294 Commits (82088f0d7dafd033c3a32aa15a51ec7172ae1fdc)

Author SHA1 Message Date
Eugen Rochko 240c122767
Skip mailer job retries when a record no longer exists (#9590) 6 years ago
Rey Tucker 35b2ba5030 Remove form_action from CSP 6 years ago
ThibG 3f12c07ff5 Use same CORS policy for /@:username and /users/:username (#9485) 6 years ago
ThibG 84e5ed43e7 Preload common JSON-LD contexts (#9412) 6 years ago
Thibaut Girka 1283e112b9 Tighten CSP a bit 6 years ago
Ben Lubar 13e049d772 Allow cross-origin requests to /.well-known/* URLs. (#9083) 6 years ago
Eugen Rochko a38a452481
Add unread indicator to conversations (#9009) 6 years ago
ThibG 8ab081ec32 Add manifest_src to CSP, add blob to connect_src (#8967) 6 years ago
Eugen Rochko edc7f895be
Fix CSP headers blocking media and development environment (#8962) 6 years ago
ThibG 2d27c11061 Set Content-Security-Policy rules through RoR's config (#8957) 6 years ago
Sascha b2a57a5d6f add ffmpeg initializer (#8855) 6 years ago
ashleyhull-versent f194857ac9 rubocop issues - Cleaning up (#8912) 6 years ago
aus-social 0a4739c732 lint pass 2 (#8878) 6 years ago
aus-social 1f98eae1cf Lint pass (#8876) 6 years ago
Yamagishi Kazutoshi 65f04e6046 Fix that Rails.cache information could not be sent via StatsD (#8831) 6 years ago
Eugen Rochko f4d549d300
Redesign forms, verify link ownership with rel="me" (#8703) 6 years ago
luzpaz 40dd19be37 Misc. typos (#8694) 6 years ago
Sorin Davidoi 6f3d934bc1 feat(cookies): Use the same-site attribute to lax (#8626) 6 years ago
Rey Tucker 40d04a3209 Add manifest_src to CSP 6 years ago
Thibaut Girka c4b3479173 Fix CSP with S3/SWIFT hosts 6 years ago
Thibaut Girka 3fe5029fbe Adjust CSP to fix image resizing 6 years ago
M Somerville 2bba6e582d Rename S3_CLOUDFRONT_HOST to S3_ALIAS_HOST. (#8423) 6 years ago
Thibaut Girka 0ddf439999 Only apply CSP in production mode 6 years ago
Thibaut Girka 48db3b3c99 Tighten CSP while allowing CDN hosts 6 years ago
Thibaut Girka e7a72439f1 Move CSP headers to the appropriate Rails configuration 6 years ago
ThibG f06fa09962 Revert to using Paperclip's filesystem storage, and fix dangling records in remove_remote (#8339) 6 years ago
Immae b0f4fe456b Add ldap search filter (#8151) 6 years ago
Eugen Rochko fcb527cdd6 Add post-deployment migration system (#8182) 6 years ago
Eugen Rochko 018a9e4e7f
Add post-deployment migration system (#8182) 6 years ago
Thibaut Girka 03afc365d5 Introduce OAuth scopes for bookmarks 6 years ago
Thibaut Girka 90b492143d Introduce OAuth scopes for bookmarks 6 years ago
abcang 69bf116345 Add secure option to additional cookie (#8069) 6 years ago
Eugen Rochko 1f6ed4f86a
Add more granular OAuth scopes (#7929) 7 years ago
MIYAGI Hikaru ddd0bb69e1 Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into `ALLOW_ACCESS_TO_HIDDEN_SERVICE` (#7901) 7 years ago
Eugen Rochko 0df91c7b1e
Add dat, dweb, ipfs, ipns, ssb, gopher protocols to URL extractor (#7810) 7 years ago
Eugen Rochko 53f0452b70
Remove rack-timeout (#7809) 7 years ago
Eugen Rochko d87649db07
Disable AMS logging (#7623) 7 years ago
MIYAGI Hikaru 919eef3098 User agent for WebFinger (#7531) 7 years ago
Eugen Rochko b4fb766b23
Add REST API for Web Push Notifications subscriptions (#7445) 7 years ago
Hugo Gameiro ea4e243303 Improve OpenStack v3 compatibility (#7392) 7 years ago
Akihiko Odaki a7e71bbd08 Add a missing question mark in rack_attack.rb (#7338) 7 years ago
Akihiko Odaki b1d4471e36 Throttle media post (#7337) 7 years ago
Eugen Rochko cb5b5cb5f7
Slightly reduce RAM usage (#7301) 7 years ago
MIYAGI Hikaru f58dcbc981 HTTP proxy support for outgoing request, manage access to hidden service (#7134) 7 years ago
Yamagishi Kazutoshi 50529cbceb Upgrade Rails to version 5.2.0 (#5898) 7 years ago
Eugen Rochko 49bbef1202
Use RAILS_LOG_LEVEL to set log level of Sidekiq, too (#7079) 7 years ago
Eugen Rochko 80a944c882
Log rate limit hits (#7096) 7 years ago
Eugen Rochko d4de2239b0
Add a circuit breaker for ActivityPub deliveries (#7053) 7 years ago
Yamagishi Kazutoshi 28384c1771 Revert "Revert "Upgrade Paperclip to version 6.0.0" (#6807)" (#6808) 7 years ago
Eugen Rochko ac49c7932d
Add LDAP_TLS_NO_VERIFY option, don't require LDAP_ENABLED outside .env (#6845) 7 years ago