domain name labels passing validation (#23246)
* Fix email with empty domain name labels passing validation

`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.

* Add tests
2 years ago
Claire 3654c94583
Strip spaces around URL when adding a relay (#22655)
* Strip spaces around URL when adding a relay

Fixes #22650

* Gracefuly handle URL parsing errors in URL validator
2 years ago
Eugen Rochko 317ec06dc7
Fix error when uploading malformed CSV import (#19509) 2 years ago
Eugen Rochko abf6c87ee8
Fix remote account in contact account setting not being used (#19351) 2 years ago
Eugen Rochko 50948b46aa
Add ability to filter followed accounts' posts by language (#19095) 2 years ago
Eugen Rochko a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
3 years ago
Eugen Rochko f6d35ed57d
Remove IP matching from e-mail domain blocks (#18190)
Clear out e-mail domain blocks created from automatically resolved DNS records
3 years ago
Eugen Rochko bbc7afa2a2
Fix being able to post URLs longer than 4096 characters (#17908) 3 years ago
Eugen Rochko a29a982eaa
Change e-mail domain blocks to block IPs dynamically (#17635)
* Change e-mail domain blocks to block IPs dynamically

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
Eugen Rochko b6d7726ecb
Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
Claire d5c9feb7b7
Add support for private pinned posts (#16954)
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
3 years ago
Claire b21f3aa21d
Minor memory optimizations (#16507)
Reduce constant memory usage by ~100kB and further reduce boot-up memory
allocations and temporary memory use by a further ~200kB.
3 years ago
Eugen Rochko 275fa4746b
Add `configuration` attribute to `GET /api/v1/instance` (#16485)
List various values like file size limits and supported mime types
4 years ago
Eugen Rochko 3639862dee
Fix existing username validator not allowing multiple accounts (#16153)
Fix #16107
4 years ago
Eugen Rochko daccc07dc1
Change auto-following admin-selected accounts, show in recommendations (#16078) 4 years ago
Eugen Rochko b3ceb3dcc4
Add canonical e-mail blocks for suspended accounts (#16049)
Prevent new accounts from being created using the same underlying
e-mail as a suspended account using extensions and period
permutations. Stores e-mails as a SHA256 hash
4 years ago
Claire 051efed5ed
Bypass MX validation for explicitly allowed domains (#15930)
* Bypass MX validation for explicitly allowed domains

This spares some lookups and prevent issues in some edge cases with
local domains.

* Add tests

* Fix test
4 years ago
Claire a4dcaef53b
Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
4 years ago
Claire 5614e6724e
Fix URL scanning in note length validator and preview card fetching (#15827)
* Add tests

* Fix URL scanning in note length validator and preview card fetching
4 years ago
Claire 65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
4 years ago
Eugen Rochko 9aa37b32c3
Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803) 4 years ago
luigi eb51e43fb4
Optimize some regex matching (#15528)
* Use Regex#match?

* Replace =~ too

* Avoid to call match? from Nil

* Keep value of Regexp.last_match
4 years ago
luigi 087ed84367
Optimize map { ... }.compact calls (#15513)
* Optimize map { ... }.compact

using Enumerable#filter_map, supported since Ruby 2.7

* Add poyfill for Enumerable#filter_map
4 years ago
Eugen Rochko eb35be0431
Fix follow limit preventing re-following of a moved account (#14207) 4 years ago
ThibG 49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG 8d217d7231
Improve email address validation (#14565)
* Increase DNS timeout from 1 second to 5 seconds for MX check

1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.

* Add more precise error messages for invalid e-mail addresses
4 years ago