chinwagsocial/app
ThibG fa929d8b81
Tweak signature verification (#15069)
* Add more specific error message when request body digest is invalid

This may help other implementors debug their implementation.

* Relax Host parameter requirement to GET requests

The only POST requests processed by Mastodon need objects/actors (including
their host) to be explicitly mentioned in the request's body, so replaying
a legitimate request to another host should not be a security issue.

* Support Digest headers using multiple algorithms or lowercase alogirthm names
2020-11-01 23:38:31 +01:00
..
chewy Change tootctl search deploy algorithm (#14300) 2020-07-14 18:10:35 +02:00
controllers Tweak signature verification (#15069) 2020-11-01 23:38:31 +01:00
helpers Add IP-based rules (#14963) 2020-10-12 16:33:49 +02:00
javascript Fix some account media gallery items having empty labels (#15073) 2020-11-01 18:31:39 +01:00
lib Add follower synchronization mechanism (#14510) 2020-10-21 18:04:09 +02:00
mailers Change account suspensions to be reversible by default (#14726) 2020-09-15 14:37:58 +02:00
models Add follower synchronization mechanism (#14510) 2020-10-21 18:04:09 +02:00
policies Add IP-based rules (#14963) 2020-10-12 16:33:49 +02:00
presenters Add user notes on accounts (#14148) 2020-06-30 19:19:50 +02:00
serializers Add duration parameter to muting. (#13831) 2020-10-13 01:01:14 +02:00
services Fix followers synchronization mechanism not being triggered on mentions (#15026) 2020-10-23 14:22:16 +02:00
validators Improve email address validation (#14565) 2020-08-12 12:40:25 +02:00
views Make visibility icon clickable as part of the time of a toot (#15053) 2020-10-27 03:00:47 +01:00
workers Fix poll ending notifications being created for each vote (#15071) 2020-11-01 06:34:43 +01:00