| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2018-10-12 | Fix microformats on statuses according to updated spec (#8958) | Eugen Rochko | |
| 2018-10-12 | Fix type of conversation ID in conversations API (#8961) | Eugen Rochko | |
| 2018-10-12 | Improve signature verification safeguards (#8959) | Eugen Rochko | |
| * Downcase signed_headers string before building the signed string The HTTP Signatures draft does not mandate the “headers” field to be downcased, but mandates the header field names to be downcased in the signed string, which means that prior to this patch, Mastodon could fail to process signatures from some compliant clients. It also means that it would not actually check the Digest of non-compliant clients that wouldn't use a lowercased Digest field name. Thankfully, I don't know of any such client. * Revert "Remove dead code (#8919)" This reverts commit a00ce8c92c06f42109aad5cfe65d46862cf037bb. * Restore time window checking, change it to 12 hours By checking the Date header, we can prevent replaying old vulnerable signatures. The focus is to prevent replaying old vulnerable requests from software that has been fixed in the meantime, so a somewhat long window should be fine and accounts for timezone misconfiguration. * Escape users' URLs when formatting them Fixes possible HTML injection * Escape all string interpolations in Formatter class Slightly improve performance by reducing class allocations from repeated Formatter#encode calls * Fix code style issues | |||
| 2018-10-11 | Merge pull request #775 from ThibG/glitch-soc/merge-upstream | ThibG | |
| Merge upstream changes | |||
| 2018-10-11 | Set Content-Security-Policy rules through RoR's config (#8957) | ThibG | |
| * Set CSP rules in RoR's configuration * Override CSP setting in the embed controller to allow frames | |||
| 2018-10-11 | Merge commit 'ac7df62a0441b95ec04fd9111a9394795dd53ff2' into ↵ | Thibaut Girka | |
| glitch-soc/merge-upstream | |||
| 2018-10-11 | Fix typo in ActivityPub Create handler (#8952) | Eugen Rochko | |
| Regression from #8951 | |||
| 2018-10-11 | Do not push DMs into the home feed (#8940) | Eugen Rochko | |
| * Do not push DMs into the home feed * Show DMs column after sending a DM, if DMs column is not already shown | |||
| 2018-10-11 | Move network calls out of transaction in ActivityPub handler (#8951) | Eugen Rochko | |
| Mention and emoji code may perform network calls, but does not need to do that inside the database transaction. This may improve availability of database connections when using pgBouncer in transaction mode. | |||
| 2018-10-10 | Really fix HotKeys | Thibaut Girka | |
| 2018-10-10 | Add description meta tag additionally to og:description (#8941) | Eugen Rochko | |
| Fix #8685 | |||
| 2018-10-10 | Add dns-prefetch if using different host for assets or uploads (#8942) | Eugen Rochko | |
| 2018-10-09 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka | |
| Conflicts: app/javascript/packs/public.js Changes made to app/javascript/packs/publics.js were applied to app/javascript/core/settings.js | |||
| 2018-10-09 | Fix that the copy button of verify link did not work. (#8938) | mayaeh | |
| 2018-10-09 | Track historical space stats in PgHero to determine PostgreSQL growth (#8906) | Eugen Rochko | |
| 2018-10-09 | Fix CW icon color in local-settings modal | Thibaut Girka | |
| 2018-10-09 | Define some local-settings hints | Thibaut Girka | |
| 2018-10-09 | Add support for hints (or extended descriptions) in local-settings pages | Thibaut Girka | |
| 2018-10-09 | When screen width is too narrow, hide local-settings page text, keep only icons | Thibaut Girka | |
| 2018-10-09 | Change “preferences” icon to match settings page icon | Thibaut Girka | |
| 2018-10-09 | Add icons for each of the local-setting pages | Thibaut Girka | |
| 2018-10-09 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka | |
| 2018-10-09 | Merge pull request #770 from ThibG/glitch-soc/merge-upstream | ThibG | |
| Merge upstream changes | |||
| 2018-10-09 | Fix app-wide hotkeys randomly failing to work | Thibaut Girka | |
| 2018-10-09 | Add Japanese translations. (#8927) | mayaeh | |
| 2018-10-08 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka | |
| 2018-10-08 | Fixed error occurrence when pinning the DM column. (#8922) | mayaeh | |
| 2018-10-08 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka | |
| 2018-10-08 | Move “Show action buttons in collapsed toots” option | Thibaut Girka | |
| 2018-10-08 | Switch from selects to radio buttons for local settings, improve styling | Thibaut Girka | |
| 2018-10-08 | rubocop issues - Cleaning up (#8912) | ashleyhull-versent | |
| * cleanup pass * undo mistakes * fixed. * revert | |||
| 2018-10-08 | Remove dead code (#8919) | Eugen Rochko | |
| SignatureVerification#matches_time_window? is not called anywhere. | |||
| 2018-10-08 | Replace SVG asset with Custom mascot (#8766) | ashleyhull-versent | |
| 2018-10-07 | Add conversations API (#8832) | Eugen Rochko | |
| * Add conversations API * Add web UI for conversations * Add test for conversations API * Add tests for ConversationAccount * Improve web UI * Rename ConversationAccount to AccountConversation * Remove conversations on block and mute * Change last_status_id to be a denormalization of status_ids * Add optimistic locking | |||
| 2018-10-07 | [Glitch] Change documentation URL | Thibaut Girka | |
| Port 28401962caff028f328d674878e1f0abd16ffdfd to glitch-soc | |||
| 2018-10-07 | [Glitch] RTL: fix margins of public-account-header__tabs | Thibaut Girka | |
| Port 185cb2dc3aac59ee27aa962fff48b064bd638567 to glitch-soc | |||
| 2018-10-07 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka | |
| 2018-10-07 | Ensure only toots from the reported users are reported (#8916) | ThibG | |
| 2018-10-07 | Do not scroll timelines when *closing* media modals | Thibaut Girka | |
| Media modals push an history state so that pressing back on mobile closes them. We made sure to not scroll when opening them, but not when *closing* them, which caused some issues in rare cases. | |||
| 2018-10-06 | i18n: Update Polish translation (#8901) | Marcin Mikołajczak | |
| Signed-off-by: Marcin Mikołajczak <me@m4sk.in> | |||
| 2018-10-06 | Change documentation URL (#8898) | Eugen Rochko | |
| * Change documentation URL * Fix hardcoded documentation URL in locales | |||
| 2018-10-06 | RTL: fix margins of public-account-header__tabs (#8897) | Masoud Abkenar | |
| * RTL: fix margins of public-account-header__tabs * fix style * even more stylish code :) | |||
| 2018-10-05 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka | |
| 2018-10-05 | Leave unknown language as nil if account is remote (#8861) | Jeong Arm | |
| * Force use language detector if account is remote * Set unknown remote toot's language as nil | |||
| 2018-10-05 | [Glitch] Add a confirmation dialog when hitting reply and the compose box ↵ | Thibaut Girka | |
| isn't empty | |||
| 2018-10-05 | Add a confirmation dialog when hitting reply and the compose box isn't empty ↵ | ThibG | |
| (#8893) * Add a confirmation dialog when hitting reply and the compose box isn't empty Fixes #878 * Performance improvement | |||
| 2018-10-05 | Merge branch 'master' into glitch-soc/merge-upstream | Thibaut Girka | |
| Conflicts: db/migrate/20170716191202_add_hide_notifications_to_mute.rb spec/controllers/application_controller_spec.rb Took our version, upstream changes were only minor style linting. | |||
| 2018-10-04 | Limit the number of people that can be followed from one account (#8807) | Eugen Rochko | |
| Configurable soft limit of 7,500, and above that, configurable ratio of 1.1 * followers, controlled by: - MAX_FOLLOWS_THRESHOLD - MAX_FOLLOWS_RATIO Fix #2311 | |||
| 2018-10-04 | Change admin accounts default sort to most recent (#8813) | Eugen Rochko | |
| 2018-10-04 | Fix link verification for remote accounts (#8868) | Eugen Rochko | |
 |
index : mastodon | |
| Plural Café fork of Mastodon/Glitch Social |
| about summary refs log tree commit diff |