Claire
78e457614c
Change Content-Security-Policy to be tighter on media paths ( #26889 )
2023-12-04 15:28:02 +01:00
Claire
889102013f
Fix CSP headers being unintendedly wide ( #26105 )
2023-07-21 16:07:43 +02:00
Claire
69c8f26946
Add check preventing Sidekiq workers from running with Makara configured ( #25850 )
...
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-07-21 14:18:04 +02:00
Claire
0aa0b71f2c
Merge pull request from GHSA-9928-3cp5-93fm
...
* Fix attachments getting processed despite failing content-type validation
* Add a restrictive ImageMagick security policy tailored for Mastodon
* Fix misdetection of MP3 files with large cover art
* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Renaud Chaput
8eb1bb8ba6
Allow carets in URL search params ( #25216 )
2023-07-06 13:45:40 +02:00
Claire
a197fc094f
Fix CSP headers when S3_ALIAS_HOST includes a path component ( #25273 )
2023-07-06 13:45:40 +02:00
Claire
4eaa6d58b2
Change root Chewy strategy to emit a warning instead of erroring out in production mode ( #24327 )
2023-04-04 12:41:27 +02:00
Claire
ae64c5b7ec
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support ( #24200 )
2023-04-04 12:41:27 +02:00
Claire
479b66637b
Fix sidekiq jobs not triggering Elasticsearch index updates ( #24046 )
2023-03-13 18:44:09 +01:00
Eugen Rochko
c6ef56fd5e
Change rate limits to 1,500/5m per user, 300/5m per app ( #23347 )
2023-02-02 00:07:49 +01:00
luzpaz
596923da4a
Fix typos in source documentation ( #21046 )
...
Fixed 2 source comment/documentation typos
2022-12-15 15:57:26 +01:00
Claire
d587a268fd
Add logging for Rails cache timeouts ( #21667 )
...
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds
* Log cache store errors
2022-11-27 20:37:37 +01:00
Claire
7955d4b959
Add form-action CSP directive ( #20781 )
2022-11-17 10:55:03 +01:00
trwnh
a2931d19ae
Add missing admin scopes ( fix #20892 ) ( #20918 )
2022-11-17 10:50:21 +01:00
Eugen Rochko
43b0b2f3f4
Fix wrong directive unsafe-wasm-eval
to wasm-unsafe-eval
( #20729 )
2022-11-15 03:39:06 +01:00
prplecake
b46b7c3d5e
Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP ( #20606 )
...
* Add "unsafe-eval" to script-src CSP
* Use 'unsafe-wasm-eval' instead of 'unsafe-eval'
2022-11-15 03:22:38 +01:00
Eugen Rochko
21fd25a269
Fix rate limiting for paths with formats ( #20675 )
2022-11-14 20:26:31 +01:00
Matt Corallo
9d039209cc
Add Cache-Control
header to openstack-stored files ( #20610 )
...
When storing files in S3, paperclip is configured with a Cache-Control header
indicating the file is immutable, however no such header was added when using
OpenStack storage.
Luckily Paperclip's fog integration makes this trivial, with a simple
`fog_file` `Cache-Control` default doing the trick.
2022-11-14 05:26:49 +01:00
David Hewitt
290d78cea4
Allow unsetting x-amz-acl S3 Permission headers ( #20510 )
...
Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent.
This is tested as working with Cloudflare R2.
2022-11-13 06:57:10 +01:00
prplecake
aafbc82d88
Add "unsafe-eval" to script-src CSP ( #18817 )
2022-10-26 19:23:16 +02:00
Eugen Rochko
bf0ab3e0fa
Fix vacuum scheduler missing lock, locks never expiring ( #19458 )
...
Remove vacuuming of orphaned preview cards
2022-10-26 12:10:48 +02:00
Eugen Rochko
0d6b878808
Add user content translations with configurable backends ( #19218 )
2022-09-23 23:00:12 +02:00
Eugen Rochko
546672e292
Change "Allow trends without prior review" setting to include statuses ( #17977 )
...
* Change "Allow trends without prior review" setting to include posts
* Fix i18n-tasks
2022-08-28 04:00:39 +02:00
Jeong Arm
861b35dd54
Support "http_hidden_proxy" ENV var for hidden service only proxy ( #18427 )
...
* Support "http_hidden_proxy" ENV var for hidden service only proxy
* Fallback to http_proxy if http_hidden_proxy is not set
2022-08-25 04:41:14 +02:00
Eugen Rochko
e7aa2be828
Change how hashtags are normalized ( #18795 )
...
* Change how hashtags are normalized
* Fix tests
2022-07-13 15:03:28 +02:00
Claire
ae4f068a84
Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored ( #18568 )
2022-06-01 19:22:55 +02:00
Eugen Rochko
96129c2f10
Fix confirmation redirect to app without Location
header ( #18523 )
2022-05-26 22:03:54 +02:00
Eugen Rochko
679b7158e3
Change search indexing to use batches to minimize resource usage ( #18451 )
2022-05-18 23:29:14 +02:00
Eugen Rochko
7b0fe4aef9
Fix opening and closing Redis connections instead of using a pool ( #18171 )
...
* Fix opening and closing Redis connections instead of using a pool
* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
Claire
8284110c55
Fix stoplight not using REDIS_NAMESPACE ( #18160 )
2022-04-28 18:11:31 +02:00
Eugen Rochko
3917353645
Fix single Redis connection being used across all threads ( #18135 )
...
* Fix single Redis connection being used across all Sidekiq threads
* Fix tests
2022-04-28 17:47:34 +02:00
Eugen Rochko
6e418bf346
Fix cookies secure flag being set when served over Tor ( #17992 )
2022-04-08 12:47:18 +02:00
Holger
39b489ba4c
fix: s3_force_single_request
not parsed ( #17922 )
2022-04-01 23:56:23 +02:00
Eugen Rochko
cefa526c6d
Refactor formatter ( #17828 )
...
* Refactor formatter
* Move custom emoji pre-rendering logic to view helpers
* Move more methods out of Formatter
* Fix code style issues
* Remove Formatter
* Add inline poll options to RSS feeds
* Remove unused helper method
* Fix code style issues
* Various fixes and improvements
* Fix test
2022-03-26 02:53:34 +01:00
Claire
895212bb2f
Fix PgHero suggesting migrations ( #17807 )
...
* Fix PgHero suggesting migrations
Fixes #17768
* Keep migration suggestions in development env
2022-03-15 20:27:49 +01:00
Yamagishi Kazutoshi
eb9a7e3626
Fix LetterOpennerWeb CSP ( #17770 )
2022-03-14 19:20:40 +01:00
dependabot[bot]
46ad7fea9d
Bump rack-attack from 6.5.0 to 6.6.0 ( #17405 )
...
* Bump rack-attack from 6.5.0 to 6.6.0
Bumps [rack-attack](https://github.com/rack/rack-attack ) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/rack/rack-attack/releases )
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0 )
---
updated-dependencies:
- dependency-name: rack-attack
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Fix usage of deprecated API
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-12 09:23:53 +01:00
chandrn7
a6ed6845c9
Allow login through OpenID Connect ( #16221 )
...
* added OpenID Connect as an SSO option
* minor fixes
* added comments, removed an option that shouldn't be set
* fixed Gemfile.lock
* added newline to end of Gemfile.lock
* removed tab from Gemfile.lock
* remove chomp
* codeclimate changes and small name change to make function's purpose clearer
* codeclimate fix
* added SSO buttons to /about page
* minor refactor
* minor style change
* removed spurious change
* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth
* minor changes
2022-03-09 12:07:35 +01:00
Josh Soref
b5329e0035
Spelling ( #17705 )
...
* spelling: account
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: affiliated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: appearance
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: autosuggest
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: cacheable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: component
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: conversations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: domain.example
Clarify what's distinct and use RFC friendly domain space.
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: environment
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: exceeds
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: functional
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: inefficiency
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: not
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: notifications
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: occurring
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: position
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: progress
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: promotable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: reblogging
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: repetitive
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: resolve
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: saturated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: similar
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: strategies
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: success
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: targeting
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: thumbnails
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unauthorized
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unsensitizes
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: validations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: various
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2022-03-06 22:51:40 +01:00
luzpaz
73f5e4a1d9
Fix various typos ( #17621 )
...
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-02-22 20:14:17 +01:00
Claire
8603a07504
Fix error when trying to register ( #17600 )
2022-02-21 14:55:38 +01:00
zunda
f9e7f2e409
Avoid return within block ( #17590 )
...
This prevents the error: LocalJumpError (unexpected return)
2022-02-18 20:21:21 +01:00
Jeong Arm
1de2e3f980
Throttle IPv6 signup for subnet ( #17588 )
2022-02-18 13:51:51 +01:00
Claire
cfa583fa71
Remove support for OAUTH_REDIRECT_AT_SIGN_IN ( #17287 )
...
Fixes #15959
Introduced in #6540 , OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.
However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228 .
As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
2022-01-23 15:50:41 +01:00
Eugen Rochko
8e84ebf0cb
Remove IP tracking columns from users table ( #16409 )
2022-01-16 13:23:50 +01:00
Jeong Arm
ea61d3acd6
Fix media API limit ( #17272 )
2022-01-10 14:25:24 +01:00
Eugen Rochko
fe71548844
Fix warnings on Rails boot ( #16946 )
2021-12-27 00:47:20 +01:00
Takeshi Umeda
06631fdc53
Fix ElasticSearch to Elasticsearch ( #17050 )
2021-11-26 08:30:02 +01:00
Takeshi Umeda
3419d3ec84
Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) ( #16915 )
...
* Bump chewy from 5.2.0 to 7.2.2
* fix style (codeclimate)
* fix style
* fix style
* Bump chewy from 7.2.2 to 7.2.3
2021-11-18 22:02:08 +01:00
Claire
6da135a493
Fix reviving revoked sessions and invalidating login ( #16943 )
...
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.
We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.
In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
of them
This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
2021-11-06 00:13:58 +01:00