nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
19825 commits 4 branches 0 tags 121 MiB
Commit graph

534 commits

Author SHA1 Message Date
Benjamin Neff
d486fbce8c
Merge branch 'next-minor' into develop 2019-04-30 00:21:55 +02:00
Benjamin Neff
607659939d
Enable paranoid mode for devise 
fixes #8001

closes #8003
 2019-04-30 00:21:00 +02:00
lislis
9d5b981809 Two factor authentication (#7751) 2019-04-28 23:24:40 +02:00
lislis
1da118780e Two factor authentication (#7751) 2019-04-28 19:06:48 +02:00
Benjamin Neff
6ba9b24c1a
Merge branch 'next-minor' into develop 2019-04-27 18:00:40 +02:00
flaburgan
2073791cee
Add a manifest.json file as a first step to make diaspora* a PWA 
fixes #7997

closes #7998
 2019-04-27 18:00:14 +02:00
Dennis Schubert
cd16f29c39
Merge branch 'next-minor' into develop 2018-11-08 05:14:36 +01:00
Benjamin Neff
3c55a425c7
Fix script domain for instagram in CSP header 
closes #7920
 2018-11-08 05:12:55 +01:00
Dennis Schubert
9bab794ea4
Merge branch 'next-minor' into develop 2018-10-08 02:50:36 +02:00
Benjamin Neff
fc6893d4fc
Remove facebook integration 
Facebook removed the API and facebook integration is broken now, so lets
remove it.

closes #7874
 2018-10-08 02:50:25 +02:00
Benjamin Neff
f3d2a54050
Merge branch 'next-minor' into develop 2018-06-16 04:36:13 +02:00
cmrd Senya
87968284ba
Support fetching StatusMessage by Poll guid 
When public fetch is requested with Poll guid, return parent
StatusMessage for it, which includes the Poll in its turn.

closes #7815
 2018-06-16 04:36:05 +02:00
Benjamin Neff
212da3a2b7
Merge branch 'next-minor' into develop 2018-06-16 01:23:10 +02:00
Alex Tribble
1b03265c2e
Allow fonts to be served from asset host in CSP. 
Closes #7796

closes #7825
 2018-06-16 01:22:22 +02:00
Benjamin Neff
d5f5e1991b
Merge branch 'next-minor' into develop 2018-04-16 01:26:56 +02:00
Dennis Schubert
6918dbc761
Randomize start times of daily Sidekiq-Cron jobs 
closes #7787
 2018-04-16 01:26:48 +02:00
Benjamin Neff
c1ebc4d338
Merge branch 'next-minor' into develop 2018-04-12 02:49:11 +02:00
Benjamin Neff
7854e14e07
Bump secure_headers 2018-04-12 02:41:53 +02:00
Frédéric Bolvin
6d55b15604 Resize images on client-side before uploading 2018-03-11 11:20:16 +01:00
Frédéric Bolvin
23e4062342 Allow blob: URIs to be used as a content source in CSP header 2018-03-03 21:12:18 +01:00
Benjamin Neff
bb97aa8538
Allow RFC 7033 WebFinger via http:// for development 2017-09-28 23:04:34 +02:00
Benjamin Neff
e82690963d
Add # frozen_string_literal: true to all files 2017-09-17 19:29:15 +02:00
Benjamin Neff
5ea7b8ee13
Set fog_provider and load carrierwave/storage/fog if S3 is enabled 
Fixes #7563

closes #7566
 2017-08-26 02:50:18 +02:00
Benjamin Neff
b203862ca3
Workaround for bootstrap-sass 
The change in assets.rb should be enough, but it doesn't work, because
sprockets `after_initialize` runs before it and initializes sprockets
with unfiltered paths.

But the trick with the underscore works, because bootstrap-sass has
named the file `_bootstrap.scss`, and rails-assets-bootstrap has
`bootstrap.scss`, so with `_bootstrap` it uses the correct bootstrap.
 2017-08-12 15:39:26 +02:00
Benjamin Neff
3d7061b240
Update configs for rails 5 
Used `rails app:update`
 2017-08-12 15:39:19 +02:00
Benjamin Neff
4f9e560ab3
Use RFC 7033 webfinger from diaspora_federation gem 2017-07-03 03:14:41 +02:00
Benjamin Neff
87d0778086
Remove guid and public_key from WebFinger 
Related to diaspora/diaspora_federation#39
 2017-07-02 23:56:00 +02:00
Benjamin Neff
f4f0e724c6
Merge branch 'next-minor' into develop 2017-05-11 04:24:29 +02:00
Benjamin Neff
02b4d3f347
Don't raise when the public key of a person is "broken" 
Breaking a public key of a person can be used to "block" receiving posts
from this person on the pod. So we should handle that case better and
not just trigger many retries for something that will fail again.

closes #7448
 2017-05-11 04:24:13 +02:00
Benjamin Neff
7d9c6c85bd
Remove rails_admin 
This is now broken since more than half a year, so I think we can just
remove it.

Podmins shouldn't use this anyway, because it does bad things, like
replacing NULL with an empty string when editing something. If we really
need an admin interface for something, we should add it to our own admin
panel at /admins/dashboard.

Fixes #7027 and #6413

closes #7440
 2017-05-11 04:18:33 +02:00
Benjamin Neff
24b40a4c01
Merge branch 'next-minor' into develop 2017-04-06 01:02:26 +02:00
Amadren
30fad8279b
Improve csp for a better cloudflare support 
closes #7367
 2017-04-06 01:01:50 +02:00
Steffen van Bergerem
7eb3dabb44
i18n for color themes 2017-03-16 12:25:41 +01:00
goobertron
6657fd51fa
Capitalisation of colour themes 2017-03-16 12:03:53 +01:00
Steffen van Bergerem
bd0210a181
Remove chartbeat and mixpanel support 2017-01-15 13:30:54 +01:00
Benjamin Neff
57c0330535
Schedule a connection-check when receiving a message from an offline pod 
closes #7158
 2016-11-06 02:40:05 +01:00
Benjamin Neff
08282cea01
Add dark theme 
Also renamed "Original Dark" to "Original Gray", because it isn't "dark".

closes #7152
 2016-11-06 02:34:11 +01:00
Benjamin Neff
e18627f542
Suppress deprecation warning: disable csp in report-only mode 2016-10-30 00:14:23 +02:00
Benjamin Neff
4f6018c74a
Bump secure_headers 
closes #7151
 2016-10-27 02:26:52 +02:00
Benjamin Neff
0dd98a5c13
Bump diaspora_federation 
closes #7145
 2016-10-27 02:26:11 +02:00
Benjamin Neff
ec8a49b338
Add settings for CSP to diaspora.yml 
closes #7128
 2016-09-30 02:11:32 +02:00
Benjamin Neff
caef670934
Configure CSP header for services from diaspora.yml 2016-09-30 02:10:37 +02:00
Benjamin Neff
edf6602099
Add frame-src but don't spam the log with DEPRECATION warnings. 
This is an ugly hack, and it should be reverted once we stop supporting
old browsers.
 2016-09-30 02:10:37 +02:00
Benjamin Neff
6ec0fd4b9f
Add nonce to javascript tags 2016-09-30 02:10:37 +02:00
Benjamin Neff
4da1c78bb7
Add secure_header gem to add some security related headers 
basic config for Content Security Policies
 2016-09-30 02:10:37 +02:00
Steffen van Bergerem
4d51c02432 Add OpenGraph video support 
closes #7043
 2016-09-04 03:55:09 +02:00
Benjamin Neff
b3453c494e
make session-cookie HttpOnly 
closes #7041
 2016-09-04 03:06:15 +02:00
augier
5c2e241106 Displaying the markdown editor on publisher 2016-08-12 23:08:41 +02:00
Steffen van Bergerem
58c7478133
Remove messagebus_ruby_api gem 
Messagebus closed in 2015. See https://web.archive.org/web/20150623093956/https://www.messagebus.com/ for more information.
 2016-07-07 18:48:31 +02:00
Dennis Schubert
fddec62828
Merge pull request #6894 from SuperTux88/fetch-missing-persons 
fetch unknown persons to generate url
 2016-06-27 15:01:18 +02:00