Alex Gleason
|
a110a395c1
|
Merge branch 'pleroma_ctl-soapbox' into 'develop'
Update config.exs, to fix incomplete soapbox install via pleroma_ctl
See merge request soapbox-pub/rebased!282
|
2023-10-04 23:11:03 +00:00 |
|
Aldis Ruiz
|
c86b34eb45
|
Update config.exs, to fix incomplete soapbox install via pleroma_ctl
|
2023-10-04 23:03:24 +00:00 |
|
marcin mikołajczak
|
6ceceef805
|
Merge branch 'static-pages-styles' into 'develop'
Static pages: Improve authorization token styling
See merge request soapbox-pub/rebased!281
|
2023-09-27 14:40:35 +00:00 |
|
|
|
01168f9dd8
|
Static pages: Improve authorization token styling
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
|
2023-09-27 13:44:58 +02:00 |
|
Alex Gleason
|
374b099825
|
Merge branch 'restrict-unauthenticated' into 'develop'
InstanceView: expose restrict_unauthenticated settings
See merge request soapbox-pub/rebased!280
|
2023-09-24 17:39:55 +00:00 |
|
Alex Gleason
|
992351b796
|
InstanceView: expose restrict_unauthenticated settings
|
2023-09-24 12:29:58 -05:00 |
|
Alex Gleason
|
5867afa991
|
Merge branch 'fix-tests' into 'develop'
Fix tests
See merge request soapbox-pub/rebased!279
|
2023-09-24 17:08:58 +00:00 |
|
Alex Gleason
|
abac3be7d5
|
Add slashes to endpoints in tests
|
2023-09-24 11:55:16 -05:00 |
|
Alex Gleason
|
8148f53bdb
|
Fix Webfinger parsing XML
|
2023-09-24 11:49:06 -05:00 |
|
Alex Gleason
|
91990f12e3
|
BasicAuthDecoderPlug: reformat, fix/add tests
|
2023-09-24 10:47:04 -05:00 |
|
Alex Gleason
|
1d74716c99
|
Merge branch 'no-insecure-auth' into 'develop'
Lock insecure auth methods behind config setting
See merge request soapbox-pub/rebased!278
|
2023-09-22 13:35:50 +00:00 |
|
niggy
|
b882bcc884
|
Lock insecure auth methods behind config setting
|
2023-09-22 03:50:35 +00:00 |
|
Alex Gleason
|
601da71fe0
|
Merge branch 'develop' into 'develop'
Update file config.exs (soapbox entry)
See merge request soapbox-pub/rebased!277
|
2023-09-20 00:12:41 +00:00 |
|
Aldis Ruiz
|
d6503e44b0
|
Update file config.exs
|
2023-09-19 23:00:15 +00:00 |
|
Alex Gleason
|
9bec0223a0
|
Merge branch 'misc-fixes' into 'develop'
Update pack.ex
See merge request soapbox-pub/rebased!276
|
2023-09-11 02:55:25 +00:00 |
|
niggy
|
0eeb8ea74e
|
Update pack.ex
|
2023-09-04 08:47:01 +00:00 |
|
Alex Gleason
|
9db714fe01
|
Merge branch 'pleroma-security-fix' into 'develop'
Pleroma security fix
See merge request soapbox-pub/rebased!272
|
2023-09-03 16:22:56 +00:00 |
|
Alex Gleason
|
82d99b835e
|
Merge remote-tracking branch 'pleroma/develop' into merge-pleroma
|
2023-09-03 10:09:05 -05:00 |
|
Haelwenn
|
a94cf2ad4f
|
Merge branch 'check-attachment-attribution' into 'develop'
Prevent users from attaching other users' attachments
See merge request pleroma/pleroma!3947
|
2023-09-03 09:09:27 +00:00 |
|
Mint
|
1afde067b1
|
CommonAPI: Prevent users from accessing media of other users
|
2023-09-03 10:41:37 +02:00 |
|
Haelwenn
|
9da4f89b7b
|
Merge branch 'tusooa/lint' into 'develop'
Make lint happy
See merge request pleroma/pleroma!3944
|
2023-08-31 22:24:30 +00:00 |
|
tusooa
|
3c5ecca377
|
Skip changelog
|
2023-08-30 20:37:45 -04:00 |
|
tusooa
|
3d09bc320e
|
Make lint happy
|
2023-08-30 20:36:52 -04:00 |
|
marcin mikołajczak
|
9526197925
|
Merge branch 'webfinger-validation' into 'develop'
Fix validate_webfinger when running a different domain for Webfinger
See merge request soapbox-pub/rebased!271
|
2023-08-24 06:10:16 +00:00 |
|
|
|
acaae4c992
|
Fix tests
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
|
2023-08-24 01:22:20 +02:00 |
|
|
|
f08184b0fa
|
Fix validate_webfinger when running a different domain for Webfinger
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
|
2023-08-24 00:37:39 +02:00 |
|
Alex Gleason
|
38b1697b01
|
Merge branch 'webfinger-spoofing' into 'develop'
Prevent webfinger spoofing
See merge request soapbox-pub/rebased!270
|
2023-08-23 18:23:04 +00:00 |
|
Alex Gleason
|
2f52806410
|
Prevent webfinger spoofing
|
2023-08-23 13:10:19 -05:00 |
|
marcin mikołajczak
|
a9575da9de
|
Merge branch 'rebased-scope' into 'develop'
Add /api/1/rebased scope for Rebased-specific routes
See merge request soapbox-pub/rebased!269
|
2023-08-20 20:36:54 +00:00 |
|
|
|
f6de23a1cf
|
Add /api/1/soapbox scope for Rebased-specific routes
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
|
2023-08-20 22:22:53 +02:00 |
|
Haelwenn
|
1e685c8302
|
Merge branch 'csp-flash' into 'develop'
allow https: so that flash works across instances without need for media proxy
See merge request pleroma/pleroma!3879
|
2023-08-16 13:37:49 +00:00 |
|
Haelwenn
|
d838d1990b
|
Apply lanodan's suggestion(s) to 1 file(s)
|
2023-08-16 13:34:32 +00:00 |
|
marcin mikołajczak
|
bf50f18eeb
|
Merge branch 'logger_deprecated_warn' into 'develop'
Replace deprecated Logger.warn/1 with Logger.warning
See merge request soapbox-pub/rebased!267
|
2023-08-10 21:53:27 +00:00 |
|
|
|
83054ebd5e
|
Replace deprecated Logger.warn/1 with Logger.warning
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
|
2023-08-10 23:29:35 +02:00 |
|
tusooa
|
b729a8b140
|
Merge branch 'fix-dockerfile-perms' into 'develop'
Fix config ownership in dockerfile to pass restriction test
See merge request pleroma/pleroma!3931
|
2023-08-10 00:42:29 +00:00 |
|
Cat pony Black
|
c298e0165c
|
Fix config ownership in dockerfile to pass restriction test
|
2023-08-08 19:07:48 +02:00 |
|
Haelwenn
|
4e355b8595
|
Merge branch 'disable-xml-entities-completely' into 'develop'
Completely disable xml entity resolution
See merge request pleroma/pleroma!3932
|
2023-08-06 08:27:27 +00:00 |
|
marcin mikołajczak
|
b094e92c50
|
Merge branch 'merge-pleroma' into 'develop'
Merge Pleroma (security fix)
See merge request soapbox-pub/rebased!264
|
2023-08-05 13:27:42 +00:00 |
|
|
|
cc5053fb92
|
Merge remote-tracking branch 'pleroma/develop' into merge-pleroma
|
2023-08-05 15:26:32 +02:00 |
|
|
|
96a6b4dbc8
|
Merge remote-tracking branch 'pleroma/develop' into merge-pleroma
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
|
2023-08-05 15:22:01 +02:00 |
|
mae
|
48b1e9bdc7
|
Completely disable xml entity resolution
|
2023-08-05 14:17:04 +02:00 |
|
Haelwenn
|
17c336de66
|
Merge branch 'docs/gentoo-otp-intro' into 'develop'
gentoo_otp_en.md: Indicate which install method it covers
See merge request pleroma/pleroma!3928
|
2023-08-05 11:04:32 +00:00 |
|
Haelwenn
|
d0f7a5c4f5
|
Merge branch 'mergeback/2.5.4' into 'develop'
Mergeback: 2.5.4
See merge request pleroma/pleroma!3930
|
2023-08-05 08:13:03 +00:00 |
|
Haelwenn (lanodan) Monnier
|
4099ddb3dc
|
Mergeback release 2.5.4
|
2023-08-05 08:58:05 +02:00 |
|
Mark Felder
|
6d48b0f1a9
|
Document and test that XXE processing is disabled
https://vuln.be/post/xxe-in-erlang-and-elixir/
|
2023-08-05 08:14:27 +02:00 |
|
FloatingGhost
|
307692cee8
|
Add unit test for external entity loading
|
2023-08-05 08:14:27 +02:00 |
|
Mae
|
ca0859b90f
|
Prevent XML parser from loading external entities
|
2023-08-04 22:35:13 -04:00 |
|
Haelwenn (lanodan) Monnier
|
0e321698d2
|
gentoo_otp_en.md: Indicate which install method it covers
|
2023-08-04 17:11:20 +02:00 |
|
Alex Gleason
|
a2a85bc88e
|
Merge branch 'merge-pleroma' into 'develop'
Merge Pleroma (security fix)
See merge request soapbox-pub/rebased!263
|
2023-08-04 14:52:20 +00:00 |
|
Alex Gleason
|
fa4f0ae328
|
Merge remote-tracking branch 'pleroma/develop' into merge-pleroma
|
2023-08-04 09:32:59 -05:00 |
|
