chinwag/chinwagsocial
chinwag/chinwagsocial
2
0
Fork 0
Code Issues Pull requests Releases 2 Wiki Activity
13476 commits 3 branches 316 tags 839 MiB
Commit graph

2462 commits

Author SHA1 Message Date
Mike
b7ffe81568 Merge tag 'v4.1.17' 2024-06-05 12:39:12 +10:00
Claire
95ebcff98e Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) 2024-05-30 15:20:04 +02:00
Claire
d770b61a74
Merge pull request from GHSA-c2r5-cfqr-c553 
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
 2024-05-30 14:24:29 +02:00
Claire
020228ddba
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Tim Rogers
a6089cdfca Fixed crash when supplying FFMPEG_BINARY environment variable (#30022) 2024-05-17 12:30:07 +02:00
Claire
3fecb36739
Change registrations to be disabled by default for new servers (#29354) 2024-02-22 18:28:41 +01:00
Claire
2fc87611be Automatically switch from open to approved registrations in absence of moderators (#29337) 2024-02-22 18:28:28 +01:00
Mike
372e262c4d Merge tag 'v4.1.15' 2024-02-17 10:52:48 +11:00
Claire
9e5af6bb58 Fix user creation failure handling in OAuth paths (#29207) 
Co-authored-by: Matt Jankowski <matt@jankowski.online>
 2024-02-14 23:16:39 +01:00
Claire
2f6518cae2 Add sidekiq_unique_jobs:delete_all_locks task and disable sidekiq-unique-jobs UI by default (#29199) 2024-02-14 13:17:55 +01:00
Emelia Smith
cdbe2855f3 Disable administrative doorkeeper routes (#29187) 2024-02-14 11:34:46 +01:00
Mike
bd7ce0d5f9 Merge tag 'v4.1.12' 2024-01-30 21:39:45 +11:00
Claire
2e8943aecd Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-24 15:31:06 +01:00
Mike
fc58fc207f Merge tag 'v4.1.11' into chinwag-4.1 2023-12-18 19:21:59 +11:00
Claire
ff3a9dad0d Fix error and incorrect URLs in /api/v1/accounts/:id/featured_tags for remote accounts (#27459) 2023-12-04 15:28:02 +01:00
Claire
78e457614c Change Content-Security-Policy to be tighter on media paths (#26889) 2023-12-04 15:28:02 +01:00
Mike Barnes
d9dfd09ac8 Merge tag 'v4.1.8' into chinwag-4.1 2023-09-20 13:37:47 +10:00
Mike
6f3094cfbd Merge tag 'v4.0.9' 2023-09-19 13:42:45 +10:00
Claire
889102013f Fix CSP headers being unintendedly wide (#26105) 2023-07-21 16:07:43 +02:00
Claire
efd066670d Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-21 16:07:43 +02:00
Claire
c46aa2348e Add check preventing Sidekiq workers from running with Makara configured (#25850) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-07-21 16:07:35 +02:00
Claire
fc4a93b937 Fix CSP headers being unintendedly wide (#26105) 2023-07-21 16:07:35 +02:00
Claire
73b16b674d Fix moderation interface for remote instances with a .zip TLD (#25885) 2023-07-21 16:07:35 +02:00
Claire
69c8f26946
Add check preventing Sidekiq workers from running with Makara configured (#25850) 
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
 2023-07-21 14:18:04 +02:00
Mike
b45ba2d672 Merge tag 'v4.0.5' 2023-07-07 01:51:21 +10:00
Claire
2119aadf0a
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
 2023-07-06 15:05:05 +02:00
Claire
f626e0d228 Add hardened headers to user-uploaded files (#25756) 2023-07-06 14:33:32 +02:00
Renaud Chaput
94c67e8bfd Allow carets in URL search params (#25216) 2023-07-06 13:45:58 +02:00
Claire
04f76675d1 Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:58 +02:00
Claire
41a0a3c87f Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-07-06 13:45:58 +02:00
Claire
0b627dcf9e Fix being able to vote on your own polls (#25015) 2023-07-06 13:45:58 +02:00
Renaud Chaput
8eb1bb8ba6 Allow carets in URL search params (#25216) 2023-07-06 13:45:40 +02:00
Claire
e65e3a6d14 Add finer permission requirements for managing webhooks (#25463) 2023-07-06 13:45:40 +02:00
Claire
a197fc094f Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-07-06 13:45:40 +02:00
Claire
cca464bce3 Fix being able to vote on your own polls (#25015) 2023-07-06 13:45:40 +02:00
Mike
d3d4497f09 Merge tag 'v4.0.4' 2023-07-05 21:13:10 +10:00
Claire
4eaa6d58b2 Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-04 12:41:27 +02:00
Claire
ae64c5b7ec Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:41:27 +02:00
Claire
448986438e Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-04 12:39:56 +02:00
Claire
aa37eeadf3 Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-04-04 12:39:56 +02:00
Claire
9715a211c7 Add warning for object storage misconfiguration (#24137) 2023-03-16 22:49:35 +01:00
Eugen Rochko
a6217bd035 Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:49:35 +01:00
Claire
6a7b91a038 Add warning for object storage misconfiguration (#24137) 2023-03-16 22:48:42 +01:00
Eugen Rochko
6db76875fd Change user backups to use expiring URLs for download when possible (#24136) 2023-03-16 22:48:42 +01:00
Eugen Rochko
59a2fe32ff Add cache headers to static files served through Rails (#24120) 2023-03-16 11:43:18 +01:00
Eugen Rochko
5cc39a3810 Add SENDFILE_HEADER environment variable (#24123) 2023-03-16 11:42:41 +01:00
CSDUMMI
4e02c7dc2c Support the PROXY protocol through the PROXY_PROTO_V1 env variable (#24064) 2023-03-16 11:42:27 +01:00
Thijs Kinkhorst
c44ddbdb3e Fix paths with url-encoded @ to redirect to the correct path (#23593) 2023-03-14 10:00:19 +01:00
Claire
d6f1bd2e08 Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-14 09:59:56 +01:00