nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19817 commits 4 branches 0 tags 121 MiB
Commit graph

527 commits

Author SHA1 Message Date
Jonne Haß
08395cc877 Migrate configuration to TOML 
YAML is just too easy to get wrong

closes #8132
 2020-09-04 21:48:54 +02:00
Dennis Schubert
71023a8713
Replace secret_token with secret_key_base. 
secrets.secret_token is deprecated in favor of secret_key_base and will be removed in Rails 6.0.
 2020-02-11 23:54:55 +01:00
Benjamin Neff
df4e79b842
Cleanup pending photos which were never posted with cronjob 
Only delete photos older than a day, so we don't delete photos for posts
which were uploaded 10 minutes ago and the author is still writing the
post for it.

closes #8041
 2019-07-03 13:24:27 +02:00
Benjamin Neff
88e35d3f3a
Use :database_authenticatable strategy to check password for OTP user 
This:
* makes sure that after_database_authentication is called for users with
enabled 2fa.
* handles paranoid mode correctly
 2019-06-17 01:12:42 +02:00
Benjamin Neff
607659939d
Enable paranoid mode for devise 
fixes #8001

closes #8003
 2019-04-30 00:21:00 +02:00
lislis
9d5b981809 Two factor authentication (#7751) 2019-04-28 23:24:40 +02:00
flaburgan
2073791cee
Add a manifest.json file as a first step to make diaspora* a PWA 
fixes #7997

closes #7998
 2019-04-27 18:00:14 +02:00
Benjamin Neff
3c55a425c7
Fix script domain for instagram in CSP header 
closes #7920
 2018-11-08 05:12:55 +01:00
Benjamin Neff
fc6893d4fc
Remove facebook integration 
Facebook removed the API and facebook integration is broken now, so lets
remove it.

closes #7874
 2018-10-08 02:50:25 +02:00
cmrd Senya
87968284ba
Support fetching StatusMessage by Poll guid 
When public fetch is requested with Poll guid, return parent
StatusMessage for it, which includes the Poll in its turn.

closes #7815
 2018-06-16 04:36:05 +02:00
Alex Tribble
1b03265c2e
Allow fonts to be served from asset host in CSP. 
Closes #7796

closes #7825
 2018-06-16 01:22:22 +02:00
Dennis Schubert
6918dbc761
Randomize start times of daily Sidekiq-Cron jobs 
closes #7787
 2018-04-16 01:26:48 +02:00
Benjamin Neff
7854e14e07
Bump secure_headers 2018-04-12 02:41:53 +02:00
Benjamin Neff
bb97aa8538
Allow RFC 7033 WebFinger via http:// for development 2017-09-28 23:04:34 +02:00
Benjamin Neff
e82690963d
Add # frozen_string_literal: true to all files 2017-09-17 19:29:15 +02:00
Benjamin Neff
5ea7b8ee13
Set fog_provider and load carrierwave/storage/fog if S3 is enabled 
Fixes #7563

closes #7566
 2017-08-26 02:50:18 +02:00
Benjamin Neff
b203862ca3
Workaround for bootstrap-sass 
The change in assets.rb should be enough, but it doesn't work, because
sprockets `after_initialize` runs before it and initializes sprockets
with unfiltered paths.

But the trick with the underscore works, because bootstrap-sass has
named the file `_bootstrap.scss`, and rails-assets-bootstrap has
`bootstrap.scss`, so with `_bootstrap` it uses the correct bootstrap.
 2017-08-12 15:39:26 +02:00
Benjamin Neff
3d7061b240
Update configs for rails 5 
Used `rails app:update`
 2017-08-12 15:39:19 +02:00
Benjamin Neff
4f9e560ab3
Use RFC 7033 webfinger from diaspora_federation gem 2017-07-03 03:14:41 +02:00
Benjamin Neff
87d0778086
Remove guid and public_key from WebFinger 
Related to diaspora/diaspora_federation#39
 2017-07-02 23:56:00 +02:00
Benjamin Neff
f4f0e724c6
Merge branch 'next-minor' into develop 2017-05-11 04:24:29 +02:00
Benjamin Neff
02b4d3f347
Don't raise when the public key of a person is "broken" 
Breaking a public key of a person can be used to "block" receiving posts
from this person on the pod. So we should handle that case better and
not just trigger many retries for something that will fail again.

closes #7448
 2017-05-11 04:24:13 +02:00
Benjamin Neff
7d9c6c85bd
Remove rails_admin 
This is now broken since more than half a year, so I think we can just
remove it.

Podmins shouldn't use this anyway, because it does bad things, like
replacing NULL with an empty string when editing something. If we really
need an admin interface for something, we should add it to our own admin
panel at /admins/dashboard.

Fixes #7027 and #6413

closes #7440
 2017-05-11 04:18:33 +02:00
Benjamin Neff
24b40a4c01
Merge branch 'next-minor' into develop 2017-04-06 01:02:26 +02:00
Amadren
30fad8279b
Improve csp for a better cloudflare support 
closes #7367
 2017-04-06 01:01:50 +02:00
Steffen van Bergerem
7eb3dabb44
i18n for color themes 2017-03-16 12:25:41 +01:00
goobertron
6657fd51fa
Capitalisation of colour themes 2017-03-16 12:03:53 +01:00
Steffen van Bergerem
bd0210a181
Remove chartbeat and mixpanel support 2017-01-15 13:30:54 +01:00
Benjamin Neff
57c0330535
Schedule a connection-check when receiving a message from an offline pod 
closes #7158
 2016-11-06 02:40:05 +01:00
Benjamin Neff
08282cea01
Add dark theme 
Also renamed "Original Dark" to "Original Gray", because it isn't "dark".

closes #7152
 2016-11-06 02:34:11 +01:00
Benjamin Neff
e18627f542
Suppress deprecation warning: disable csp in report-only mode 2016-10-30 00:14:23 +02:00
Benjamin Neff
4f6018c74a
Bump secure_headers 
closes #7151
 2016-10-27 02:26:52 +02:00
Benjamin Neff
0dd98a5c13
Bump diaspora_federation 
closes #7145
 2016-10-27 02:26:11 +02:00
Benjamin Neff
ec8a49b338
Add settings for CSP to diaspora.yml 
closes #7128
 2016-09-30 02:11:32 +02:00
Benjamin Neff
caef670934
Configure CSP header for services from diaspora.yml 2016-09-30 02:10:37 +02:00
Benjamin Neff
edf6602099
Add frame-src but don't spam the log with DEPRECATION warnings. 
This is an ugly hack, and it should be reverted once we stop supporting
old browsers.
 2016-09-30 02:10:37 +02:00
Benjamin Neff
6ec0fd4b9f
Add nonce to javascript tags 2016-09-30 02:10:37 +02:00
Benjamin Neff
4da1c78bb7
Add secure_header gem to add some security related headers 
basic config for Content Security Policies
 2016-09-30 02:10:37 +02:00
Steffen van Bergerem
4d51c02432 Add OpenGraph video support 
closes #7043
 2016-09-04 03:55:09 +02:00
Benjamin Neff
b3453c494e
make session-cookie HttpOnly 
closes #7041
 2016-09-04 03:06:15 +02:00
augier
5c2e241106 Displaying the markdown editor on publisher 2016-08-12 23:08:41 +02:00
Steffen van Bergerem
58c7478133
Remove messagebus_ruby_api gem 
Messagebus closed in 2015. See https://web.archive.org/web/20150623093956/https://www.messagebus.com/ for more information.
 2016-07-07 18:48:31 +02:00
Dennis Schubert
fddec62828
Merge pull request #6894 from SuperTux88/fetch-missing-persons 
fetch unknown persons to generate url
 2016-06-27 15:01:18 +02:00
Benjamin Neff
3bfc4003fb fetch unknown persons to generate url 2016-06-27 14:43:19 +02:00
Benjamin Neff
f0d7e124a9 configure concurrency and verbose in diaspora_federation gem 2016-06-27 14:13:41 +02:00
Benjamin Neff
03317bc3ff the xml parameter is now filtered in the diaspora_federation gem 2016-06-26 06:21:03 +02:00
Benjamin Neff
65f03b2d08 extract mappings between diaspora and the federation gem 2016-06-26 06:21:02 +02:00
Benjamin Neff
f95e0faa37 delete old postzord dispatcher 2016-06-26 06:21:01 +02:00
Benjamin Neff
51aca4506f remove HttpMulti and HydraWrapper 2016-06-26 06:21:01 +02:00
Benjamin Neff
b0942bc219 remove salmon code 2016-06-26 06:21:01 +02:00