From 679b7158e3cd3881e8cbaf2d2c0c97725b3b5fd9 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Wed, 18 May 2022 23:29:14 +0200 Subject: Change search indexing to use batches to minimize resource usage (#18451) --- config/initializers/chewy.rb | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'config/initializers') diff --git a/config/initializers/chewy.rb b/config/initializers/chewy.rb index f303fc54d..752fc3c6d 100644 --- a/config/initializers/chewy.rb +++ b/config/initializers/chewy.rb @@ -13,15 +13,14 @@ Chewy.settings = { journal: false, user: user, password: password, - sidekiq: { queue: 'pull' }, } # We use our own async strategy even outside the request-response # cycle, which takes care of checking if Elasticsearch is enabled # or not. However, mind that for the Rails console, the :urgent # strategy is set automatically with no way to override it. -Chewy.root_strategy = :custom_sidekiq -Chewy.request_strategy = :custom_sidekiq +Chewy.root_strategy = :mastodon +Chewy.request_strategy = :mastodon Chewy.use_after_commit_callbacks = false module Chewy -- cgit From 96129c2f10a82520648f6ae04e585cf797403617 Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Thu, 26 May 2022 22:03:54 +0200 Subject: Fix confirmation redirect to app without `Location` header (#18523) --- app/controllers/auth/confirmations_controller.rb | 2 +- app/lib/application_extension.rb | 4 ++++ config/initializers/doorkeeper.rb | 7 +++++++ 3 files changed, 12 insertions(+), 1 deletion(-) (limited to 'config/initializers') diff --git a/app/controllers/auth/confirmations_controller.rb b/app/controllers/auth/confirmations_controller.rb index 1475bbcef..010fd3755 100644 --- a/app/controllers/auth/confirmations_controller.rb +++ b/app/controllers/auth/confirmations_controller.rb @@ -40,7 +40,7 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController def after_confirmation_path_for(_resource_name, user) if user.created_by_application && truthy_param?(:redirect_to_app) - user.created_by_application.redirect_uri + user.created_by_application.confirmation_redirect_uri else super end diff --git a/app/lib/application_extension.rb b/app/lib/application_extension.rb index a1fea6430..d61ec0e6e 100644 --- a/app/lib/application_extension.rb +++ b/app/lib/application_extension.rb @@ -12,4 +12,8 @@ module ApplicationExtension def most_recently_used_access_token @most_recently_used_access_token ||= access_tokens.where.not(last_used_at: nil).order(last_used_at: :desc).first end + + def confirmation_redirect_uri + redirect_uri.lines.first.strip + end end diff --git a/config/initializers/doorkeeper.rb b/config/initializers/doorkeeper.rb index f78db8653..84b649f5c 100644 --- a/config/initializers/doorkeeper.rb +++ b/config/initializers/doorkeeper.rb @@ -128,6 +128,13 @@ Doorkeeper.configure do # force_ssl_in_redirect_uri false + # Specify what redirect URI's you want to block during Application creation. + # Any redirect URI is whitelisted by default. + # + # You can use this option in order to forbid URI's with 'javascript' scheme + # for example. + forbid_redirect_uri { |uri| %w[data vbscript javascript].include?(uri.scheme.to_s.downcase) } + # Specify what grant flows are enabled in array of Strings. The valid # strings and the flows they enable are: # -- cgit