about summary refs log tree commit diff
path: root/app/controllers/statuses_controller.rb
AgeCommit message (Collapse)Author
2021-01-19Fix /activity endpoint not require signature in authorized fetch mode (#15592)ThibG
Fixes #15589 Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-06-19Fix functional user requirements in whitelist mode (#14093)ThibG
Fixes #14092
2020-06-02Add E2EE API (#13820)Eugen Rochko
2020-05-03Add more tests for ActivityPub controllers (#13585)Eugen Rochko
2020-01-24Fix OEmbed leaking information about existence of non-public statuses (#12930)Eugen Rochko
2019-09-28Fix redirecting non-functional accounts on public pages (#11978)Eugen Rochko
Fix #11969
2019-08-11Fix ActivityPub and REST API queries setting cookies and preventing caching ↵ThibG
(#11539) Regression from #8657
2019-07-21Add (back) rails-level JSON caching (#11333)Eugen Rochko
2019-07-11Add ActivityPub secure mode (#11269)Eugen Rochko
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
2019-07-08Refactor controllers for statuses, accounts, and more (#11249)Eugen Rochko
2019-07-07Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ↵Eugen Rochko
(#11247)
2019-06-05Cleanup various controllers (#10972)ThibG
* Remove skip_session! as it is not supported in Rails 5 * Minor cleanup in StreamEntriesController * Remove redundant mark_cacheable! calls
2019-06-05Fix potential private status leak (#10969)ThibG
2019-05-09Add some caching for HTML versions of statuses pages (#10701)ThibG
2019-03-17Reduce server load caused by anonymous viewing. (#9059)Ben Lubar
Do not start a session if the current user is not logged in for public-facing pages. Mark pages that don't care about sessions as publicly cacheable. Keep the max age as 0 so proxies and browsers will still try to retrieve an updated version but can still fall back to the stale version if the site is down or too slow. Fixes #9035.
2019-02-28Give the `replies` collection an identifier and enable pagination (#10128)ThibG
2018-12-05Fix thread depth computation in statuses_controller (#9426)ThibG
* Add test that should currently fail * Fix depth computation (will still fail if statuses have been filtered out) * Fix handling of broken threads
2018-10-11Set Content-Security-Policy rules through RoR's config (#8957)ThibG
* Set CSP rules in RoR's configuration * Override CSP setting in the embed controller to allow frames
2018-08-30Add animate custom emoji param to embed pages (#8507)Renato "Lond" Cerqueira
* Add animate custom emoji param to embed pages * Rename param, use it for avatars and gifs * Fix issues pointed by codeclimate and breaking test * Ignore brakeman warning
2018-08-19Unuse ActiveRecord::Base#cache_key (#8185)abcang
* Unuse ActiveRecord::Base#cache_key * Enable cache_versioning * Call cache_collection
2018-07-31Compensate for scrollbar disappearing when media modal visible (#8100)Eugen Rochko
* Compensate for scrollbar disappearing when media modal visible Make auth pages backgrounds lighter * Fix typo
2018-07-28Redesign public profiles and toots (#8068)Eugen Rochko
2018-07-01Improve embeds (#7919)Eugen Rochko
* Make embeds cacheable by reverse proxy * Make follow button on embeds open remote follow modal Instead of web+mastodon://, also, turn the button blue, and add a sign up prompt to the remote follow modal
2018-04-30Fix "Show more" URL on paginated threads for remote statuses (#7285)Eugen Rochko
* Fix URL of "Show more" link in paginated threads (ancestors side) Increase item limits in threads Fix #7268 * Fix "Show more" link in paginated threads (descendants side)
2018-04-23Paginate descendant statuses in public page (#7148)Akihiko Odaki
2018-04-17Set Referrer-Policy to origin in web UI and public pages of private toots ↵Eugen Rochko
(#7162) Fix #7115
2018-04-11Paginate ancestor statuses in public page (#7102)Akihiko Odaki
This also limits the statuses returned by API, but pagination is not implemented in Web API yet. I still expect it brings user experience better than making a user wait to fetch all ancestor statuses and flooding the column with them.
2018-02-02Allow retrieval of private statuses (single or in outbox) using HTTP ↵puckipedia
signatures (#6225)
2018-01-04Make sure private toots remain private and do not end up in HTTP caches (#6175)ThibG
2018-01-04Cache JSON of immutable ActivityPub representations (#6171)Eugen Rochko
2018-01-03Allow HTTP caching of json view of public statuses (#6115)ThibG
* Allow HTTP caching of json view of public statuses HTML views are not cached as they can contain private statuses as well * Disable session cookies for ActivityPub json rendering of public toots
2017-10-07Encode custom emojis as resolveable objects in ActivityPub (#5243)Eugen Rochko
* Encode custom emojis as resolveable objects in ActivityPub * Improve code style
2017-08-30Update status embeds (#4742)Eugen Rochko
- Use statuses controller for embeds instead of stream entries controller - Prefer /@:username/:id/embed URL for embeds - Use /@:username as author_url in OEmbed - Add follow link to embeds which opens web intent in new window - Use redis cache in development - Cache entire embed
2017-08-24Fetch reblogs as Announce activity instead of Note object (#4672)unarist
* Process Create / Announce activity in FetchRemoteStatusService * Use activity URL in ActivityPub for reblogs * Redirect to the original status on StatusesController#show
2017-08-14Set correct content-type for ActivityPub JSON (#4592)Eugen Rochko
2017-08-13Add alternate links to ActivityPub resources from HTML/HEAD variants (#4586)Eugen Rochko
2017-07-15Improve ActivityPub representations (#3844)Eugen Rochko
* Improve webfinger templates and make tests more flexible * Clean up AS2 representation of actor * Refactor outbox * Create activities representation * Add representations of followers/following collections, do not redirect /users/:username route if format is empty * Remove unused translations * ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better URL/URI generation * Add ActivityPub::TagManager#to * Represent all attachments as Document instead of Image/Video specifically (Because for remote ones we may not know for sure) Add mentions and hashtags representation to AP notes * Add AP-resolvable hashtag URIs * Use ActiveModelSerializers for ActivityPub * Clean up unused translations * Separate route for object and activity * Adjust cc/to matrices * Add to/cc to activities, ensure announce activity embeds target status and not the wrapper status, add "id" to all collections
2017-05-29Extract authorization policy for viewing statuses (#3150)Jack Jennings
2017-03-22Prettier account and stream entry URLsEugen Rochko
2016-09-05PostStatusService can attach media to status, ProcessFeedService likewiseEugen Rochko
2016-08-24Adding React.js, Redux, revamping dashboardEugen Rochko
2016-03-25Fix subscriptions:clear task, refactor feeds, refactor streamable activitesEugen Rochko
and atom feed generation to some extent, as well as the way mentions are stored
2016-03-21Adding Turbolinks, adding status posting form on homepageEugen Rochko