From 5f0fc639dada7a58d2bb5524b4ec081ee6cc143f Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 7 Apr 2022 20:17:49 +0200 Subject: Fix error re-running some migrations if they get interrupted at the wrong moment (#17989) --- lib/mastodon/migration_helpers.rb | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lib') diff --git a/lib/mastodon/migration_helpers.rb b/lib/mastodon/migration_helpers.rb index e920ff88f..beef83362 100644 --- a/lib/mastodon/migration_helpers.rb +++ b/lib/mastodon/migration_helpers.rb @@ -813,6 +813,9 @@ module Mastodon def update_index(table_name, index_name, columns, **index_options) if index_name_exists?(table_name, "#{index_name}_new") && index_name_exists?(table_name, index_name) remove_index table_name, "#{index_name}_new" + elsif index_name_exists?(table_name, "#{index_name}_new") + # Very unlikely case where the script has been interrupted during/after removal but before renaming + rename_index table_name, "#{index_name}_new", index_name end begin -- cgit From cb45c04d2642291cedd85b2483f0d827d130d6e2 Mon Sep 17 00:00:00 2001 From: Claire Date: Thu, 7 Apr 2022 20:46:30 +0200 Subject: Fix migration error handling (#17991) --- lib/mastodon/migration_helpers.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib') diff --git a/lib/mastodon/migration_helpers.rb b/lib/mastodon/migration_helpers.rb index beef83362..2ab8150ec 100644 --- a/lib/mastodon/migration_helpers.rb +++ b/lib/mastodon/migration_helpers.rb @@ -812,7 +812,7 @@ module Mastodon # removing the old one def update_index(table_name, index_name, columns, **index_options) if index_name_exists?(table_name, "#{index_name}_new") && index_name_exists?(table_name, index_name) - remove_index table_name, "#{index_name}_new" + remove_index table_name, name: "#{index_name}_new" elsif index_name_exists?(table_name, "#{index_name}_new") # Very unlikely case where the script has been interrupted during/after removal but before renaming rename_index table_name, "#{index_name}_new", index_name -- cgit From 6e418bf3465d2df6b47e9b43d3b960504b81e8fb Mon Sep 17 00:00:00 2001 From: Eugen Rochko Date: Fri, 8 Apr 2022 12:47:18 +0200 Subject: Fix cookies secure flag being set when served over Tor (#17992) --- config/application.rb | 1 - config/initializers/devise.rb | 4 +--- config/initializers/session_store.rb | 2 +- lib/action_dispatch/cookie_jar_extensions.rb | 25 ------------------------- 4 files changed, 2 insertions(+), 30 deletions(-) delete mode 100644 lib/action_dispatch/cookie_jar_extensions.rb (limited to 'lib') diff --git a/config/application.rb b/config/application.rb index bed935ce3..a1ba71f61 100644 --- a/config/application.rb +++ b/config/application.rb @@ -40,7 +40,6 @@ require_relative '../lib/devise/two_factor_pam_authenticatable' require_relative '../lib/chewy/strategy/custom_sidekiq' require_relative '../lib/webpacker/manifest_extensions' require_relative '../lib/webpacker/helper_extensions' -require_relative '../lib/action_dispatch/cookie_jar_extensions' require_relative '../lib/rails/engine_extensions' require_relative '../lib/active_record/database_tasks_extensions' require_relative '../lib/active_record/batches' diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index b434c68fa..c55bea7a7 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -8,7 +8,6 @@ Warden::Manager.after_set_user except: :fetch do |user, warden| value: session_id, expires: 1.year.from_now, httponly: true, - secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'), same_site: :lax, } end @@ -23,7 +22,6 @@ Warden::Manager.after_fetch do |user, warden| value: session_id, expires: 1.year.from_now, httponly: true, - secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'), same_site: :lax, } else @@ -265,7 +263,7 @@ Devise.setup do |config| # Options to be passed to the created cookie. For instance, you can set # secure: true in order to force SSL only cookies. - config.rememberable_options = { secure: true } + config.rememberable_options = {} # ==> Configuration for :validatable # Range for password length. diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index 3d9bf96fd..210964b1f 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -2,5 +2,5 @@ Rails.application.config.session_store :cookie_store, key: '_mastodon_session', - secure: (Rails.env.production? || ENV['LOCAL_HTTPS'] == 'true'), + secure: false, # All cookies have their secure flag set by the force_ssl option in production same_site: :lax diff --git a/lib/action_dispatch/cookie_jar_extensions.rb b/lib/action_dispatch/cookie_jar_extensions.rb deleted file mode 100644 index 1be9053ba..000000000 --- a/lib/action_dispatch/cookie_jar_extensions.rb +++ /dev/null @@ -1,25 +0,0 @@ -# frozen_string_literal: true - -module ActionDispatch - module CookieJarExtensions - private - - # Monkey-patch ActionDispatch to serve secure cookies to Tor Hidden Service - # users. Otherwise, ActionDispatch would drop the cookie over HTTP. - def write_cookie?(*) - request.host.end_with?('.onion') || super - end - end -end - -ActionDispatch::Cookies::CookieJar.prepend(ActionDispatch::CookieJarExtensions) - -module Rack - module SessionPersistedExtensions - def security_matches?(request, options) - request.host.end_with?('.onion') || super - end - end -end - -Rack::Session::Abstract::Persisted.prepend(Rack::SessionPersistedExtensions) -- cgit