Commit graph

155 commits

Author SHA1 Message Date
byte[]
c9331f61b4 require page number to be positive 2020-09-07 23:19:32 -04:00
byte[]
a2e524b535 remove unnecessary referrer redirects 2020-09-07 00:28:24 -04:00
byte[]
113908f820 allow CSP customization on a per-controller basis 2020-08-23 18:30:58 -04:00
SomewhatDamaged
dec3615da5
Modify limit_plug for use by API (#15) 2020-08-22 12:11:50 -04:00
byte[]
4bfb7d8dd3 always assign advert, even if nil 2020-08-13 17:55:36 -04:00
byte[]
539eb223ff Fix all but one dialyzer warning 2020-08-11 19:15:32 -04:00
byte[]
02bbf5e2f1 fixes invisible error message for comment rate limit, weird nesting error for tag updates, e.g. derpibooru/philomena#169 2020-08-11 01:14:00 -04:00
byte[]
5b760436a1 ensure CSP plug config happens at runtime, not compile time 2020-08-06 13:27:56 -04:00
byte[]
5532ea4dec more complete fix for commission and gallery pagination error 2020-08-01 12:42:29 -04:00
liamwhite
98f4166ea8
Replace Pow with generated Phoenix auth (#10) 2020-07-28 16:56:26 -04:00
Byron Mulvogue
b48a07f517 Allow staff to bypass rate limits 2020-07-24 12:51:23 +00:00
byte[]
ad6e055aff add missing rate limit 2020-07-21 10:50:33 -04:00
byte[]
a36e2d7368 mix format 2020-06-12 13:00:59 -04:00
byte[]
417305e43c filter fixes 2020-06-06 21:56:07 -04:00
byte[]
9294e54771 Filter updates 2020-06-06 21:03:17 -04:00
byte[]
5dfd8f5b60 ensure CB is assigned 2020-06-03 21:26:38 -04:00
byte[]
ec1a999913 normal uses variance, not sd 2020-06-03 21:18:39 -04:00
byte[]
7160433c33 update methods 2020-06-03 21:10:38 -04:00
byte[]
cc4103fcea stop spawning off for advert updates 2020-05-27 17:14:22 -04:00
byte[]
7fca37741b replace use of hackney in scraper with mint 2020-05-20 14:18:13 -04:00
byte[]
a1b8ed9d33 move search, textile, date parser to app namespace 2020-05-07 22:43:40 -04:00
byte[]
1168ba86f6 move IP/FP updaters to web namespace 2020-05-07 22:03:10 -04:00
byte[]
4b86e783ef you have to halt the plug pipeline explicitly 2020-05-04 03:18:36 -04:00
SomewhatDamaged
3e7ee76fe2
Api create image (#105)
* added new method (POST) to /api/v1/json/images

* Cleaned up debug

* added require_authorization plug, fixed up issues with image_controller

* make user do work

* Fixed inefficient function use

* added api fingerprinting

* more robust

* corrected holdover from merging files
2020-05-01 00:40:57 -04:00
byte[]
63c89d2faf fix double send on registration 2020-04-18 20:28:01 -04:00
byte[]
e159c01bef fix broken case clause 2020-04-18 20:25:08 -04:00
Dan Schultzer
051a204d55
Add TOTP support in the invalidation session plug (#87) 2020-04-18 20:19:07 -04:00
Nick
79d8ed8a1c
Prevent compromised passwords from being used (#89)
* prevent compromised passwords from being used

* formatting consistency

* run mix format and hardcode api url

* more formatting

* remove unnecessary string upcase
2020-04-18 20:15:18 -04:00
byte[]
11cac54ba0 mix format 2020-04-11 20:28:28 -04:00
Dan Schultzer
36cbdff953
Fix plug issue (#86) 2020-04-11 19:47:23 -04:00
Dan Schultzer
e5f0e473d9
Add plug to handle invalidated Pow session tokens (#36)
* Add plug to handle invalidated Pow session tokens

* Add token signing

* Refactor for tests
2020-04-11 14:54:55 -04:00
Nick
d247e01347
Properly handle failed captchas after XHR post (#85)
* handle form posts and xhr posts differently on captcha failure

* formatting
2020-04-11 14:23:55 -04:00
byte[]
9ea7980e3f hex upgrades 2020-02-06 17:24:41 -05:00
byte[]
3ac8687c18 allow get-based reverse searching 2020-01-11 13:51:14 -05:00
byte[]
ed44160603 run formatter 2020-01-10 23:20:19 -05:00
byte[]
18798d2e99 ensure the authenticated user is never persisted as a further safeguard against API CSRF 2019-12-24 12:15:30 -05:00
byte[]
b2724c0de8 samesite session 2019-12-23 19:20:24 -05:00
byte[]
20c521e67b tor plug 2019-12-23 13:57:14 -05:00
byte[]
991cab61bf Revert "more aggressive preloading"
This reverts commit 556cd39afd.
2019-12-22 22:13:36 -05:00
byte[]
556cd39afd more aggressive preloading 2019-12-22 18:42:07 -05:00
byte[]
ca1150230d prevent posting without presenting a _ses cookie 2019-12-20 20:30:14 -05:00
byte[]
81800cf83d support per_page parameter 2019-12-20 16:12:47 -05:00
byte[]
46602460ea rearrange plugs 2019-12-20 12:44:45 -05:00
byte[]
ffdddb3f68 guard against invalid complex filters 2019-12-20 11:58:41 -05:00
byte[]
48eda4ff5d poll votes 2019-12-19 22:41:19 -05:00
byte[]
eeacf9ee14 untangle compile time dependencies in views 2019-12-19 14:32:12 -05:00
byte[]
db1787aa45 various scraper fixes 2019-12-18 18:51:02 -05:00
byte[]
d6e89a1449 batched updater for user profile info 2019-12-18 14:32:21 -05:00
byte[]
417504b4c1 add missing preload 2019-12-18 10:06:43 -05:00
byte[]
8b220775bb more admin tools 2019-12-17 00:44:24 -05:00
byte[]
a3e4706597 track usages 2019-12-16 21:49:17 -05:00
byte[]
d42fc44494 fix permissions 2019-12-16 17:50:15 -05:00
byte[]
a28d233751 ensure options are loaded 2019-12-16 13:28:17 -05:00
byte[]
1fbe3bd555 ensure flash is fetched 2019-12-14 22:25:11 -05:00
byte[]
b7c8b95003 more aliasing prep 2019-12-14 17:07:43 -05:00
byte[]
e5266db21e add loader plugs 2019-12-14 14:46:50 -05:00
byte[]
d851e8cf62 various fixes:
line-heights
ability to edit filters
fix tag parameter decoding again
better error_tag message
2019-12-12 10:51:44 -05:00
byte[]
21d9202347 fixes for banned users 2019-12-08 15:13:01 -05:00
byte[]
caaeb3ad2e add parameter recoder 2019-12-08 01:00:53 -05:00
byte[]
0e13a7e6a0 fix warnings 2019-12-06 18:08:37 -05:00
byte[]
2a9cbb0ff0 Merge remote-tracking branch 'origin/staff-tools' 2019-12-06 17:57:26 -05:00
byte[]
2d9b85d686 add csp, add global last button 2019-12-06 12:41:02 -05:00
Luna D
cb4c956079
permission checks 2019-12-05 14:31:29 -05:00
Luna D
accc9b5304
actual working counters i think 2019-12-04 18:15:54 -05:00
byte[]
8cc2fd763c allow indexing forums 2019-12-04 07:38:57 -05:00
byte[]
50880ba888 oembed api 2019-12-03 20:27:58 -05:00
byte[]
a9c276ae2f add filter override param 2019-12-03 20:00:48 -05:00
byte[]
bf7dab33b7 add standard seeds 2019-12-02 10:58:12 -05:00
byte[]
e39a8eeccc automatic updating notifications 2019-12-02 09:55:48 -05:00
byte[]
3046da7c67 add nicer lookup error handlers 2019-12-01 21:30:58 -05:00
byte[]
25319f1c76 apply filter evaluator 2019-12-01 12:11:00 -05:00
byte[]
927cc55073 rss api 2019-11-30 18:11:24 -05:00
byte[]
64d1e817d1 settings page 2019-11-30 17:40:53 -05:00
byte[]
1e1b0054d0 add livestream tracking 2019-11-30 01:30:45 -05:00
byte[]
c621c83ac8 adverts 2019-11-29 01:26:05 -05:00
byte[]
109f3f781a finish scraper 2019-11-28 18:19:47 -05:00
byte[]
7892df9b9f sort forum list 2019-11-27 21:59:38 -05:00
byte[]
a22b397fc4 show forum list 2019-11-27 21:57:25 -05:00
byte[]
0e5de7aaa2 source/tag change model setup 2019-11-24 13:36:21 -05:00
byte[]
024b6410c5 update pow, set bind address to local address 2019-11-20 00:34:45 -05:00
byte[]
3ee6c07609 use more correct way of propagating user through models 2019-11-18 19:33:27 -05:00
byte[]
2f4ba6d96d read site notices 2019-11-18 12:32:23 -05:00
byte[]
a8fef6d03c add filter selection 2019-11-17 14:47:01 -05:00
byte[]
790ee13a36 store comment attribution correctly; count unread conversations 2019-11-17 13:52:59 -05:00
byte[]
41bf4790af add attribution plug 2019-11-17 13:29:07 -05:00
byte[]
06875bc11d consistensize plug naming scheme 2019-11-17 13:18:21 -05:00
byte[]
664822dbd2 use canary mapper 2019-11-16 21:53:41 -05:00
byte[]
13168e81cb add ban filterer 2019-11-15 19:48:17 -05:00
byte[]
ab5b7782c7 add bans 2019-11-15 19:40:32 -05:00
byte[]
4915fb5044 normalize search string in filter compilation 2019-11-14 22:15:25 -05:00
byte[]
76886c5329 add mailer, password resets, lockouts 2019-11-14 21:40:35 -05:00
byte[]
abd4de0b4d split users context 2019-11-14 20:08:38 -05:00
byte[]
e76c3cdcba add lockout plugs 2019-11-14 19:59:51 -05:00
byte[]
f1726e3d52 add bulk of totp logic 2019-11-12 22:12:46 -05:00
byte[]
2c04e1cf3d filter editor 2019-11-02 09:14:03 -04:00
byte[]
39470dc1ad primitive sign in 2019-10-31 13:57:39 -04:00
byte[]
969ee117b1 add filters show page 2019-10-09 11:51:14 -04:00
byte[]
702381abc3 add filters 2019-10-08 20:45:04 -04:00
byte[]
94f521e99c forums pagination 2019-10-08 19:30:51 -04:00
byte[]
3a8176b47a scrivener 2019-10-08 19:19:57 -04:00