href
|
b19597f602
|
reverse proxy / uploads
|
2018-11-30 18:00:47 +01:00 |
|
Haelwenn (lanodan) Monnier
|
04daa0fa44
|
Plugs.HTTPSecurityPlug: Activate upgrade-insecure-requests only when there is https
This fixes running mastofe with MIX_ENV=dev
|
2018-11-26 21:41:36 +01:00 |
|
shibayashi
|
591b11eafc
|
Add manifest-src to allow manifest.json
|
2018-11-26 20:48:24 +01:00 |
|
Haelwenn (lanodan) Monnier
|
4a79b89dba
|
lib/pleroma/plugs/user_is_admin_plug.ex: change 403 string to “User is not admin.”
|
2018-11-17 20:25:56 +01:00 |
|
Haelwenn (lanodan) Monnier
|
c8b8f1d32c
|
[Pleroma.Plugs.UserIsAdminPlug]: Check if admin is true instead of false, fix error reporting
|
2018-11-17 20:25:53 +01:00 |
|
Haelwenn (lanodan) Monnier
|
7076d45cb6
|
lib/pleroma/plugs/user_is_admin_plug.ex: Create
|
2018-11-17 20:25:52 +01:00 |
|
William Pitcock
|
c07464607d
|
http security: remove form-action from CSP definitions
|
2018-11-16 17:40:21 +00:00 |
|
William Pitcock
|
ee5932a504
|
http security: allow referrer-policy to be configured
|
2018-11-12 15:14:46 +00:00 |
|
William Pitcock
|
fe67665e19
|
rename CSPPlug to HTTPSecurityPlug.
|
2018-11-12 15:08:02 +00:00 |
|
William Pitcock
|
df72978dce
|
csp plug: add support for certificate transparency
|
2018-11-11 06:55:44 +00:00 |
|
William Pitcock
|
331cf6ada1
|
csp plug: add sts support
|
2018-11-11 06:50:28 +00:00 |
|
William Pitcock
|
f516e317ea
|
plugs: add CSPPlug
|
2018-11-11 06:10:21 +00:00 |
|
href
|
6fe23c5458
|
Runtime configured router
|
2018-11-05 15:19:03 +01:00 |
|
lain
|
44b094908c
|
Update legacy passwords automatically.
|
2018-09-05 22:30:14 +02:00 |
|
lain
|
e601165426
|
Add UserEnabledPlug.
|
2018-09-05 21:53:53 +02:00 |
|
lain
|
5ce1ebb179
|
Add SetUserSessionIdPlug.
|
2018-09-05 21:42:42 +02:00 |
|
lain
|
12bc73dd28
|
Add EnsureUserKeyPlug, smaller fixes
|
2018-09-05 19:06:28 +02:00 |
|
lain
|
32465b9939
|
Simplify AuthenticationPlug
|
2018-09-05 18:53:38 +02:00 |
|
lain
|
9a96c93be7
|
Add SessionAuthenticationPlug.
|
2018-09-05 18:37:02 +02:00 |
|
lain
|
a3f54fca4d
|
Add LegacyAuthenticationPlug
|
2018-09-05 18:17:33 +02:00 |
|
lain
|
3cf17dc402
|
Add EnsureAuthenticatedPlug
|
2018-09-05 17:59:19 +02:00 |
|
lain
|
faf5347748
|
Add UserFetcherPlug.
|
2018-09-05 17:44:38 +02:00 |
|
lain
|
42bd985e66
|
Add BasicAuthDecoderPlug
|
2018-09-05 17:30:05 +02:00 |
|
Moon Man
|
8b020e03a6
|
change cond to if else
|
2018-09-05 01:37:48 -04:00 |
|
Moon Man
|
1a8bc26e52
|
auth against sha512-crypt password hashes, upgrade to pbkdf2
|
2018-09-05 00:21:44 -04:00 |
|
William Pitcock
|
8da406afa2
|
activitypub: verify remote http signature digests by recomputing the digest and replacing the digest header
|
2018-07-31 23:24:30 +00:00 |
|
lain
|
dd9bb37893
|
Rename id helper method.
|
2018-05-26 13:57:11 +02:00 |
|
William Pitcock
|
4d2c6707c2
|
activitypub: normalize the actor to ensure we have its URI
|
2018-05-19 03:28:28 -05:00 |
|
Mark Felder
|
ab4aa5720a
|
Fix a bunch of unused variable warnings
|
2018-05-04 20:59:01 +00:00 |
|
lain
|
0a14d155d6
|
Fail faster.
|
2018-04-02 13:13:14 +02:00 |
|
lain
|
4afbef39f4
|
Format the code.
|
2018-03-30 15:01:53 +02:00 |
|
lain
|
d2099c849d
|
More Jason changes.
|
2018-03-27 16:45:38 +02:00 |
|
lain
|
f29902a241
|
More signature debugging.
|
2018-03-11 14:37:23 +01:00 |
|
lain
|
5ea6d96dbe
|
Fix signing bug.
|
2018-02-25 20:15:04 +01:00 |
|
lain
|
ac67453e8a
|
More logging for signature problems.
|
2018-02-24 17:36:26 +01:00 |
|
lain
|
2757682894
|
More logging.
|
2018-02-22 14:57:35 +01:00 |
|
lain
|
38b61fddfe
|
HttpSignature Plug: Skip if already valid.
|
2018-02-15 19:58:26 +01:00 |
|
Roger Braun
|
a9c23e1c32
|
Add plug to validate signed http requests.
|
2017-12-12 10:17:21 +01:00 |
|
Lain Iwakura
|
0ec5aeb8a7
|
Don't log in deactivated users.
|
2017-12-07 17:41:34 +01:00 |
|
eal
|
c1fa1e8844
|
Fix basic auth for passwords with a colon.
|
2017-12-04 22:45:16 +02:00 |
|
Thog
|
59770c3f5c
|
Fix all compilation warnings
|
2017-11-19 02:22:07 +01:00 |
|
Roger Braun
|
d293ceb1b5
|
Add Mastodon frontend.
|
2017-11-12 14:23:05 +01:00 |
|
Roger Braun
|
2a298d70f9
|
Add very basic oauth and mastodon api support.
|
2017-09-06 19:06:25 +02:00 |
|
Roger Braun
|
70024632ba
|
AP refactoring.
|
2017-05-16 18:19:04 +02:00 |
|
dtluna
|
6cf7c13228
|
Refactor code to comply with credo suggestions
|
2017-04-27 16:18:50 +03:00 |
|
Roger Braun
|
32aa83f3a2
|
Short circuit user verification if cookie is present.
|
2017-03-30 15:29:49 +02:00 |
|
Roger Braun
|
142e8f8f3e
|
Don't use fetch access in plug.
This makes it work with structs.
|
2017-03-20 21:28:38 +01:00 |
|
Roger Braun
|
e32dbfc9a5
|
Add basic auth.
|
2017-03-20 17:56:45 +01:00 |
|