Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								f685cbd309 
								
							 
						 
						
							
							
								
								Automatic checks of authentication / instance publicity. Definition of missing OAuth scopes in AdminAPIController. Refactoring.  
							
							
							
						 
						
							2020-04-21 16:29:19 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								66f55106bd 
								
							 
						 
						
							
							
								
								[ #1682 ] Fixed Basic Auth permissions issue by disabling OAuth scopes checks when password is provided. Refactored plugs skipping functionality.  
							
							
							
						 
						
							2020-04-17 21:21:10 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								bde1189c34 
								
							 
						 
						
							
							
								
								[ #2349 ] Made :skip_plug/2 prevent plug from being executed even if explicitly called. Refactoring. Tests.  
							
							
							
						 
						
							2020-04-15 21:19:16 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								bedf92e064 
								
							 
						 
						
							
							
								
								Merge remote-tracking branch 'remotes/origin/develop' into authenticated-api-oauth-check-enforcement  
							
							
							
						 
						
							2020-04-15 19:20:34 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Haelwenn 
								
							 
						 
						
							
							
							
							
								
							
							
								b1c1d2e5e1 
								
							 
						 
						
							
							
								
								Merge branch 'fix/1659-rate-limiter' into 'develop'  
							
							... 
							
							
							
							remote_ip plug adds remote_ip_found flag
Closes  #1659 
See merge request pleroma/pleroma!2390  
							
						 
						
							2020-04-15 15:26:55 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Alexander Strizhakov 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								22bde21c4f 
								
							 
						 
						
							
							
								
								remote_ip plug adds remote_ip_found flag  
							
							
							
						 
						
							2020-04-15 15:27:34 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									lain 
								
							 
						 
						
							
							
							
							
								
							
							
								6bc76df287 
								
							 
						 
						
							
							
								
								Uploads: Sandbox them in the CSP.  
							
							
							
						 
						
							2020-04-15 12:05:22 +02:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Maksim Pechnikov 
								
							 
						 
						
							
							
							
							
								
							
							
								c4e7ed660c 
								
							 
						 
						
							
							
								
								fix logger message  
							
							
							
						 
						
							2020-04-14 08:43:47 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								fc81e5a49c 
								
							 
						 
						
							
							
								
								Enforcement of OAuth scopes check for authenticated API endpoints, :skip_plug plug to mark a plug explicitly skipped (disabled).  
							
							
							
						 
						
							2020-04-06 10:20:44 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								c46d035f7b 
								
							 
						 
						
							
							
								
								rate limiter: disable based on if remote ip was found, not on if the plug was enabled  
							
							... 
							
							
							
							The current rate limiter disable logic won't trigger when the remote ip
is not forwarded, only when the remoteip plug is not enabled, which is
not the case on most instances since it's enabled by default. This
changes the behavior to warn and disable  when the remote ip was not forwarded,
even if the RemoteIP plug is enabled.
Also closes  #1620  
							
						 
						
							2020-03-16 00:15:21 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									lain 
								
							 
						 
						
							
							
							
							
								
							
							
								fa4ec17c84 
								
							 
						 
						
							
							
								
								Merge branch '1560-non-federating-instances-routes-restrictions' into 'develop'  
							
							... 
							
							
							
							[#1560 ] Restricted AP- & OStatus-related routes for non-federating instances
Closes  #1560 
See merge request pleroma/pleroma!2235  
							
						 
						
							2020-03-15 19:15:20 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Haelwenn 
								
							 
						 
						
							
							
							
							
								
							
							
								67a27825b1 
								
							 
						 
						
							
							
								
								Merge branch 'fix/rate-limiter-remoteip-behavior' into 'develop'  
							
							... 
							
							
							
							rate limiter: disable based on if remote ip was found, not on if the plug was enabled
Closes  #1620 
See merge request pleroma/pleroma!2296  
							
						 
						
							2020-03-15 14:22:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								0b823755a2 
								
							 
						 
						
							
							
								
								Merge branch 'fix/cache-control-headers' into 'develop'  
							
							... 
							
							
							
							Fix Cache Control headers on media
See merge request pleroma/pleroma!2295  
							
						 
						
							2020-03-15 17:01:04 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Phil Hagelberg 
								
							 
						 
						
							
							
							
							
								
							
							
								bd80ff9a6c 
								
							 
						 
						
							
							
								
								Fix static FE plug to handle missing Accept header.  
							
							
							
						 
						
							2020-03-15 17:00:06 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								ecb7809e92 
								
							 
						 
						
							
							
								
								Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions  
							
							... 
							
							
							
							# Conflicts:
#	lib/pleroma/plugs/static_fe_plug.ex 
							
						 
						
							2020-03-14 15:37:02 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								d88c8a9614 
								
							 
						 
						
							
							
								
								Merge branch 'fix/cache-control-headers' into 'develop'  
							
							... 
							
							
							
							Fix Cache Control headers on media
See merge request pleroma/pleroma!2295  
							
						 
						
							2020-03-14 11:19:42 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								6a28c198af 
								
							 
						 
						
							
							
								
								uploaded media plug: do not inject compile-time params on every request  
							
							
							
						 
						
							2020-03-13 22:12:33 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								658f30c0b3 
								
							 
						 
						
							
							
								
								Merge branch 'static-accept-missing' into 'develop'  
							
							... 
							
							
							
							Fix static FE plug to handle missing Accept header.
See merge request pleroma/pleroma!2260  
							
						 
						
							2020-03-13 18:46:54 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								fc4496d4fa 
								
							 
						 
						
							
							
								
								rate limiter: disable based on if remote ip was found, not on if the plug was enabled  
							
							... 
							
							
							
							The current rate limiter disable logic won't trigger when the remote ip
is not forwarded, only when the remoteip plug is not enabled, which is
not the case on most instances since it's enabled by default. This
changes the behavior to warn and disable  when the remote ip was not forwarded,
even if the RemoteIP plug is enabled.
Also closes  #1620  
							
						 
						
							2020-03-13 21:41:17 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Mark Felder 
								
							 
						 
						
							
							
							
							
								
							
							
								3b1b183b42 
								
							 
						 
						
							
							
								
								Synchronize cache-control header for local media with the mediaproxy  
							
							
							
						 
						
							2020-03-13 12:27:50 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Mark Felder 
								
							 
						 
						
							
							
							
							
								
							
							
								413177c8f0 
								
							 
						 
						
							
							
								
								Set correct Cache-Control header for local media  
							
							
							
						 
						
							2020-03-13 12:02:58 -05:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								5fc92deef3 
								
							 
						 
						
							
							
								
								[ #1560 ] Ensured authentication or enabled federation for federation-related routes. New tests + tests refactoring.  
							
							
							
						 
						
							2020-03-09 20:51:44 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								027714b519 
								
							 
						 
						
							
							
								
								Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions  
							
							
							
						 
						
							2020-03-06 11:48:30 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								40765875d4 
								
							 
						 
						
							
							
								
								[ #1560 ] Misc. improvements in ActivityPubController federation state restrictions.  
							
							
							
						 
						
							2020-03-05 21:19:21 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Mark Felder 
								
							 
						 
						
							
							
							
							
								
							
							
								05da5f5cca 
								
							 
						 
						
							
							
								
								Update Copyrights  
							
							
							
						 
						
							2020-03-03 16:44:49 -06:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								b6fc98d9cd 
								
							 
						 
						
							
							
								
								[ #1560 ] ActivityPubController federation state restrictions adjustments. Adjusted tests.  
							
							
							
						 
						
							2020-03-03 22:22:02 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								99a6c660a9 
								
							 
						 
						
							
							
								
								Merge remote-tracking branch 'remotes/origin/develop' into 1560-non-federating-instances-routes-restrictions  
							
							
							
						 
						
							2020-03-02 18:41:12 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Haelwenn (lanodan) Monnier 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6da6540036 
								
							 
						 
						
							
							
								
								Bump copyright years of files changed after 2020-01-07  
							
							... 
							
							
							
							Done via the following command:
git diff fcd5dd259a 
							
						 
						
							2020-03-02 06:08:45 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Phil Hagelberg 
								
							 
						 
						
							
							
							
							
								
							
							
								523f73dccd 
								
							 
						 
						
							
							
								
								Fix static FE plug to handle missing Accept header.  
							
							
							
						 
						
							2020-02-29 18:53:49 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								4d416343fa 
								
							 
						 
						
							
							
								
								rate limiter: Fix a race condition  
							
							... 
							
							
							
							When multiple requests are processed by rate limiter plug at the same
time and the bucket is not yet initialized, both would try to initialize
the bucket resulting in an internal server error. 
							
						 
						
							2020-03-01 01:13:07 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								c747260989 
								
							 
						 
						
							
							
								
								[ #2250 ] Tiny refactoring per merge request review.  
							
							
							
						 
						
							2020-02-29 22:04:09 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								3759b146c4 
								
							 
						 
						
							
							
								
								Apply suggestion to lib/pleroma/plugs/rate_limiter/rate_limiter.ex  
							
							
							
						 
						
							2020-02-28 13:33:42 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								6f2efb1c45 
								
							 
						 
						
							
							
								
								Runtime configurability of RateLimiter. Refactoring. Disabled default rate limits in tests.  
							
							
							
						 
						
							2020-02-27 18:46:05 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								0cf1d4fcd0 
								
							 
						 
						
							
							
								
								[ #1560 ] Restricted AP- & OStatus-related routes for non-federating instances.  
							
							
							
						 
						
							2020-02-22 19:48:41 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									lain 
								
							 
						 
						
							
							
							
							
								
							
							
								3eddd9caa6 
								
							 
						 
						
							
							
								
								Merge branch 'require-signature' into 'develop'  
							
							... 
							
							
							
							Add an option to require fetches to be signed
Closes  #1444 
See merge request pleroma/pleroma!2071  
							
						 
						
							2020-02-20 12:13:21 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								15ea75cd2a 
								
							 
						 
						
							
							
								
								Actually fix upload limit on OTP releases  
							
							... 
							
							
							
							Closes  #1109  
						
							2020-02-07 20:14:06 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								c27d1d65bf 
								
							 
						 
						
							
							
								
								Merge branch 'fix/disable-rate-limiter-for-socket-localhost' into 'develop'  
							
							... 
							
							
							
							Disable rate limiter for socket/localhost
Closes  #1380 
See merge request pleroma/pleroma!2064  
							
						 
						
							2020-01-30 19:24:04 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								5b62acf6e9 
								
							 
						 
						
							
							
								
								Merge branch 'develop' into fix/disable-rate-limiter-for-socket-localhost  
							
							
							
						 
						
							2020-01-30 22:16:55 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									lain 
								
							 
						 
						
							
							
							
							
								
							
							
								774cba84f5 
								
							 
						 
						
							
							
								
								Merge branch 'reenable-rate-limit-and-remote-ip' into 'develop'  
							
							... 
							
							
							
							Re-enable rate limiter and enable remote ip
See merge request pleroma/pleroma!2164  
							
						 
						
							2020-01-30 18:47:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									feld 
								
							 
						 
						
							
							
							
							
								
							
							
								36becd5573 
								
							 
						 
						
							
							
								
								Update http_security_plug.ex  
							
							
							
						 
						
							2020-01-30 14:07:41 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								889965141a 
								
							 
						 
						
							
							
								
								RemoteIp: only trust X-Forwarded-For  
							
							... 
							
							
							
							Our nginx config will happily pass `Forwarded`/`X-Real-IP` from the
client. Caddy, Apache and Varnish pass `X-Forwarded-For` as well anyway. 
							
						 
						
							2020-01-30 00:06:58 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								e07e7888d7 
								
							 
						 
						
							
							
								
								Fix credo warning  
							
							
							
						 
						
							2020-01-29 18:53:43 +04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								2bd4d6289b 
								
							 
						 
						
							
							
								
								Make the warning more scarier  
							
							
							
						 
						
							2020-01-29 18:43:23 +04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								6302b40791 
								
							 
						 
						
							
							
								
								Warn if HTTPSecurityPlug is disabled  
							
							
							
						 
						
							2020-01-28 19:14:09 +04:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Maksim Pechnikov 
								
							 
						 
						
							
							
							
							
								
							
							
								108a39c876 
								
							 
						 
						
							
							
								
								updated error messages for authentication process  
							
							
							
						 
						
							2020-01-17 15:01:37 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								39ce894a07 
								
							 
						 
						
							
							
								
								Merge remote-tracking branch 'remotes/origin/develop' into 1478-oauth-admin-scopes-tweaks  
							
							... 
							
							
							
							# Conflicts:
#	lib/pleroma/user.ex 
							
						 
						
							2020-01-10 16:18:32 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								6c94b7498b 
								
							 
						 
						
							
							
								
								[ #1478 ] OAuth admin tweaks: enforced OAuth admin scopes usage by default, migrated existing OAuth records. Adjusted tests.  
							
							
							
						 
						
							2020-01-10 10:52:21 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								775212121c 
								
							 
						 
						
							
							
								
								Verify HTTP signatures only when request accepts "activity+json" type  
							
							
							
						 
						
							2019-12-19 20:17:18 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								a12b6454bb 
								
							 
						 
						
							
							
								
								Add an option to require fetches to be signed  
							
							
							
						 
						
							2019-12-16 22:24:03 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								7973cbdb9f 
								
							 
						 
						
							
							
								
								OAuthScopesPlug: disallowed nil token (unless with :fallback option). WIP: controller tests modification: OAuth scopes usage.  
							
							
							
						 
						
							2019-12-15 22:32:42 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Maxim Filippov 
								
							 
						 
						
							
							
							
							
								
							
							
								eb11c60289 
								
							 
						 
						
							
							
								
								Disable rate limiter for socket/localhost (unless RemoteIp is enabled)  
							
							
							
						 
						
							2019-12-14 03:06:43 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								3920244be5 
								
							 
						 
						
							
							
								
								[ #1427 ] Fixed :admin option handling in OAuthScopesPlug, added tests.  
							
							
							
						 
						
							2019-12-11 11:42:02 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								835ac2157c 
								
							 
						 
						
							
							
								
								Merge remote-tracking branch 'remotes/upstream/develop' into 1427-oauth-admin-scopes  
							
							... 
							
							
							
							# Conflicts:
#	CHANGELOG.md 
							
						 
						
							2019-12-10 08:55:14 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								3c45ed4f47 
								
							 
						 
						
							
							
								
								OTP: Fix runtime upload limit config being ignored  
							
							... 
							
							
							
							Closes  #1109  
						
							2019-12-08 21:08:25 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								1770602747 
								
							 
						 
						
							
							
								
								[ #1427 ] Extra check that admin OAuth scope is used by admin. Adjusted tests.  
							
							
							
						 
						
							2019-12-07 17:49:53 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								40e1817f70 
								
							 
						 
						
							
							
								
								[ #1427 ] Fixes / improvements of admin scopes support. Added tests.  
							
							
							
						 
						
							2019-12-06 20:33:47 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								93a80ee915 
								
							 
						 
						
							
							
								
								[ #1427 ] Bugfix for enforce_oauth_admin_scope_usage. Admin API documentation entry.  
							
							
							
						 
						
							2019-12-06 16:56:23 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								af42c00cff 
								
							 
						 
						
							
							
								
								[ #1427 ] Reworked admin scopes support.  
							
							... 
							
							
							
							Requalified users.is_admin flag as legacy accessor to admin actions in case token lacks admin scope(s). 
							
						 
						
							2019-12-06 00:25:44 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
								
								
							
							
							
								
							
							
								36686f5245 
								
							 
						 
						
							
							
								
								Support authentication via x-admin-token HTTP header  
							
							
							
						 
						
							2019-11-19 15:58:20 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								22554ac5ca 
								
							 
						 
						
							
							
								
								Merge branch 'bugfix/1395-email-activation' into 'develop'  
							
							... 
							
							
							
							Bugfix/1395 email activation
Closes  #1395 
See merge request pleroma/pleroma!1965  
							
						 
						
							2019-11-15 14:11:48 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									lain 
								
							 
						 
						
							
							
							
							
								
							
							
								f17e0f8e4f 
								
							 
						 
						
							
							
								
								OAuthPlug, Router: Handle deactivated users in the UserEnabledPlug  
							
							
							
						 
						
							2019-11-15 14:13:21 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									kaniini 
								
							 
						 
						
							
							
							
							
								
							
							
								2cc043591c 
								
							 
						 
						
							
							
								
								Merge branch 'feature/static-fe' into 'develop'  
							
							... 
							
							
							
							Static frontend
See merge request pleroma/pleroma!1917  
							
						 
						
							2019-11-11 19:10:44 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Steven Fuchs 
								
							 
						 
						
							
							
							
							
								
							
							
								94627baa5c 
								
							 
						 
						
							
							
								
								New rate limiter  
							
							
							
						 
						
							2019-11-11 12:13:06 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									lain 
								
							 
						 
						
							
							
							
							
								
							
							
								f6056e9c9c 
								
							 
						 
						
							
							
								
								UserEnabledPlug: Don't authenticate unconfirmed users.  
							
							
							
						 
						
							2019-11-11 12:43:46 +01:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Phil Hagelberg 
								
							 
						 
						
							
							
							
							
								
							
							
								886a07ba57 
								
							 
						 
						
							
							
								
								Move static_fe config to its own section instead of in :instance.  
							
							
							
						 
						
							2019-11-09 18:08:45 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Phil Hagelberg 
								
							 
						 
						
							
							
							
							
								
							
							
								8969c5522d 
								
							 
						 
						
							
							
								
								Make many of the improvements suggested in review.  
							
							
							
						 
						
							2019-11-09 18:08:08 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Phil Hagelberg 
								
							 
						 
						
							
							
							
							
								
							
							
								e8bee35578 
								
							 
						 
						
							
							
								
								Static FE plug should only respond to text/html requests.  
							
							
							
						 
						
							2019-11-09 18:08:08 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Phil Hagelberg 
								
							 
						 
						
							
							
							
							
								
							
							
								dc3b87d153 
								
							 
						 
						
							
							
								
								Move static FE routing into its own plug.  
							
							... 
							
							
							
							Previously it was piggybacking on FallbackRedirectController for users
and OStatusController for notices; now it's all in one place. 
							
						 
						
							2019-11-09 18:08:08 -08:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								365657320c 
								
							 
						 
						
							
							
								
								Fix TrailingFormatPlug not being active for /api/oauth_tokens  
							
							
							
						 
						
							2019-11-06 17:22:23 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								10ff01acd9 
								
							 
						 
						
							
							
								
								[ #1304 ] Moved all non-mutes / non-blocks fields from User.Info to User. WIP.  
							
							
							
						 
						
							2019-10-16 21:59:21 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								64095961fe 
								
							 
						 
						
							
							
								
								[ #1234 ] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes  
							
							... 
							
							
							
							# Conflicts:
#	CHANGELOG.md
#	lib/pleroma/web/mastodon_api/controllers/mastodon_api_controller.ex
#	lib/pleroma/web/router.ex 
							
						 
						
							2019-10-02 20:42:40 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									minibikini 
								
							 
						 
						
							
							
							
							
								
							
							
								f9380289eb 
								
							 
						 
						
							
							
								
								Add remote_ip plug  
							
							
							
						 
						
							2019-09-27 21:59:23 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								e4f3d7f69d 
								
							 
						 
						
							
							
								
								Apply suggestion to lib/pleroma/plugs/oauth_scopes_plug.ex  
							
							
							
						 
						
							2019-09-18 10:31:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								01c1078015 
								
							 
						 
						
							
							
								
								[ #1234 ] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes  
							
							... 
							
							
							
							# Conflicts:
#	lib/pleroma/web/activity_pub/activity_pub_controller.ex 
							
						 
						
							2019-09-17 22:53:26 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								efbc2edba1 
								
							 
						 
						
							
							
								
								[ #1234 ] Merge remote-tracking branch 'remotes/upstream/develop' into 1234-mastodon-2-4-3-oauth-scopes  
							
							... 
							
							
							
							# Conflicts:
#	lib/pleroma/web/activity_pub/activity_pub_controller.ex
#	lib/pleroma/web/router.ex 
							
						 
						
							2019-09-15 18:52:27 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								e6f43a831b 
								
							 
						 
						
							
							
								
								[ #1234 ] Permissions-related fixes / new functionality (Masto 2.4.3 scopes).  
							
							
							
						 
						
							2019-09-15 18:22:08 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								b0e6058021 
								
							 
						 
						
							
							
								
								Parse http signature for request to objects/activities  
							
							
							
						 
						
							2019-09-12 23:03:52 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								dabc4a00f5 
								
							 
						 
						
							
							
								
								Put the cache with the right key when using a tracking function  
							
							
							
						 
						
							2019-09-12 22:10:15 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								769fb778d4 
								
							 
						 
						
							
							
								
								Track object/create activity fetches  
							
							
							
						 
						
							2019-09-12 21:37:36 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									minibikini 
								
							 
						 
						
							
							
							
							
								
							
							
								11e12b5761 
								
							 
						 
						
							
							
								
								Add Pleroma.Plugs.Cache  
							
							
							
						 
						
							2019-09-09 18:53:08 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								b63faf9819 
								
							 
						 
						
							
							
								
								[ #1234 ] Mastodon 2.4.3 hierarchical scopes initial support (WIP).  
							
							
							
						 
						
							2019-09-08 15:00:03 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								3523bdcf26 
								
							 
						 
						
							
							
								
								Call TrailingFormatPlug for /api/pleroma/emoji  
							
							... 
							
							
							
							Apparently Pleroma-FE still calls it with trailing '.json' 
							
						 
						
							2019-09-05 22:21:20 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									rinpatch 
								
							 
						 
						
							
							
							
							
								
							
							
								cc1d1ee406 
								
							 
						 
						
							
							
								
								Mastdon API: Add ability to get a remote account by nickname to  
							
							... 
							
							
							
							`/api/v1/accounts/:id` 
							
						 
						
							2019-09-03 19:26:10 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Maksim 
								
							 
						 
						
							
							
							
							
								
							
							
								55341ac717 
								
							 
						 
						
							
							
								
								tests WebFinger  
							
							
							
						 
						
							2019-07-24 15:13:10 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									kaniini 
								
							 
						 
						
							
							
							
							
								
							
							
								716afc83ce 
								
							 
						 
						
							
							
								
								Merge branch 'refactor/http-signature-plug' into 'develop'  
							
							... 
							
							
							
							http signature plug: separation of concerns
See merge request pleroma/pleroma!1449  
							
						 
						
							2019-07-19 16:57:24 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ariadne Conill 
								
							 
						 
						
							
							
							
							
								
							
							
								c947cfec5a 
								
							 
						 
						
							
							
								
								mapped signature plug: use user assign like authentication plug  
							
							
							
						 
						
							2019-07-18 20:31:25 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Maksim 
								
							 
						 
						
							
							
							
							
								
							
							
								f435217e50 
								
							 
						 
						
							
							
								
								tests for Plugs.AuthenticationPlug  
							
							
							
						 
						
							2019-07-18 20:29:51 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ariadne Conill 
								
							 
						 
						
							
							
							
							
								
							
							
								a8af0ac053 
								
							 
						 
						
							
							
								
								mapped signature plug: fix user lookup  
							
							
							
						 
						
							2019-07-18 16:27:50 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ariadne Conill 
								
							 
						 
						
							
							
							
							
								
							
							
								5ea0cd69f7 
								
							 
						 
						
							
							
								
								mapped signature plug: don't invalidate in cases where a signature is actually not present (testsuite)  
							
							
							
						 
						
							2019-07-18 16:01:21 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ariadne Conill 
								
							 
						 
						
							
							
							
							
								
							
							
								184fa61fb3 
								
							 
						 
						
							
							
								
								plugs: add MappedSignatureToIdentityPlug  
							
							
							
						 
						
							2019-07-18 15:38:45 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ariadne Conill 
								
							 
						 
						
							
							
							
							
								
							
							
								88d064d80e 
								
							 
						 
						
							
							
								
								http signature plug: remove redundant checks handled by HTTPSignatures library  
							
							... 
							
							
							
							the redundant checks assumed a POST request, which will not work for signed GETs.
this check was originally needed because the HTTPSignatures adapter assumed that
the requests were also POST requests.  but now, the adapter has been corrected. 
							
						 
						
							2019-07-18 15:11:21 +00:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Moonman 
								
							 
						 
						
							
							
							
							
								
							
							
								105f437ce9 
								
							 
						 
						
							
							
								
								formatting  
							
							
							
						 
						
							2019-07-15 08:36:51 -07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Moonman 
								
							 
						 
						
							
							
							
							
								
							
							
								f98f7ad1b9 
								
							 
						 
						
							
							
								
								detect and use sha512-crypt for stored password hash.  
							
							
							
						 
						
							2019-07-14 09:48:42 -07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Ivan Tashkinov 
								
							 
						 
						
							
							
							
							
								
							
							
								369e9bb42f 
								
							 
						 
						
							
							
								
								[ #1041 ] Rate-limited status actions (per user and per user+status).  
							
							
							
						 
						
							2019-07-13 14:49:39 +03:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
							
							
								
							
							
								ed8ce21a22 
								
							 
						 
						
							
							
								
								Fix unused import warning  
							
							
							
						 
						
							2019-07-10 18:10:09 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
							
							
								
							
							
								a42da8f311 
								
							 
						 
						
							
							
								
								Fix response  
							
							
							
						 
						
							2019-07-10 18:10:09 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
							
							
								
							
							
								5104f65b69 
								
							 
						 
						
							
							
								
								Wrap error messages into gettext helpers  
							
							
							
						 
						
							2019-07-10 18:10:09 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
							
							
								
							
							
								0d54a571ca 
								
							 
						 
						
							
							
								
								Add SetLocalePlug  
							
							
							
						 
						
							2019-07-10 18:08:03 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
							
							
								
							
							
								889a9c3a3f 
								
							 
						 
						
							
							
								
								Polish IdempotencyPlug  
							
							
							
						 
						
							2019-06-27 01:53:58 +07:00 
							
								 
							
						 
					 
				
					
						
							
								
								
									Egor Kislitsyn 
								
							 
						 
						
							
							
							
							
								
							
							
								159630b21c 
								
							 
						 
						
							
							
								
								Fix credo warning  
							
							
							
						 
						
							2019-06-26 19:19:07 +07:00