Age | Commit message (Collapse) | Author | |
---|---|---|---|
2018-01-17 | implement web share target (#6278) | りんすき | |
* web share target * fix * fix | |||
2018-01-15 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-15 | Suppress CSRF token warnings (#6240) | Patrick Figel | |
CSRF token checking was enabled for API controllers in #6223, producing "Can't verify CSRF token authenticity" log spam. This disables logging of failed CSRF checks. This also changes the protection strategy for PushSubscriptionsController to use exceptions, making it consistent with other controllers that use sessions. | |||
2018-01-10 | Thank you, Officer Murphy | David Yip | |
2018-01-10 | The flavour parameter is unused, so omit it (#317) | David Yip | |
2018-01-10 | Allow for user object to be empty. Fixes #317. | David Yip | |
If a flavour has only one skin, the skin selector will be omitted. This omits the user[setting_skin] field, and because that's the only user[...] field on the page, the entire user object will not be present in the request handler's params object. This commit accounts for that scenario by avoiding params.require(:user) and instead picking out what we need from the params hash. | |||
2018-01-09 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-08 | Refactor /api/web APIs to use the centralized axios instance (#6223) | nightpool | |
Also adds the ability to decouple the centralized axios logic from the state dispatcher | |||
2018-01-08 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-08 | Revert #5772 (#6221) | Eugen Rochko | |
2018-01-07 | Merge remote-tracking branch 'personal/merge/tootsuite/master' into gs-master | David Yip | |
2018-01-07 | Use error pack when rendering error pages. Fixes #305. | David Yip | |
2018-01-07 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-07 | Fix force_ssl conditional (#6201) | Yamagishi Kazutoshi | |
2018-01-07 | Fix unintended cache (#6214) | Yamagishi Kazutoshi | |
2018-01-07 | Merge remote-tracking branch 'ykzts/fix-unintended-cache' into gs-master | David Yip | |
2018-01-07 | Fix unintended cache | Yamagishi Kazutoshi | |
2018-01-05 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-05 | Represent numbers by strings in instance activity API (#6198) | TheKinrar | |
Fixes #6197. | |||
2018-01-04 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-04 | Make sure private toots remain private and do not end up in HTTP caches (#6175) | ThibG | |
2018-01-04 | Cache JSON of immutable ActivityPub representations (#6171) | Eugen Rochko | |
2018-01-03 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-03 | Allow to dereference Follow object for ActivityPub (#5772) | Akihiko Odaki | |
* Allow to dereference Follow object for ActivityPub * Accept IRI as object representation for Accept activity | |||
2018-01-03 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2018-01-03 | Allow HTTP caching of json view of public statuses (#6115) | ThibG | |
* Allow HTTP caching of json view of public statuses HTML views are not cached as they can contain private statuses as well * Disable session cookies for ActivityPub json rendering of public toots | |||
2018-01-02 | Add confirmation step for email changes (#6071) | Patrick Figel | |
* Add confirmation step for email changes This adds a confirmation step for email changes of existing users. Like the initial account confirmation, a confirmation link is sent to the new address. Additionally, a notification is sent to the existing address when the change is initiated. This message includes instruction to reset the password immediately or to contact the instance admin if the change was not initiated by the account owner. Fixes #3871 * Add review fixes | |||
2018-01-02 | Merge remote-tracking branch 'origin/master' into merge-upstream | David Yip | |
Conflicts: app/controllers/authorize_follows_controller.rb app/javascript/styles/mastodon/components.scss | |||
2018-01-02 | Show mastodon on modal (#6129) | Akihiko Odaki | |
2017-12-30 | Merge remote-tracking branch 'origin/master' into merge-upstream | David Yip | |
Conflicts: app/controllers/auth/confirmations_controller.rb | |||
2017-12-30 | keep the same filters and page when doing custom emojo stuff (fixes #6112) ↵ | beatrix | |
(#6114) | |||
2017-12-29 | Add more instance stats APIs (#6125) | Eugen Rochko | |
* Add GET /api/v1/instance/peers API to reveal known domains * Add GET /api/v1/instance/activity API * Make new APIs disableable, exclude private statuses from activity stats * Fix code style issue * Fix week timestamps | |||
2017-12-27 | Make host_meta/webfinger replies cacheable (fixes #6100) (#6101) | ThibG | |
* Make host_meta/webfinger replies cacheable (fixes #6100) Drop common code for handling users and sessions as webfinger queries are very basic, public APIs. Also explicitly mark results as cacheable with “expires_in”. * Add “Vary: Accept” header for caching since content-negociation is used | |||
2017-12-20 | Set packs on 2FA-related pages. Fixes #271. | David Yip | |
Specifically, this commit: - changes S::TFA::{Confirmations,RecoveryCodes}Controller to derive from S::BaseController, because this gives us the necessary actions and packs - prepends set_pack to Auth::SessionsController's action chain so that it takes effect in time for render :two_factor | |||
2017-12-15 | Merge branch 'gs-master' into prevent-local-only-federation | David Yip | |
Conflicts: db/schema.rb | |||
2017-12-15 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2017-12-14 | Fix #6022 - Prevent nested migrated accounts, or migrations to self (#6026) | Eugen Rochko | |
2017-12-13 | Merge remote-tracking branch 'tootsuite/master' into glitchsoc/master | Jenkins | |
2017-12-13 | Add filters to admin UI for custom emojis (#6003) | Eugen Rochko | |
2017-12-13 | Clean up admin UI for accounts (#6004) | Eugen Rochko | |
* Add staff filter to admin UI for accounts, remove obsolete columns * Only display OStatus section in admin UI for accounts when OStatus data | |||
2017-12-12 | Merge remote-tracking branch 'tootsuite/master' into merge-upstream | David Yip | |
2017-12-12 | Fix #5953 - Add GET /api/v1/accounts/:id/lists (#5983) | Eugen Rochko | |
2017-12-11 | change pack to 'auth' | cwm | |
2017-12-11 | load pack | cwm | |
2017-12-11 | move outbox filtering to Status#permitted_for (as per @ekiru) | Erin | |
2017-12-11 | Merge pull request #254 from glitch-soc/new-theme-ux | beatrix | |
New flavour/skin UX | |||
2017-12-11 | Apply a 25x rate limit by IP even to authenticated requests (#5948) | Eugen Rochko | |
2017-12-11 | Add missing set_pack def/filter in OAuth::AuthorizedApplicationsController. | David Yip | |
2017-12-10 | Moved flavour UI into own prefs tab | kibigo! | |
2017-12-10 | filter local-only toots from AP outboxes | Erin | |