bida/bastodon
6
0
Fork 0
Code Issues 7 Pull requests Releases Wiki Activity
bastodon/config/initializers
History
Claire 987f909994
Merge pull request from GHSA-9928-3cp5-93fm 
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
..
0_post_deployment_migrations.rb Add post-deployment migration system (#8182) 2018-08-13 13:40:01 +02:00
1_hosts.rb Fix host check on healthcheck path not being disabled (#16270) 2021-05-17 22:36:08 +02:00
2_whitelist_mode.rb Remove the terms blacklist and whitelist from UX (#14149) 2020-06-27 20:20:11 +02:00
active_model_serializers.rb Fix ActivityPub context not being dynamically computed (#11746) 2019-09-03 22:52:32 +02:00
application_controller_renderer.rb Update Mastodon to Rails 6.1 (#15910) 2021-03-24 10:44:31 +01:00
assets.rb HTML e-mails for UserMailer (#6256) 2018-01-16 03:29:11 +01:00
backtrace_silencers.rb Update Mastodon to Rails 6.1 (#15910) 2021-03-24 10:44:31 +01:00
blacklists.rb Remove the terms blacklist and whitelist from UX (#14149) 2020-06-27 20:20:11 +02:00
cache_buster.rb Add cache buster feature for media files (#15155) 2020-11-19 17:38:06 +01:00
chewy.rb Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-04 12:38:58 +02:00
content_security_policy.rb Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-07-06 13:46:21 +02:00
cookies_serializer.rb Upgrade to Rails 5.0.0.1 2016-08-17 17:58:00 +02:00
cors.rb Use same CORS policy for /@:username and /users/:username (#9485) 2018-12-10 21:39:47 +01:00
devise.rb Fix cookies secure flag being set when served over Tor (#17992) 2022-04-08 12:47:18 +02:00
doorkeeper.rb Fix confirmation redirect to app without Location header (#18523) 2022-05-26 22:03:54 +02:00
fast_blank.rb Fixed code quality issues (#15541) 2021-01-31 21:26:09 +01:00
ffmpeg.rb add ffmpeg initializer (#8855) 2018-10-09 03:02:52 +02:00
filter_parameter_logging.rb Added optional two-factor authentication 2017-01-27 20:35:16 +01:00
http_client_proxy.rb Refactor monkey-patching of Goldfinger (#12561) 2020-05-10 11:41:43 +02:00
httplog.rb Version bumps for ruby and misc gems (#1159) 2017-04-10 22:47:41 +02:00
inflections.rb Prepare Mastodon for zeitwerk autoloader (#15917) 2021-03-19 02:42:43 +01:00
json_ld.rb Fix preloaded JSON-LD context for identity not being used (#12138) 2019-10-10 06:48:53 +02:00
kaminari_config.rb Add ability to filter audit log in admin UI (#13381) 2020-04-03 13:06:34 +02:00
mail_delivery_job.rb Fix mailer jobs for deleted notifications erroring out (#16294) 2021-05-24 03:02:46 +02:00
makara.rb Drop dependency on secure_headers, fix response headers (#15712) 2021-02-11 23:47:05 +01:00
mime_types.rb Set correct content-type for ActivityPub JSON (#4592) 2017-08-14 04:16:43 +02:00
oj.rb Remove rabl dependency (#5894) 2017-12-06 15:04:49 +09:00
omniauth.rb Allow login through OpenID Connect (#16221) 2022-03-09 12:07:35 +01:00
open_uri_redirection.rb Optimize some regex matching (#15528) 2021-01-22 10:09:08 +01:00
paperclip.rb Merge pull request from GHSA-9928-3cp5-93fm 2023-07-06 15:05:05 +02:00
permissions_policy.rb Update Mastodon to Rails 6.1 (#15910) 2021-03-24 10:44:31 +01:00
pghero.rb Fix PgHero suggesting migrations (#17807) 2022-03-15 20:27:49 +01:00
preload_link_headers.rb Fix various typos (#17621) 2022-02-22 20:14:17 +01:00
premailer_rails.rb HTML e-mails for UserMailer (#6256) 2018-01-16 03:29:11 +01:00
rack_attack.rb Fix rate limiting for paths with formats 2022-11-14 11:20:41 +01:00
rack_attack_logging.rb Change rate limits for various paths (#14253) 2020-07-07 15:26:39 +02:00
session_activations.rb Revocable sessions (#3616) 2017-06-23 18:50:53 +02:00
session_store.rb Fix cookies secure flag being set when served over Tor (#17992) 2022-04-08 12:47:18 +02:00
sidekiq.rb Fix single Redis connection being used across all threads (#18135) 2022-04-28 17:47:34 +02:00
simple_form.rb Fixed code quality issues (#15541) 2021-01-31 21:26:09 +01:00
single_user_mode.rb Add single user mode 2016-12-06 17:19:26 +01:00
statsd.rb Remove unused StatsD code and expose StatsD as a global variable (#11232) 2019-07-02 11:34:39 +02:00
stoplight.rb Fix opening and closing Redis connections instead of using a pool (#18171) 2022-04-29 22:43:07 +02:00
strong_migrations.rb Fix migration failure due to StrongMigrations on production env (#5283) 2017-10-09 10:05:35 +02:00
suppress_csrf_warnings.rb Fix autoloading deprecation warnings from Rails 6 (#16010) 2021-04-09 02:31:20 +02:00
trusted_proxies.rb Fix error 2017-01-22 23:07:31 +01:00
twitter_regex.rb Allow carets in URL search params (#25216) 2023-07-06 13:46:21 +02:00
vapid.rb Lint pass (#8876) 2018-10-04 12:36:53 +02:00
webauthn.rb Add WebAuthn as an alternative 2FA method (#14466) 2020-08-24 16:46:27 +02:00
wrap_parameters.rb Upgrade to Rails 5.0.0.1 2016-08-17 17:58:00 +02:00