paravielfalt/mastodon
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Activity Actions
mastodon/app/controllers
History
Claire 34aeef3453
Merge pull request from GHSA-58x8-3qxw-6hm7 
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
..
activitypub Refactor ActivityPub handling to prepare for non-Account actors (#19212) 2022-09-21 22:45:57 +02:00
admin Fix missing destory audit logs for Domain Allows (#30125) 2024-05-17 12:30:07 +02:00
api Merge pull request from GHSA-58x8-3qxw-6hm7 2024-07-04 16:26:49 +02:00
auth Fix user creation failure handling in OAuth paths (#29207) 2024-02-14 23:16:39 +01:00
concerns Remove caching in cache_collection (#29862) 2024-05-17 12:30:07 +02:00
disputes Change old moderation strikes to be displayed in a separate page (#17566) 2022-03-01 19:37:47 +01:00
filters Add ability to filter individual posts (#18945) 2022-08-25 04:27:47 +02:00
oauth Merge pull request from GHSA-vp5r-5pgw-jwqx 2024-07-04 16:11:28 +02:00
settings Fix misleading error code when receiving invalid WebAuthn credentials (#23568) 2023-03-16 11:45:53 +01:00
well_known Add fallback redirection when getting a webfinger query WEB_DOMAIN@WEB_DOMAIN (#28592) 2024-05-17 12:30:07 +02:00
about_controller.rb Change public accounts pages to mount the web UI (#19319) 2022-10-20 14:35:29 +02:00
accounts_controller.rb Fix invalid/empty RSS feed link on account pages (#20772) 2022-11-17 10:58:33 +01:00
application_controller.rb Add customizable user roles (#18641) 2022-07-05 02:41:40 +02:00
authorize_interactions_controller.rb Fix double render error when authorizing interaction (#18203) 2022-05-01 00:56:34 +02:00
backups_controller.rb Fix user archive takeouts when using OpenStack Swift (#24431) 2023-07-06 13:45:40 +02:00
custom_css_controller.rb Add customizable user roles (#18641) 2022-07-05 02:41:40 +02:00
emojis_controller.rb Add (back) rails-level JSON caching (#11333) 2019-07-21 22:32:16 +02:00
filters_controller.rb Add ability to filter individual posts (#18945) 2022-08-25 04:27:47 +02:00
follower_accounts_controller.rb Fix single name variables on controller folder (#20092) 2022-12-15 17:11:58 +01:00
following_accounts_controller.rb Fix single name variables on controller folder (#20092) 2022-12-15 17:11:58 +01:00
health_controller.rb Change health check (#15988) 2021-04-03 02:39:04 +02:00
home_controller.rb Change public accounts pages to mount the web UI (#19319) 2022-10-20 14:35:29 +02:00
instance_actors_controller.rb Fix instance actor not being dereferenceable (#17457) 2022-02-06 15:31:03 +01:00
intents_controller.rb Refactor controllers for statuses, accounts, and more (#11249) 2019-07-08 12:03:45 +02:00
invites_controller.rb Add invite comments (#10465) 2019-08-19 11:40:42 +02:00
manifests_controller.rb Fix redirecting non-functional accounts on public pages (#11978) 2019-09-28 01:33:27 +02:00
media_controller.rb Remove invalid X-Frame-Options: ALLOWALL (#25070) 2023-07-06 13:45:40 +02:00
media_proxy_controller.rb Refactor how Redis locks are created (#18400) 2022-05-13 00:02:35 +02:00
privacy_controller.rb Change public accounts pages to mount the web UI (#19319) 2022-10-20 14:35:29 +02:00
relationships_controller.rb Fix server error when failing to follow back followers from /relationships (#23787) 2023-03-13 18:39:35 +01:00
shares_controller.rb Fix blurhash and autoplay not working on public pages (#11585) 2019-08-16 19:15:05 +02:00
statuses_cleanup_controller.rb Change automatic post deletion configuration to be accessible to redirected users (#20774) 2022-11-17 10:55:23 +01:00
statuses_controller.rb Remove invalid X-Frame-Options: ALLOWALL (#25070) 2023-07-06 13:45:40 +02:00
tags_controller.rb Remove posts count and last posts from ActivityPub representation of hashtag collections (#23460) 2023-02-08 17:57:25 +01:00