Commit Graph

166 Commits (d58173e45bf0fdf5a6015d40eb88c313a3d99e5c)

Author SHA1 Message Date
Matt Jankowski 6efa320feb
Fix `Style/SafeNavigation` cop (#32970) 1 month ago
Matt Jankowski 297ce9ef44
Move body class to shared partial for web app controller concern views (#31797) 1 month ago
Matt Jankowski 97b18d10b4
Move hcaptcha service config to `config_for` yml (#30662) 2 months ago
Matt Jankowski 258dce1256
Add `OpenSSL::SSL::SSLError` to http connection errors wrapper (#32307) 3 months ago
Matt Jankowski e8ec6667bd
Extract wrapper constant for `HTTP::*` error classes (#32285) 3 months ago
Claire 49407e7623
Fix Content-Security-Policy when using sso-redirect (#32241) 3 months ago
Renaud Chaput 3dc4ddc663
Fix search params being dropped when redirected to non-deck path (#31984) 3 months ago
Claire a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive (#26897) 4 months ago
Matt Jankowski 7efe0bde9d
Add `have_http_link_header` matcher and set header values as strings (#31010) 4 months ago
Claire 2ec1181ee5
Fix contrast between background and form elements on some pages (#31266) 5 months ago
Matt Jankowski 85d9053b36
Move `pagination_params` into `API::BaseController` (#28845) 7 months ago
Matt Jankowski 65e82211cd
Rename `cache_*` methods to `preload_*` in controller concern (#30209) 8 months ago
Matt Jankowski 1d3ecd3fba
Add `API::Pagination` concern (#28826) 8 months ago
Claire babbf6017d
Remove caching in `cache_collection` (#29862) 9 months ago
Matt Jankowski edde54e991
Update stoplight to version 4.1.0 (#28366) 9 months ago
Matt Jankowski f9100743ec
Add `Api::ErrorHandling` concern for api/base controller (#29574) 10 months ago
Claire 7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 11 months ago
Claire 1726085db5
Merge pull request from GHSA-3fjr-858r-92rw
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
11 months ago
Eugen Rochko b19ae521b7
Add confirmation when redirecting logged-out requests to permalink (#27792)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
11 months ago
Claire 3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 11 months ago
Jean Boussier 5a6d533c53
Enable Rails 7.1 Marshalling format (#28609) 12 months ago
Claire 092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 12 months ago
Claire 963354978a
Add `Account#unavailable?` and `Account#permanently_unavailable?` aliases (#28053) 1 year ago
Matt Jankowski 1f1c75bba5
File cleanup/organization in `controllers/concerns` (#27846) 1 year ago
Matt Jankowski 291dc04e67
Remove un-needed `action` and `template` options to `render` in controllers (#28022) 1 year ago
Matt Jankowski d562fb8459
Specs for minimal CSP policy in `Api::` controllers (#27845) 1 year ago
Ricardo Trindade 33f8c1c5eb
Remove version check from update cache_concern.rb (#27592) 1 year ago
Claire 379115e601
Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 1 year ago
Matt Jankowski d4c2dca874
Fix haml-lint `InstanceVariables` rule for auth/sessions/two_factor/o… (#27372) 1 year ago
Claire 40ba6e119b
Fix Vary headers not being set on some redirects (#27272) 1 year ago
Matt Jankowski 340f1a68be
Simplify instance presenter view access (#26046) 1 year ago
CSDUMMI 9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857) 1 year ago
Claire 09ec9c6aa5
Downgrade signature verification debug logging from `warn` to `debug` (#26812) 1 year ago
Claire 25bf640629
Add debug logging on signature verification failure (#26637) 1 year ago
Claire 8b37dd2c86
Fix Content Security Policy sometimes unnecessarily allowing hCaptcha scripts (#26388) 1 year ago
CSDUMMI 120f5802c0
Add direct link to the Single-Sign On provider if there is only one sign up method available (#26083) 1 year ago
Emelia Smith e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 1 year ago
Matt Jankowski 2e1391fdd2
Fix `Naming/MemoizedInstanceVariableName` cop (#25928) 1 year ago
Matt Jankowski 5134fc65e2
Fix `Naming/AccessorMethodName` cop (#25924) 1 year ago
Eugen Rochko 39110d1d0a
Fix CAPTCHA page not following design pattern of sign-up flow (#25395) 2 years ago
Claire bec6a1cad4
Add hCaptcha support (#25019) 2 years ago
Nick Schonning d5a185d721
Autofix Rubocop Style/CaseLikeIf (#23756) 2 years ago
Matt Jankowski 668a19a2f3
Fix Performance/DeletePrefix cop (#24796) 2 years ago
Claire b0bf6216e6
Fix /api/v1/instance/domain_blocks being unconditionally cached (#24662) 2 years ago
Claire 276c39361b
Fix anonymous visitors getting a session cookie on first visit (#24584) 2 years ago
Eugen Rochko 6084461cd0
Change unauthenticated responses to be cached in REST API (#24348) 2 years ago
Claire 58a1b2e330
Fix caching logic with regards to Accept-Language, Cookie, and Signature (#24604) 2 years ago
Eugen Rochko e98c86050a
Refactor `Cache-Control` and `Vary` definitions (#24347) 2 years ago
Matt Jankowski 0663803348
Move link header setting to after_action (#24251) 2 years ago
Claire 2626097869
Fix Rails cache namespace being overriden with `v2` for cached statuses (#24202) 2 years ago