Age | Commit message (Collapse) | Author |
|
|
|
* Add HTTP signature requirement for served ActivityPub resources
* Change `SECURE_MODE` to `AUTHORIZED_FETCH`
* Add 'Signature' to 'Vary' header and improve code style
* Improve code style by adding `public_fetch_mode?` method
|
|
|
|
(#11247)
|
|
* Remove skip_session! as it is not supported in Rails 5
* Minor cleanup in StreamEntriesController
* Remove redundant mark_cacheable! calls
|
|
|
|
|
|
Do not start a session if the current user is not logged in for public-facing pages.
Mark pages that don't care about sessions as publicly cacheable.
Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow.
Fixes #9035.
|
|
|
|
* Add test that should currently fail
* Fix depth computation (will still fail if statuses have been filtered out)
* Fix handling of broken threads
|
|
* Set CSP rules in RoR's configuration
* Override CSP setting in the embed controller to allow frames
|
|
* Add animate custom emoji param to embed pages
* Rename param, use it for avatars and gifs
* Fix issues pointed by codeclimate and breaking test
* Ignore brakeman warning
|
|
* Unuse ActiveRecord::Base#cache_key
* Enable cache_versioning
* Call cache_collection
|
|
* Compensate for scrollbar disappearing when media modal visible
Make auth pages backgrounds lighter
* Fix typo
|
|
|
|
* Make embeds cacheable by reverse proxy
* Make follow button on embeds open remote follow modal
Instead of web+mastodon://, also, turn the button blue, and add a
sign up prompt to the remote follow modal
|
|
* Fix URL of "Show more" link in paginated threads (ancestors side)
Increase item limits in threads
Fix #7268
* Fix "Show more" link in paginated threads (descendants side)
|
|
|
|
(#7162)
Fix #7115
|
|
This also limits the statuses returned by API, but pagination is not
implemented in Web API yet. I still expect it brings user experience
better than making a user wait to fetch all ancestor statuses and flooding
the column with them.
|
|
signatures (#6225)
|
|
|
|
|
|
* Allow HTTP caching of json view of public statuses
HTML views are not cached as they can contain private statuses as well
* Disable session cookies for ActivityPub json rendering of public toots
|
|
* Encode custom emojis as resolveable objects in ActivityPub
* Improve code style
|
|
- Use statuses controller for embeds instead of stream entries controller
- Prefer /@:username/:id/embed URL for embeds
- Use /@:username as author_url in OEmbed
- Add follow link to embeds which opens web intent in new window
- Use redis cache in development
- Cache entire embed
|
|
* Process Create / Announce activity in FetchRemoteStatusService
* Use activity URL in ActivityPub for reblogs
* Redirect to the original status on StatusesController#show
|
|
|
|
|
|
* Improve webfinger templates and make tests more flexible
* Clean up AS2 representation of actor
* Refactor outbox
* Create activities representation
* Add representations of followers/following collections, do not redirect /users/:username route if format is empty
* Remove unused translations
* ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better
URL/URI generation
* Add ActivityPub::TagManager#to
* Represent all attachments as Document instead of Image/Video specifically
(Because for remote ones we may not know for sure)
Add mentions and hashtags representation to AP notes
* Add AP-resolvable hashtag URIs
* Use ActiveModelSerializers for ActivityPub
* Clean up unused translations
* Separate route for object and activity
* Adjust cc/to matrices
* Add to/cc to activities, ensure announce activity embeds target status and
not the wrapper status, add "id" to all collections
|
|
|
|
|
|
|
|
|
|
and atom feed generation to some extent, as well as the way mentions are
stored
|
|
|