forked from fedi/mastodon
28b482874a
* Refactor signature verification a bit * Rescue signature verification if recorded public key is invalid Fixes #8822 * Always re-fetch AP signing key when HTTP Signature verification fails But when the account is not marked as stale, avoid fetching collections and media, and avoid webfinger round-trip. * Apply stoplight to key/account update as well as initial key retrieval |
||
---|---|---|
.. | ||
chewy | ||
controllers | ||
helpers | ||
javascript | ||
lib | ||
mailers | ||
models | ||
policies | ||
presenters | ||
serializers | ||
services | ||
validators | ||
views | ||
workers |