Commit graph

120 commits

Author SHA1 Message Date
byte[]
35e12420af strongly segregate domains of main site and ugc in security policy 2021-03-16 20:24:58 -04:00
byte[]
92ade8e543 pass on empty scraper url (fixes philomena-dev/philomena#81) 2020-12-08 15:12:31 -05:00
byte[]
1f57d0041c propagate filename through scraper (fixes derpibooru/philomena#226) 2020-12-06 12:40:38 -05:00
Parasprite
a244b8d322 Updates user link to artist link (code side)
make user link


Update structure for artist links


bap
2020-11-26 15:30:17 -05:00
byte[]
37adb661fb display bans in sorted order (fixes philomena-dev/philomena#66) 2020-11-15 21:00:05 -05:00
parasprite
e058a212e7
Removes discourage bans (#65)
Co-authored-by: Parasprite <foalspeedahead@gmail.com>
2020-11-07 00:22:41 -05:00
byte[]
1436c7ff06 update connecting ip in session 2020-10-12 03:01:20 -04:00
byte[]
a00cdab739 improve ajax error messages 2020-09-27 23:53:14 -04:00
byte[]
fc159c3782 centralize ajax determination 2020-09-27 23:47:32 -04:00
SomewhatDamaged
70959e9094
Damaged limit staff skip (#20)
* Adds ability to enforce limits on staff

* Fix space
2020-09-24 09:36:39 -04:00
byte[]
6a045ce88e don't bump ratelimit after unsuccessful attempts 2020-09-14 20:52:02 -04:00
byte[]
6deab827ac store filter_id in a long-lived cookie (derpibooru/philomena#139) 2020-09-14 20:02:43 -04:00
liamwhite
653fd0a4af
hCaptcha (#19) 2020-09-12 13:43:16 -04:00
byte[]
ecfe60bcaa don't recode tag slugs, fixes #18 2020-09-10 11:20:25 -04:00
byte[]
39ce0ae4fd require http clients to handle errors 2020-09-09 23:12:54 -04:00
byte[]
c9331f61b4 require page number to be positive 2020-09-07 23:19:32 -04:00
byte[]
a2e524b535 remove unnecessary referrer redirects 2020-09-07 00:28:24 -04:00
byte[]
113908f820 allow CSP customization on a per-controller basis 2020-08-23 18:30:58 -04:00
SomewhatDamaged
dec3615da5
Modify limit_plug for use by API (#15) 2020-08-22 12:11:50 -04:00
byte[]
4bfb7d8dd3 always assign advert, even if nil 2020-08-13 17:55:36 -04:00
byte[]
539eb223ff Fix all but one dialyzer warning 2020-08-11 19:15:32 -04:00
byte[]
02bbf5e2f1 fixes invisible error message for comment rate limit, weird nesting error for tag updates, e.g. derpibooru/philomena#169 2020-08-11 01:14:00 -04:00
byte[]
5b760436a1 ensure CSP plug config happens at runtime, not compile time 2020-08-06 13:27:56 -04:00
byte[]
5532ea4dec more complete fix for commission and gallery pagination error 2020-08-01 12:42:29 -04:00
liamwhite
98f4166ea8
Replace Pow with generated Phoenix auth (#10) 2020-07-28 16:56:26 -04:00
Byron Mulvogue
b48a07f517 Allow staff to bypass rate limits 2020-07-24 12:51:23 +00:00
byte[]
ad6e055aff add missing rate limit 2020-07-21 10:50:33 -04:00
byte[]
a36e2d7368 mix format 2020-06-12 13:00:59 -04:00
byte[]
417305e43c filter fixes 2020-06-06 21:56:07 -04:00
byte[]
9294e54771 Filter updates 2020-06-06 21:03:17 -04:00
byte[]
5dfd8f5b60 ensure CB is assigned 2020-06-03 21:26:38 -04:00
byte[]
ec1a999913 normal uses variance, not sd 2020-06-03 21:18:39 -04:00
byte[]
7160433c33 update methods 2020-06-03 21:10:38 -04:00
byte[]
cc4103fcea stop spawning off for advert updates 2020-05-27 17:14:22 -04:00
byte[]
7fca37741b replace use of hackney in scraper with mint 2020-05-20 14:18:13 -04:00
byte[]
a1b8ed9d33 move search, textile, date parser to app namespace 2020-05-07 22:43:40 -04:00
byte[]
1168ba86f6 move IP/FP updaters to web namespace 2020-05-07 22:03:10 -04:00
byte[]
4b86e783ef you have to halt the plug pipeline explicitly 2020-05-04 03:18:36 -04:00
SomewhatDamaged
3e7ee76fe2
Api create image (#105)
* added new method (POST) to /api/v1/json/images

* Cleaned up debug

* added require_authorization plug, fixed up issues with image_controller

* make user do work

* Fixed inefficient function use

* added api fingerprinting

* more robust

* corrected holdover from merging files
2020-05-01 00:40:57 -04:00
byte[]
63c89d2faf fix double send on registration 2020-04-18 20:28:01 -04:00
byte[]
e159c01bef fix broken case clause 2020-04-18 20:25:08 -04:00
Dan Schultzer
051a204d55
Add TOTP support in the invalidation session plug (#87) 2020-04-18 20:19:07 -04:00
Nick
79d8ed8a1c
Prevent compromised passwords from being used (#89)
* prevent compromised passwords from being used

* formatting consistency

* run mix format and hardcode api url

* more formatting

* remove unnecessary string upcase
2020-04-18 20:15:18 -04:00
byte[]
11cac54ba0 mix format 2020-04-11 20:28:28 -04:00
Dan Schultzer
36cbdff953
Fix plug issue (#86) 2020-04-11 19:47:23 -04:00
Dan Schultzer
e5f0e473d9
Add plug to handle invalidated Pow session tokens (#36)
* Add plug to handle invalidated Pow session tokens

* Add token signing

* Refactor for tests
2020-04-11 14:54:55 -04:00
Nick
d247e01347
Properly handle failed captchas after XHR post (#85)
* handle form posts and xhr posts differently on captcha failure

* formatting
2020-04-11 14:23:55 -04:00
byte[]
9ea7980e3f hex upgrades 2020-02-06 17:24:41 -05:00
byte[]
3ac8687c18 allow get-based reverse searching 2020-01-11 13:51:14 -05:00
byte[]
ed44160603 run formatter 2020-01-10 23:20:19 -05:00