gitea/nas
1
0
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
21575 commits 21 branches 90 tags 309 MiB
Commit graph

179 commits

Author SHA1 Message Date
KMY
66bed31dbe Merge remote-tracking branch 'parent/main' into upstream-20241006 2024-10-05 09:10:58 +09:00
Claire
49407e7623
Fix Content-Security-Policy when using sso-redirect (#32241) 2024-10-04 08:50:36 +00:00
KMY
c905714459 Merge remote-tracking branch 'parent/main' into upstream-20240926 2024-09-26 08:29:41 +09:00
Renaud Chaput
3dc4ddc663
Fix search params being dropped when redirected to non-deck path (#31984) 2024-09-25 13:35:37 +00:00
KMY
fc9d27ff91 Merge remote-tracking branch 'parent/main' into upstream-20240913 2024-09-13 10:31:48 +09:00
Claire
a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive (#26897) 2024-09-12 13:24:19 +00:00
KMY
f18eabfe75 Merge remote-tracking branch 'parent/main' into upstream-20240906 2024-09-06 08:42:24 +09:00
Matt Jankowski
7efe0bde9d
Add have_http_link_header matcher and set header values as strings (#31010) 2024-09-05 20:05:38 +00:00
KMY
8e5fe5ccb9 Merge remote-tracking branch 'parent/main' into upstream-20240806 2024-08-06 08:16:16 +09:00
Claire
2ec1181ee5
Fix contrast between background and form elements on some pages (#31266) 2024-08-02 13:55:31 +00:00
KMY
8927b1444b Merge remote-tracking branch 'parent/main' into upstream-20240604 2024-06-04 08:02:05 +09:00
Matt Jankowski
85d9053b36
Move pagination_params into API::BaseController (#28845) 2024-05-30 14:56:48 +00:00
KMY
094ff9d2ee Merge remote-tracking branch 'parent/main' into upstream-20240517 2024-05-17 08:53:59 +09:00
Matt Jankowski
65e82211cd
Rename cache_* methods to preload_* in controller concern (#30209) 2024-05-16 08:03:46 +00:00
KMY
44f4a93430 Merge remote-tracking branch 'parent/main' into upstream-20240422 2024-04-22 08:58:37 +09:00
Matt Jankowski
1d3ecd3fba
Add API::Pagination concern (#28826) 2024-04-17 09:22:45 +00:00
KMY
52c5784910 Merge remote-tracking branch 'parent/main' into upstream-20240409 2024-04-09 12:15:51 +09:00
Claire
babbf6017d
Remove caching in cache_collection (#29862) 2024-04-08 13:46:13 +00:00
KMY
479c4fecc1 Merge remote-tracking branch 'parent/main' into upstream-20240403 2024-04-03 12:12:09 +09:00
Matt Jankowski
edde54e991
Update stoplight to version 4.1.0 (#28366) 2024-04-02 15:47:40 +00:00
KMY
76598bd542 Merge remote-tracking branch 'parent/main' into upstream-20240319 2024-03-19 09:15:20 +09:00
Matt Jankowski
f9100743ec
Add Api::ErrorHandling concern for api/base controller (#29574) 2024-03-14 09:09:47 +00:00
KMY
05e52a09a8 Merge remote-tracking branch 'parent/main' into upstream-20230209 2024-02-09 12:53:59 +09:00
Claire
7efc33b909
Move HTTP Signature parsing code to its own class (#28932) 2024-02-07 13:35:37 +00:00
KMY
9a5f80c41d Merge remote-tracking branch 'parent/main' into kbtopic-fix-security 2024-02-02 07:38:19 +09:00
Claire
1726085db5
Merge pull request from GHSA-3fjr-858r-92rw 
* Fix insufficient origin validation

* Bump version to 4.3.0-alpha.1
 2024-02-01 15:56:46 +01:00
KMY
9fa938eb0f Merge remote-tracking branch 'parent/main' into upstream-20240125 2024-01-25 18:15:21 +09:00
Eugen Rochko
b19ae521b7
Add confirmation when redirecting logged-out requests to permalink (#27792) 
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
 2024-01-24 10:49:19 +00:00
KMY
a4cc73438e Merge remote-tracking branch 'parent/main' into upstream-20240122 2024-01-22 10:07:33 +09:00
Claire
3593ee2e36
Add rate-limit of TOTP authentication attempts at controller level (#28801) 2024-01-19 12:19:49 +00:00
KMY
e65fb9fb51 Merge remote-tracking branch 'parent/main' into upstream-20240112 2024-01-12 14:48:17 +09:00
Jean Boussier
5a6d533c53
Enable Rails 7.1 Marshalling format (#28609) 2024-01-05 21:57:47 +00:00
KMY
a0a3d1b101 Merge remote-tracking branch 'parent/main' into upstream-20230105 2024-01-05 10:01:36 +09:00
Claire
092bb8a27a
Fix Mastodon not correctly processing HTTP Signatures with query strings (#28476) 2024-01-03 11:29:26 +00:00
KMY(雪あすか)
6d7fc4944a
Merge pull request from GHSA-qg32-3vrh-w6mw 2023-12-15 09:41:22 +09:00
Claire
963354978a
Add Account#unavailable? and Account#permanently_unavailable? aliases (#28053) 2023-11-30 15:43:26 +00:00
Matt Jankowski
1f1c75bba5
File cleanup/organization in controllers/concerns (#27846) 2023-11-30 14:39:41 +00:00
Matt Jankowski
291dc04e67
Remove un-needed action and template options to render in controllers (#28022) 2023-11-29 10:38:05 +00:00
Matt Jankowski
d562fb8459
Specs for minimal CSP policy in Api:: controllers (#27845) 2023-11-14 14:34:30 +00:00
Ricardo Trindade
33f8c1c5eb
Remove version check from update cache_concern.rb (#27592) 2023-10-30 14:04:12 +00:00
Claire
379115e601
Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 2023-10-23 15:46:21 +00:00
Matt Jankowski
d4c2dca874
Fix haml-lint InstanceVariables rule for auth/sessions/two_factor/o… (#27372) 2023-10-12 09:44:20 +02:00
Claire
40ba6e119b
Fix Vary headers not being set on some redirects (#27272) 2023-10-05 09:50:08 +02:00
Matt Jankowski
340f1a68be
Simplify instance presenter view access (#26046) 2023-09-28 16:52:37 +02:00
CSDUMMI
9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857) 2023-09-12 13:04:51 +02:00
Claire
09ec9c6aa5
Downgrade signature verification debug logging from warn to debug (#26812) 2023-09-06 12:17:22 +02:00
Claire
25bf640629
Add debug logging on signature verification failure (#26637) 2023-08-29 10:29:07 +02:00
Claire
8b37dd2c86
Fix Content Security Policy sometimes unnecessarily allowing hCaptcha scripts (#26388) 2023-08-08 15:41:38 +02:00
CSDUMMI
120f5802c0
Add direct link to the Single-Sign On provider if there is only one sign up method available (#26083) 2023-08-03 16:43:15 +02:00
Emelia Smith
e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00