This repository has been archived on 2019-05-14. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/app/controllers
Eugen Rochko 1618b68bfa HTTP signatures (#4146)
* Add Request class with HTTP signature generator

Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06

* Add HTTP signature verification concern

* Add test for SignatureVerification concern

* Add basic test for Request class

* Make PuSH subscribe/unsubscribe requests use new Request class

Accidentally fix lease_seconds not being set and sent properly, and
change the new minimum subscription duration to 1 day

* Make all PuSH workers use new Request class

* Make Salmon sender use new Request class

* Make FetchLinkService use new Request class

* Make FetchAtomService use the new Request class

* Make Remotable use the new Request class

* Make ResolveRemoteAccountService use the new Request class

* Add more tests

* Allow +-30 seconds window for signed request to remain valid

* Disable time window validation for signed requests, restore 7 days
as PuSH subscription duration (which was previous default due to a bug)
2017-07-14 20:41:49 +02:00
..
admin Improve UI of admin site settings (#4163) 2017-07-12 03:24:04 +02:00
api HTTP signatures (#4146) 2017-07-14 20:41:49 +02:00
auth Add overview of active sessions (#3929) 2017-06-25 16:54:30 +02:00
concerns HTTP signatures (#4146) 2017-07-14 20:41:49 +02:00
oauth Fix #1165 - before_action was called before protect_from_forgery 2017-04-08 02:30:50 +02:00
settings Add option to opt out of search engines on public profile/status pages (#4199) 2017-07-14 16:41:02 +02:00
well_known Ensure well_known controllers use WEB_DOMAIN by including RoutingHelper (#2388) 2017-06-02 22:21:36 +02:00
about_controller.rb Redesign the landing page, mount public timeline on it (#4122) 2017-07-11 15:27:59 +02:00
account_follow_controller.rb Restful refactor of accounts/ routes (#2133) 2017-04-19 13:52:37 +02:00
account_unfollow_controller.rb Restful refactor of accounts/ routes (#2133) 2017-04-19 13:52:37 +02:00
accounts_controller.rb HTTP signatures (#4146) 2017-07-14 20:41:49 +02:00
application_controller.rb Fix #4058 - Use a long-lived cookie to keep track of user-level sessions (#4091) 2017-07-07 23:25:15 +02:00
authorize_follows_controller.rb Remote following success page (#4129) 2017-07-10 18:05:06 +02:00
follower_accounts_controller.rb Introduce recent to Follow (#3247) 2017-05-23 13:12:19 +02:00
following_accounts_controller.rb Introduce recent to Follow (#3247) 2017-05-23 13:12:19 +02:00
home_controller.rb Web Push Notifications (#3243) 2017-07-13 22:15:32 +02:00
manifests_controller.rb Fix #3063 - Add dynamic app manifest (#3563) 2017-06-06 19:29:42 +02:00
media_controller.rb Extract authorization policy for viewing statuses (#3150) 2017-05-29 18:22:22 +02:00
remote_follow_controller.rb Conditional validations no longer accept strings for if/unless (#3124) 2017-05-19 03:11:23 +02:00
statuses_controller.rb Extract authorization policy for viewing statuses (#3150) 2017-05-29 18:22:22 +02:00
stream_entries_controller.rb HTTP signatures (#4146) 2017-07-14 20:41:49 +02:00
tags_controller.rb Return missing page when tag does not exist (#2563) 2017-04-28 15:11:21 +02:00