Mike Barnes
372e262c4d
Merge tag 'v4.1.15'
2024-02-17 10:52:48 +11:00
Claire
9e5af6bb58
Fix user creation failure handling in OAuth paths ( #29207 )
...
Co-authored-by: Matt Jankowski <matt@jankowski.online>
2024-02-14 23:16:39 +01:00
Claire
2f6518cae2
Add `sidekiq_unique_jobs:delete_all_locks` task and disable `sidekiq-unique-jobs` UI by default ( #29199 )
2024-02-14 13:17:55 +01:00
Emelia Smith
cdbe2855f3
Disable administrative doorkeeper routes ( #29187 )
2024-02-14 11:34:46 +01:00
Mike Barnes
bd7ce0d5f9
Merge tag 'v4.1.12'
2024-01-30 21:39:45 +11:00
Claire
2e8943aecd
Add rate-limit of TOTP authentication attempts at controller level ( #28801 )
2024-01-24 15:31:06 +01:00
Mike Barnes
fc58fc207f
Merge tag 'v4.1.11' into chinwag-4.1
2023-12-18 19:21:59 +11:00
Claire
ff3a9dad0d
Fix error and incorrect URLs in `/api/v1/accounts/:id/featured_tags` for remote accounts ( #27459 )
2023-12-04 15:28:02 +01:00
Claire
78e457614c
Change Content-Security-Policy to be tighter on media paths ( #26889 )
2023-12-04 15:28:02 +01:00
Mike Barnes
d9dfd09ac8
Merge tag 'v4.1.8' into chinwag-4.1
2023-09-20 13:37:47 +10:00
Mike
6f3094cfbd
Merge tag 'v4.0.9'
2023-09-19 13:42:45 +10:00
Claire
889102013f
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:43 +02:00
Claire
efd066670d
Fix moderation interface for remote instances with a .zip TLD ( #25885 )
2023-07-21 16:07:43 +02:00
Claire
c46aa2348e
Add check preventing Sidekiq workers from running with Makara configured ( #25850 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-21 16:07:35 +02:00
Claire
fc4a93b937
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:35 +02:00
Claire
73b16b674d
Fix moderation interface for remote instances with a .zip TLD ( #25885 )
2023-07-21 16:07:35 +02:00
Claire
69c8f26946
Add check preventing Sidekiq workers from running with Makara configured ( #25850 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-21 14:18:04 +02:00
Mike Barnes
b45ba2d672
Merge tag 'v4.0.5'
2023-07-07 01:51:21 +10:00
Claire
2119aadf0a
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Claire
f626e0d228
Add hardened headers to user-uploaded files ( #25756 )
2023-07-06 14:33:32 +02:00
Renaud Chaput
94c67e8bfd
Allow carets in URL search params ( #25216 )
2023-07-06 13:45:58 +02:00
Claire
04f76675d1
Add finer permission requirements for managing webhooks ( #25463 )
2023-07-06 13:45:58 +02:00
Claire
41a0a3c87f
Fix CSP headers when S3_ALIAS_HOST includes a path component ( #25273 )
2023-07-06 13:45:58 +02:00
Claire
0b627dcf9e
Fix being able to vote on your own polls ( #25015 )
2023-07-06 13:45:58 +02:00
Renaud Chaput
8eb1bb8ba6
Allow carets in URL search params ( #25216 )
2023-07-06 13:45:40 +02:00
Claire
e65e3a6d14
Add finer permission requirements for managing webhooks ( #25463 )
2023-07-06 13:45:40 +02:00
Claire
a197fc094f
Fix CSP headers when S3_ALIAS_HOST includes a path component ( #25273 )
2023-07-06 13:45:40 +02:00
Claire
cca464bce3
Fix being able to vote on your own polls ( #25015 )
2023-07-06 13:45:40 +02:00
Mike Barnes
d3d4497f09
Merge tag 'v4.0.4'
2023-07-05 21:13:10 +10:00
Claire
4eaa6d58b2
Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )
2023-04-04 12:41:27 +02:00
Claire
ae64c5b7ec
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2023-04-04 12:41:27 +02:00
Claire
448986438e
Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )
2023-04-04 12:39:56 +02:00
Claire
aa37eeadf3
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2023-04-04 12:39:56 +02:00
Claire
9715a211c7
Add warning for object storage misconfiguration ( #24137 )
2023-03-16 22:49:35 +01:00
Eugen Rochko
a6217bd035
Change user backups to use expiring URLs for download when possible ( #24136 )
2023-03-16 22:49:35 +01:00
Claire
6a7b91a038
Add warning for object storage misconfiguration ( #24137 )
2023-03-16 22:48:42 +01:00
Eugen Rochko
6db76875fd
Change user backups to use expiring URLs for download when possible ( #24136 )
2023-03-16 22:48:42 +01:00
Eugen Rochko
59a2fe32ff
Add cache headers to static files served through Rails ( #24120 )
2023-03-16 11:43:18 +01:00
Eugen Rochko
5cc39a3810
Add `SENDFILE_HEADER` environment variable ( #24123 )
2023-03-16 11:42:41 +01:00
CSDUMMI
4e02c7dc2c
Support the PROXY protocol through the PROXY_PROTO_V1 env variable ( #24064 )
2023-03-16 11:42:27 +01:00
Thijs Kinkhorst
c44ddbdb3e
Fix paths with url-encoded @ to redirect to the correct path ( #23593 )
2023-03-14 10:00:19 +01:00
Claire
d6f1bd2e08
Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )
2023-03-14 09:59:56 +01:00
Claire
ad77e8a2fb
Fix `/api/v1/streaming` sub-paths not being redirected ( #23988 )
2023-03-14 09:59:38 +01:00
Eugen Rochko
0f2e8476e0
Fix pgBouncer resetting application name on every transaction ( #23958 )
2023-03-14 09:59:30 +01:00
Claire
c22c4247d9
Fix server error when failing to follow back followers from `/relationships` ( #23787 )
2023-03-14 09:58:26 +01:00
Claire
2a37dc7967
Change unintended SMTP read timeout from 5 seconds to 20 seconds ( #23750 )
2023-03-13 18:49:38 +01:00
Thijs Kinkhorst
40ae8d5e03
Fix paths with url-encoded @ to redirect to the correct path ( #23593 )
2023-03-13 18:46:57 +01:00
Claire
479b66637b
Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )
2023-03-13 18:44:09 +01:00
Claire
4bfbeb8139
Fix `/api/v1/streaming` sub-paths not being redirected ( #23988 )
2023-03-13 18:43:04 +01:00