Commit Graph

101 Commits (e881a5967149e34046f91d3f4445ebb457348b93)

Author SHA1 Message Date
Emelia Smith 4655be0da6
Fix add validation to webpush subscription keys (#30542) 8 months ago
Matt Jankowski 4a77e477ee
Consolidate account scopes for `LOWER` (index using) username/domain queries (#30451) 8 months ago
Claire 38b9d31f63
Improve email address validation (#29838) 10 months ago
Matt Jankowski 67f54c4e75
Fix `Rails/WhereExists` cop in app/validators (#28854) 1 year ago
Claire 6ad0fb5a77
Fix NULL MX handling and tighten DNS resolving specs (#28607) 1 year ago
Matt Jankowski 00c6ebd86f
Reduce `.times` usage in `StatusPin` and add `PIN_LIMIT` constant in validator (#27945) 1 year ago
Matt Jankowski 19900f647e
Add coverage for `UnreservedUsernameValidator` (#25590) 1 year ago
Matt Jankowski f5bc1f20e2
Add coverage for `ExistingUsernameValidator` (#25592)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
1 year ago
Matt Jankowski 660993b415
Add coverage for `URLValidator` (#25591) 2 years ago
Matt Jankowski 6602edf064
Add coverage for `LanguageValidator` (#25593) 2 years ago
Matt Jankowski 30f5ec7303
Rubocop fix: `Perfomance/UnfreezeString` (#26217) 2 years ago
Matt Jankowski b8b2470cf8
Fix `Style/SlicingWithRange` cop (#25923) 2 years ago
Matt Jankowski 9f5deb310b
Fix Performance/MapCompact cop (#24797)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2 years ago
Claire 5cd55d8aaf
Fix being able to vote on your own polls (#25015) 2 years ago
Matt Jankowski 88d33f361f
Fix Lint/DuplicateBranch cop (#24766) 2 years ago
Claire 32a030dd74
Rewrite import feature (#21054) 2 years ago
Matt Jankowski c40d5e5a8f
Misc coverage improvements for validators (#23928) 2 years ago
Matt Jankowski 4bb39ac3c3
Fix single-record invalid condition on PollVote (#23810) 2 years ago
Matt Jankowski 730bb3e211
Remove unused HTML Validator (#23866) 2 years ago
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules (#23679) 2 years ago
Nick Schonning 2177daeae9
Autofix Rubocop Style/RedundantBegin (#23703) 2 years ago
Claire a5a00d7f7a
Fix email with empty domain name labels passing validation (#23246)
* Fix email with empty domain name labels passing validation

`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.

* Add tests
2 years ago
Claire 3654c94583
Strip spaces around URL when adding a relay (#22655)
* Strip spaces around URL when adding a relay

Fixes #22650

* Gracefuly handle URL parsing errors in URL validator
2 years ago
Eugen Rochko 317ec06dc7
Fix error when uploading malformed CSV import (#19509) 2 years ago
Eugen Rochko abf6c87ee8
Fix remote account in contact account setting not being used (#19351) 2 years ago
Eugen Rochko 50948b46aa
Add ability to filter followed accounts' posts by language (#19095) 2 years ago
Eugen Rochko a2871cd747
Add administrative webhooks (#18510)
* Add administrative webhooks

* Fix error when webhook is deleted before delivery worker runs
3 years ago
Eugen Rochko f6d35ed57d
Remove IP matching from e-mail domain blocks (#18190)
Clear out e-mail domain blocks created from automatically resolved DNS records
3 years ago
Eugen Rochko bbc7afa2a2
Fix being able to post URLs longer than 4096 characters (#17908) 3 years ago
Eugen Rochko a29a982eaa
Change e-mail domain blocks to block IPs dynamically (#17635)
* Change e-mail domain blocks to block IPs dynamically

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
Eugen Rochko b6d7726ecb
Remove language detection through cld3 (#17478)
* Remove language detection through cld3

* Update app/helpers/languages_helper.rb

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>

Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
3 years ago
Claire d5c9feb7b7
Add support for private pinned posts (#16954)
* Add support for private pinned toots

* Allow local user to pin private toots

* Change wording to avoid "direct message"
3 years ago
Claire b21f3aa21d
Minor memory optimizations (#16507)
Reduce constant memory usage by ~100kB and further reduce boot-up memory
allocations and temporary memory use by a further ~200kB.
3 years ago
Eugen Rochko 275fa4746b
Add `configuration` attribute to `GET /api/v1/instance` (#16485)
List various values like file size limits and supported mime types
4 years ago
Eugen Rochko 3639862dee
Fix existing username validator not allowing multiple accounts (#16153)
Fix #16107
4 years ago
Eugen Rochko daccc07dc1
Change auto-following admin-selected accounts, show in recommendations (#16078) 4 years ago
Eugen Rochko b3ceb3dcc4
Add canonical e-mail blocks for suspended accounts (#16049)
Prevent new accounts from being created using the same underlying
e-mail as a suspended account using extensions and period
permutations. Stores e-mails as a SHA256 hash
4 years ago
Claire 051efed5ed
Bypass MX validation for explicitly allowed domains (#15930)
* Bypass MX validation for explicitly allowed domains

This spares some lookups and prevent issues in some edge cases with
local domains.

* Add tests

* Fix test
4 years ago
Claire a4dcaef53b
Prepare Mastodon for zeitwerk autoloader (#15917)
* Prepare Mastodon for zeitwerk autoloader (Rails 6)

Add inflections and rename/move a few classes.

In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.

* Add inflection for Url → URL
4 years ago
Claire 5614e6724e
Fix URL scanning in note length validator and preview card fetching (#15827)
* Add tests

* Fix URL scanning in note length validator and preview card fetching
4 years ago
Claire 65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting (#15382)
* Update twitter-text from 1.14 to 3.1.0

* Disable emoji parsing

* Properly depend on twitter-text for url detection

* Fix some URLs being wrongly detected client-side

* Add test for server-side validation of non-autolinkable URLs

* Fix server-side status length counting
4 years ago
Eugen Rochko 9aa37b32c3
Add `details` to error response for `POST /api/v1/accounts` in REST API (#15803) 4 years ago
luigi eb51e43fb4
Optimize some regex matching (#15528)
* Use Regex#match?

* Replace =~ too

* Avoid to call match? from Nil

* Keep value of Regexp.last_match
4 years ago
luigi 087ed84367
Optimize map { ... }.compact calls (#15513)
* Optimize map { ... }.compact

using Enumerable#filter_map, supported since Ruby 2.7

* Add poyfill for Enumerable#filter_map
4 years ago
Eugen Rochko eb35be0431
Fix follow limit preventing re-following of a moved account (#14207) 4 years ago
ThibG 49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
4 years ago
ThibG 8d217d7231
Improve email address validation (#14565)
* Increase DNS timeout from 1 second to 5 seconds for MX check

1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.

* Add more precise error messages for invalid e-mail addresses
5 years ago
Eugen Rochko 5d8398c8b8
Add E2EE API (#13820) 5 years ago
Sasha Sorokin 37b3985bfa
Improve polls: option lengths & redesign (#13257)
This commit redesign the polls and increases characters limit for the
options from 25 to 50 characters, giving pollsters more freedom.

Summarizing, the redesign is making the polls more adaptive for upcoming
changes to the options characters limit: the bar, or a "chart", is now
displayed separately from the option itself; vote check mark is moved
next to the option text, making the percentages take less space. Option
lengths are taken into account and text is wrapped to multiple lines
if necessary to avoid overflow.
5 years ago
abcang 61a7390b66
Search account domain in lowercase (#13016)
* Search account domain in lowercase

* fix rubocop error

* fix spec/models/account_spec.rb
5 years ago