| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-04-07 | more debugdebug-remote-ip | Alexander Strizhakov | |
| 2020-04-06 | more debug | Alexander Strizhakov | |
| 2020-04-06 | debug remote ip | Alexander Strizhakov | |
| 2020-03-15 | Merge branch '1560-non-federating-instances-routes-restrictions' into 'develop' | lain | |
| [#1560] Restricted AP- & OStatus-related routes for non-federating instances Closes #1560 See merge request pleroma/pleroma!2235 | |||
| 2020-03-15 | Merge branch 'fix/rate-limiter-remoteip-behavior' into 'develop' | Haelwenn | |
| rate limiter: disable based on if remote ip was found, not on if the plug was enabled Closes #1620 See merge request pleroma/pleroma!2296 | |||
| 2020-03-14 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1560-non-federating-instances-routes-restrictions # Conflicts: # lib/pleroma/plugs/static_fe_plug.ex | |||
| 2020-03-14 | Merge branch 'fix/cache-control-headers' into 'develop' | rinpatch | |
| Fix Cache Control headers on media See merge request pleroma/pleroma!2295 | |||
| 2020-03-13 | uploaded media plug: do not inject compile-time params on every request | rinpatch | |
| 2020-03-13 | Merge branch 'static-accept-missing' into 'develop' | rinpatch | |
| Fix static FE plug to handle missing Accept header. See merge request pleroma/pleroma!2260 | |||
| 2020-03-13 | rate limiter: disable based on if remote ip was found, not on if the plug ↵ | rinpatch | |
| was enabled The current rate limiter disable logic won't trigger when the remote ip is not forwarded, only when the remoteip plug is not enabled, which is not the case on most instances since it's enabled by default. This changes the behavior to warn and disable when the remote ip was not forwarded, even if the RemoteIP plug is enabled. Also closes #1620 | |||
| 2020-03-13 | Synchronize cache-control header for local media with the mediaproxy | Mark Felder | |
| 2020-03-13 | Set correct Cache-Control header for local media | Mark Felder | |
| 2020-03-09 | [#1560] Ensured authentication or enabled federation for federation-related ↵ | Ivan Tashkinov | |
| routes. New tests + tests refactoring. | |||
| 2020-03-06 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1560-non-federating-instances-routes-restrictions | |||
| 2020-03-05 | [#1560] Misc. improvements in ActivityPubController federation state ↵ | Ivan Tashkinov | |
| restrictions. | |||
| 2020-03-03 | Update Copyrights | Mark Felder | |
| 2020-03-03 | [#1560] ActivityPubController federation state restrictions adjustments. ↵ | Ivan Tashkinov | |
| Adjusted tests. | |||
| 2020-03-02 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1560-non-federating-instances-routes-restrictions | |||
| 2020-03-02 | Bump copyright years of files changed after 2020-01-07 | Haelwenn (lanodan) Monnier | |
| Done via the following command: git diff fcd5dd259a1700a045be902b43391b0d1bd58a5b --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>' | |||
| 2020-02-29 | Fix static FE plug to handle missing Accept header. | Phil Hagelberg | |
| 2020-03-01 | rate limiter: Fix a race condition | rinpatch | |
| When multiple requests are processed by rate limiter plug at the same time and the bucket is not yet initialized, both would try to initialize the bucket resulting in an internal server error. | |||
| 2020-02-29 | [#2250] Tiny refactoring per merge request review. | Ivan Tashkinov | |
| 2020-02-28 | Apply suggestion to lib/pleroma/plugs/rate_limiter/rate_limiter.ex | Ivan Tashkinov | |
| 2020-02-27 | Runtime configurability of RateLimiter. Refactoring. Disabled default rate ↵ | Ivan Tashkinov | |
| limits in tests. | |||
| 2020-02-22 | [#1560] Restricted AP- & OStatus-related routes for non-federating instances. | Ivan Tashkinov | |
| 2020-02-20 | Merge branch 'require-signature' into 'develop' | lain | |
| Add an option to require fetches to be signed Closes #1444 See merge request pleroma/pleroma!2071 | |||
| 2020-02-07 | Actually fix upload limit on OTP releases | rinpatch | |
| Closes #1109 | |||
| 2020-01-30 | Merge branch 'fix/disable-rate-limiter-for-socket-localhost' into 'develop' | rinpatch | |
| Disable rate limiter for socket/localhost Closes #1380 See merge request pleroma/pleroma!2064 | |||
| 2020-01-30 | Merge branch 'develop' into fix/disable-rate-limiter-for-socket-localhost | rinpatch | |
| 2020-01-30 | Merge branch 'reenable-rate-limit-and-remote-ip' into 'develop' | lain | |
| Re-enable rate limiter and enable remote ip See merge request pleroma/pleroma!2164 | |||
| 2020-01-30 | Update http_security_plug.ex | feld | |
| 2020-01-30 | RemoteIp: only trust X-Forwarded-For | rinpatch | |
| Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway. | |||
| 2020-01-29 | Fix credo warning | Egor Kislitsyn | |
| 2020-01-29 | Make the warning more scarier | Egor Kislitsyn | |
| 2020-01-28 | Warn if HTTPSecurityPlug is disabled | Egor Kislitsyn | |
| 2020-01-17 | updated error messages for authentication process | Maksim Pechnikov | |
| 2020-01-10 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1478-oauth-admin-scopes-tweaks # Conflicts: # lib/pleroma/user.ex | |||
| 2020-01-10 | [#1478] OAuth admin tweaks: enforced OAuth admin scopes usage by default, ↵ | Ivan Tashkinov | |
| migrated existing OAuth records. Adjusted tests. | |||
| 2019-12-19 | Verify HTTP signatures only when request accepts "activity+json" type | Egor Kislitsyn | |
| 2019-12-16 | Add an option to require fetches to be signed | Egor Kislitsyn | |
| 2019-12-15 | OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: ↵ | Ivan Tashkinov | |
| controller tests modification: OAuth scopes usage. | |||
| 2019-12-14 | Disable rate limiter for socket/localhost (unless RemoteIp is enabled) | Maxim Filippov | |
| 2019-12-11 | [#1427] Fixed `:admin` option handling in OAuthScopesPlug, added tests. | Ivan Tashkinov | |
| 2019-12-10 | Merge remote-tracking branch 'remotes/upstream/develop' into ↵ | Ivan Tashkinov | |
| 1427-oauth-admin-scopes # Conflicts: # CHANGELOG.md | |||
| 2019-12-08 | OTP: Fix runtime upload limit config being ignored | rinpatch | |
| Closes #1109 | |||
| 2019-12-07 | [#1427] Extra check that admin OAuth scope is used by admin. Adjusted tests. | Ivan Tashkinov | |
| 2019-12-06 | [#1427] Fixes / improvements of admin scopes support. Added tests. | Ivan Tashkinov | |
| 2019-12-06 | [#1427] Bugfix for `enforce_oauth_admin_scope_usage`. Admin API ↵ | Ivan Tashkinov | |
| documentation entry. | |||
| 2019-12-06 | [#1427] Reworked admin scopes support. | Ivan Tashkinov | |
| Requalified users.is_admin flag as legacy accessor to admin actions in case token lacks admin scope(s). | |||
| 2019-11-19 | Support authentication via `x-admin-token` HTTP header | Egor Kislitsyn | |
 |
index : pleroma.git | |
| [no description] |
| aboutsummaryrefslogtreecommitdiff |