| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-05-06 | Merge branch 'plug-if-unless-func-options-refactoring' into 'develop' | lain | |
| Refactoring of :if_func / :unless_func plug options See merge request pleroma/pleroma!2446 | |||
| 2020-05-02 | static-fe.css: Restore and move to /priv/static/static-fe | Haelwenn (lanodan) Monnier | |
| 2020-05-01 | MappedSignatureToIdentityPlug: Fix. | lain | |
| 2020-04-30 | Refactoring of :if_func / :unless_func plug options (general availability). ↵ | Ivan Tashkinov | |
| Added tests for Pleroma.Web.Plug. | |||
| 2020-04-28 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| automatic-authentication-and-instance-publicity-checks # Conflicts: # lib/pleroma/web/mastodon_api/controllers/account_controller.ex | |||
| 2020-04-26 | Let blob: pass CSP | Alex Gleason | |
| 2020-04-22 | Fixed OAuth restrictions for :api routes. Made auth info dropped for :api ↵ | Ivan Tashkinov | |
| routes if OAuth check was neither performed nor explicitly skipped. | |||
| 2020-04-21 | Automatic checks of authentication / instance publicity. Definition of ↵ | Ivan Tashkinov | |
| missing OAuth scopes in AdminAPIController. Refactoring. | |||
| 2020-04-17 | [#1682] Fixed Basic Auth permissions issue by disabling OAuth scopes checks ↵ | Ivan Tashkinov | |
| when password is provided. Refactored plugs skipping functionality. | |||
| 2020-04-15 | [#2349] Made :skip_plug/2 prevent plug from being executed even if ↵ | Ivan Tashkinov | |
| explicitly called. Refactoring. Tests. | |||
| 2020-04-15 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| authenticated-api-oauth-check-enforcement | |||
| 2020-04-15 | Merge branch 'fix/1659-rate-limiter' into 'develop' | Haelwenn | |
| remote_ip plug adds remote_ip_found flag Closes #1659 See merge request pleroma/pleroma!2390 | |||
| 2020-04-15 | remote_ip plug adds remote_ip_found flag | Alexander Strizhakov | |
| 2020-04-15 | Uploads: Sandbox them in the CSP. | lain | |
| 2020-04-14 | fix logger message | Maksim Pechnikov | |
| 2020-04-06 | Enforcement of OAuth scopes check for authenticated API endpoints, ↵ | Ivan Tashkinov | |
| :skip_plug plug to mark a plug explicitly skipped (disabled). | |||
| 2020-03-15 | Merge branch '1560-non-federating-instances-routes-restrictions' into 'develop' | lain | |
| [#1560] Restricted AP- & OStatus-related routes for non-federating instances Closes #1560 See merge request pleroma/pleroma!2235 | |||
| 2020-03-15 | Merge branch 'fix/rate-limiter-remoteip-behavior' into 'develop' | Haelwenn | |
| rate limiter: disable based on if remote ip was found, not on if the plug was enabled Closes #1620 See merge request pleroma/pleroma!2296 | |||
| 2020-03-14 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1560-non-federating-instances-routes-restrictions # Conflicts: # lib/pleroma/plugs/static_fe_plug.ex | |||
| 2020-03-14 | Merge branch 'fix/cache-control-headers' into 'develop' | rinpatch | |
| Fix Cache Control headers on media See merge request pleroma/pleroma!2295 | |||
| 2020-03-13 | uploaded media plug: do not inject compile-time params on every request | rinpatch | |
| 2020-03-13 | Merge branch 'static-accept-missing' into 'develop' | rinpatch | |
| Fix static FE plug to handle missing Accept header. See merge request pleroma/pleroma!2260 | |||
| 2020-03-13 | rate limiter: disable based on if remote ip was found, not on if the plug ↵ | rinpatch | |
| was enabled The current rate limiter disable logic won't trigger when the remote ip is not forwarded, only when the remoteip plug is not enabled, which is not the case on most instances since it's enabled by default. This changes the behavior to warn and disable when the remote ip was not forwarded, even if the RemoteIP plug is enabled. Also closes #1620 | |||
| 2020-03-13 | Synchronize cache-control header for local media with the mediaproxy | Mark Felder | |
| 2020-03-13 | Set correct Cache-Control header for local media | Mark Felder | |
| 2020-03-09 | [#1560] Ensured authentication or enabled federation for federation-related ↵ | Ivan Tashkinov | |
| routes. New tests + tests refactoring. | |||
| 2020-03-06 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1560-non-federating-instances-routes-restrictions | |||
| 2020-03-05 | [#1560] Misc. improvements in ActivityPubController federation state ↵ | Ivan Tashkinov | |
| restrictions. | |||
| 2020-03-03 | Update Copyrights | Mark Felder | |
| 2020-03-03 | [#1560] ActivityPubController federation state restrictions adjustments. ↵ | Ivan Tashkinov | |
| Adjusted tests. | |||
| 2020-03-02 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1560-non-federating-instances-routes-restrictions | |||
| 2020-03-02 | Bump copyright years of files changed after 2020-01-07 | Haelwenn (lanodan) Monnier | |
| Done via the following command: git diff fcd5dd259a1700a045be902b43391b0d1bd58a5b --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>' | |||
| 2020-02-29 | Fix static FE plug to handle missing Accept header. | Phil Hagelberg | |
| 2020-03-01 | rate limiter: Fix a race condition | rinpatch | |
| When multiple requests are processed by rate limiter plug at the same time and the bucket is not yet initialized, both would try to initialize the bucket resulting in an internal server error. | |||
| 2020-02-29 | [#2250] Tiny refactoring per merge request review. | Ivan Tashkinov | |
| 2020-02-28 | Apply suggestion to lib/pleroma/plugs/rate_limiter/rate_limiter.ex | Ivan Tashkinov | |
| 2020-02-27 | Runtime configurability of RateLimiter. Refactoring. Disabled default rate ↵ | Ivan Tashkinov | |
| limits in tests. | |||
| 2020-02-22 | [#1560] Restricted AP- & OStatus-related routes for non-federating instances. | Ivan Tashkinov | |
| 2020-02-20 | Merge branch 'require-signature' into 'develop' | lain | |
| Add an option to require fetches to be signed Closes #1444 See merge request pleroma/pleroma!2071 | |||
| 2020-02-07 | Actually fix upload limit on OTP releases | rinpatch | |
| Closes #1109 | |||
| 2020-01-30 | Merge branch 'fix/disable-rate-limiter-for-socket-localhost' into 'develop' | rinpatch | |
| Disable rate limiter for socket/localhost Closes #1380 See merge request pleroma/pleroma!2064 | |||
| 2020-01-30 | Merge branch 'develop' into fix/disable-rate-limiter-for-socket-localhost | rinpatch | |
| 2020-01-30 | Merge branch 'reenable-rate-limit-and-remote-ip' into 'develop' | lain | |
| Re-enable rate limiter and enable remote ip See merge request pleroma/pleroma!2164 | |||
| 2020-01-30 | Update http_security_plug.ex | feld | |
| 2020-01-30 | RemoteIp: only trust X-Forwarded-For | rinpatch | |
| Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway. | |||
| 2020-01-29 | Fix credo warning | Egor Kislitsyn | |
| 2020-01-29 | Make the warning more scarier | Egor Kislitsyn | |
| 2020-01-28 | Warn if HTTPSecurityPlug is disabled | Egor Kislitsyn | |
| 2020-01-17 | updated error messages for authentication process | Maksim Pechnikov | |
| 2020-01-10 | Merge remote-tracking branch 'remotes/origin/develop' into ↵ | Ivan Tashkinov | |
| 1478-oauth-admin-scopes-tweaks # Conflicts: # lib/pleroma/user.ex | |||
 |
index : pleroma.git | |
| [no description] |
| aboutsummaryrefslogtreecommitdiff |