about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2020-02-21Fix poll compose form being broken on single-column layoutThibaut Girka
2020-02-21Fix dates (without time) being rendered as datetimes in public pages (#13034)ThibG
2020-02-21Fix punycode being rendered instead of unicode in some places (#13030)Eugen Rochko
2020-02-21Fix remote convertible media attachments not being saved (#13032)Eugen Rochko
Because the file name was set after loading the file, Paperclip was flagging the differing file extension as content type spoofing Fix #12938
2020-02-21[Glitch] Fix dates (without time) being rendered as datetimes in public pagesThibG
Port c31d61d7f2d576b42ea82ab01470bce7e6e5a3a7 to glitch-soc Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-02-21Fix native share button not being displayed for unlisted toots (#13045)ThibG
2020-02-21Do not suggest to login into the GitLab database (#13084)Marcin Cieślak
As pointed out on Discourse: https://discourse.joinmastodon.org/t/obscure-wtf-error-message-running-migrations-for-3-1/2524 The message the administrators were getting was telling them to log in to the "GitLab database" and also mentions MySQL
2020-02-21Fix invite request input not being shown on sign-up error if left empty (#13089)ThibG
If the “Why do you want to join?” textarea is left empty and the entered params do not validate, the textarea isn't shown again, unlike other fields. This commit fixes that by populating an empty `UserInviteRequest` when needed.
2020-02-21[Glitch] Fix old browsers crashing because of missing `finally` polyfill in ↵ThibG
web UI Port 1314bba68a5f2d271312bad08f108e1ff56c2c00 to glitch-soc Signed-off-by: Thibaut Girka <thib@sitedethib.com>
2020-02-21Fix account JSON/RSS not being cacheable due to wrong mime type comparison ↵ThibG
(#13116) `request.format` is not a symbol but a `Mime::Type`, so the condition actually never matched, and a session was created even for those requests, preventing caching.
2020-02-21Fix ActiveRecord::Migration.check_pending! failing because of duplicate ↵Thibaut Girka
migrations
2020-02-21port tootsuite#12748 to monsterfork: Fix base64-encoded file uploads not ↵Eugen Rochko
being possible Fix #3804, Fix #5776
2020-02-21port tootsuite#12568 to monsterfork: Add `tootctl media remove-orphans`Eugen Rochko
2020-02-21remove autoreject implementation, superseded by monsterfork graylisting + ↵multiple creatures
upstream privacy improvements
2020-02-21get rid of stray merge conflictmultiple creatures
2020-02-21port tootsuite#11138 to monsterfork: Change domain blocks to automatically ↵Eugen Rochko
support subdomains * Change domain blocks to automatically support subdomains If a more authoritative domain is blocked (example.com), then the same block will be applied to a subdomain (foo.example.com) * Match subdomains of existing accounts when blocking/unblocking domains * Improve code style
2020-02-21Add option to exclude suspended domains/subdomains from tootctl domains ↵Darius Kazemi
crawl (#11454) * Add "--exclude-suspended" to tootctl domains crawl This new option ignores any instances suspended server-wide as well as their associated subdomains. This queries all domain blocks up front, then runs a regexp on each domain. This improves performance over what may be the obvious implementation, which is to ask `DomainBlocks.blocked?(domain)` for each domain -- this hits the DB many times, slowing things down considerably. * cleaning up code style * Compiling regex * Removing ternary operator
2020-02-21Fix whitelist federation for subdomains (#12435)noiob
2020-02-21port tootsuite#12303 to monsterfork: Fix broken admin audit log in whitelist ↵ThibG
mode
2020-02-21Fix incoming federation in whitelist mode (#12185)ThibG
… posting to the AP inbox required a logged-in local user…
2020-02-21port tootsuite#11963 to monsterfork: Fix relays UI being available in ↵Eugen Rochko
whitelist/secure mode Fix relays UI referencing relay that is not functional
2020-02-21port tootsuite#11638 to monsterfork: Fix remote and staff-removed statuses ↵Eugen Rochko
leaving media behind for a day The reason for unattaching media instead of removing it is to support delete & redraft functionality, but remote or staff-removed statuses will never be redrafted, so the media should be deleted immediately
2020-02-21port tootsuite#11634 to monsterfork: Fix the whitelist mode display not ↵mayaeh
being enabled in the admin dashboard
2020-02-21(lazily) port tootsuite#11298 to monsterfork: Add public blocks to /about/blocksThibG
* Add automatic blocklist display in /about/blocks Inspired by https://github.com/Gargron/mastodon.social-misc * Add admin option to set who can see instance blocks * Normalize locales files * Rename “Sandbox” to “Silence” for consistency * Disable /about/blocks when in whitelist mode * Optionally display rationale for domain blocks * Only display domain blocks that have user-facing limitations, and order them * Redesign table of blocked domains to better handle long domain names and rationales * Change domain blocks ordering now that rationales aren't displayed right away * Only show explanation for block severities actually in use * Reword instance block explanations and add disclaimer for public fetch mode
2020-02-21port tootsuite#11139 to monsterfork: Remove expensive counters from ↵Eugen Rochko
federation page in admin UI
2020-02-21port tootsuite#11292 to monsterfork: Add whitelist modeEugen Rochko
2020-02-21port tootsuite#11375: Change unconfirmed user login behaviourEugen Rochko
Allow access to account settings, 2FA, authorized applications, and account deletions to unconfirmed and pending users, as well as users who had their accounts disabled. Suspended users cannot update their e-mail or password or delete their account. Display account status on account settings page, for example, when an account is frozen, limited, unconfirmed or pending review. After sign up, login users straight away and show a simple page that tells them the status of their account with links to account settings and logout, to reduce onboarding friction and allow users to correct wrongly typed e-mail addresses. Move the final sign-up step of SSO integrations to be the same as above to reduce code duplication.
2020-02-21Fix 422 being returned instead of 404 when POSTing (#11574)Eugen Rochko
2020-02-21port tootsuite#11702 to monsterfork: Fix uncaught parameter missing ↵Eugen Rochko
exceptions and missing error templates
2020-02-21port tootsuite#11770 to monsterfork: Add healthcheck endpoint for webYamagishi Kazutoshi
2020-02-21Fix HTML error pages being returned when JSON is expected (#12713)Eugen Rochko
Fix #12509 See also #12214
2020-02-21port tootsuite#12593 to monsterfork: Fix missing error templates for ↵Eugen Rochko
non-HTML requests
2020-02-21port tootsuite#8657: Change locale detection to run once per sessionEugen Rochko
Fix #6462
2020-02-21resolve stray merge conflictmultiple creatures
2020-02-20update gemsmultiple creatures
2020-02-20port tootsuite#12054 to monsterfork: Fix RSS caching (but disable localization)ThibG
2020-02-20Fix featured hashtag URL being interpreted as media or with_replies (#12048)Eugen Rochko
Fix #12034
2020-02-20port tootsuite#11978 to monsterfork: Fix redirecting non-functional accounts ↵Eugen Rochko
on public pages Fix #11969
2020-02-20port tootsuite#11333 to monsterfork: Add (back) rails-level JSON cachingEugen Rochko
2020-02-20Fix ActivityPub and REST API queries setting cookies and preventing caching ↵ThibG
(#11539) Regression from #8657
2020-02-20port tootsuite#10502 to monsterfork: Add an RSS feed tagged to a public ↵Takeshi Umeda
profile page * Add featured tag support to rss feed on public account page * fix codeing style
2020-02-20Fix `GET /api/v1/instance` REST APIs being unavailable in secure mode (#12089)Eugen Rochko
2020-02-20port tootsuite/#12125 to monsterfork: Fix attachment not being re-downloaded ↵Eugen Rochko
even if file is not stored Change the behaviour of remotable concern. Previously, it would skip downloading an attachment if the stored remote URL is identical to the new one. Now it would not be skipped if the attachment is not actually currently stored by Paperclip.
2020-02-20Fix proofs API being inaccessible in secure mode (#12495)Eugen Rochko
2020-02-20Fix generic HTTP 500 error on duplicate records (#12563)Eugen Rochko
Fix #12551 Fix #12547
2020-02-20port tootsuite#12716 to monsterfork: Fix error when fetching ↵Eugen Rochko
followers/following from REST API when user has network hidden Fix #12510
2020-02-20Fix missing authentication call in filters controller (#12746)Eugen Rochko
2020-02-20Change signature verification to ignore signatures with invalid host (#13033)Eugen Rochko
Instead of returning a signature verification error, pretend there was no signature (i.e., this does not allow access to resources that need a valid signature), so public resources can still be fetched Fix #13011
2020-02-20port tootsuite/#13042 to monsterfork: Fix malformed HTML causing uncaught errorEugen Rochko
Fix OEmbed preview API leaking existence of private statuses (see #12930)
2020-02-20Fix unfiltered params error when generating ActivityPub tag pagination (#13049)Eugen Rochko