1
0
Commit Graph

485 Commits

Author SHA1 Message Date
Claire
379115e601
Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 2023-10-23 15:46:21 +00:00
Claire
c3e0eb3699
Change Content-Security-Policy to be tighter on media paths (#26889) 2023-10-23 14:27:07 +02:00
Matt Jankowski
bcd0171e5e
Fix Lint/UselessAssignment cop (#27472) 2023-10-19 16:55:06 +02:00
Wladimir Palant
23f8e93c64
Fixes #23135 - Allow cross origin request for /nodeinfo/2.0 API (#27413) 2023-10-16 13:39:25 +02:00
Renaud Chaput
e0da64bb4e
Fix empty ENV variables not using default nil value (#27400) 2023-10-13 19:00:53 +02:00
Nick Schonning
85db392464
Autofix Rubocop cops for config/ (#24145) 2023-10-03 15:24:12 +02:00
Matt Jankowski
56c0babc0b
Fix rubocop Layout/ArgumentAlignment cop (#26060) 2023-09-28 15:48:47 +02:00
Claire
8acc75435b
Change S3 checksum mode to be disabled by default (#27007) 2023-09-21 14:00:51 +02:00
Claire
a04ae16201
Fix CSP when using ONE_CLICK_SSO_LOGIN (#26901) 2023-09-13 19:54:04 +02:00
CSDUMMI
9a70cac9de
Fix #26849 by adding the domain of the current SSO provider to the form-action CSP (#26857) 2023-09-12 13:04:51 +02:00
Christian Schmidt
ea31929776
Fix invalid Content-Type header for WebP images (#26773) 2023-09-04 09:46:33 +02:00
Claire
9e26cd5503
Add authorized_fetch server setting in addition to env var (#25798) 2023-09-01 15:41:10 +02:00
Christian Schmidt
286a21afdc
Support webpacker live-reloading on Docker (#26419) 2023-08-29 10:17:57 +02:00
Renaud Chaput
b95867ad1f
Allow setting a custom HTTP method in CacheBuster (#26528)
Co-authored-by: Jorijn Schrijvershof <jorijn@jorijn.com>
2023-08-18 08:18:40 +02:00
Claire
dd049fc37a
Fix ES_PRESET not being applied to Chewy's internal index (#26489) 2023-08-14 19:00:56 +02:00
Claire
f5778caa3a
Add ES_PRESET option to customize numbers of shards and replicas (#26483)
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2023-08-14 17:46:16 +02:00
Claire
4bc0dd751c
Add S3_DISABLE_CHECKSUM_MODE environment variable for compatibility with some S3-compatible providers (#26435) 2023-08-10 14:15:18 +02:00
Claire
12c43e4ab5
Re-add StatsD support through the nsa gem (#26310) 2023-08-03 20:28:14 +02:00
Emelia Smith
e258b4cb64
Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
Matt Jankowski
ad81be6c8e
Update rubocop rules for linelength (#26190) 2023-07-28 23:11:45 +02:00
Matt Jankowski
bada7a65aa
Ignore long line in regex initializer (#26182) 2023-07-26 09:45:27 +02:00
Claire
e5f1000ad1
Fix CSP headers being unintendedly wide (#26105) 2023-07-21 13:34:15 +02:00
Claire
934c7b33d1
Change default KeyGenerator digest to SHA1 to fix cookies in rolling upgrades (#26023) 2023-07-21 13:17:43 +02:00
Misty De Méo
b848ba3867
Paperclip: add support for Azure blob storage (#23607) 2023-07-19 09:02:49 +02:00
Matt Jankowski
ce43ed144c
Rails 7.0 update (#25668) 2023-07-13 09:36:07 +02:00
Matt Jankowski
2e1391fdd2
Fix Naming/MemoizedInstanceVariableName cop (#25928) 2023-07-12 10:08:51 +02:00
Nick Schonning
1d557305d2
Enable Rubocop Style/FrozenStringLiteralComment (#23793) 2023-07-12 09:47:08 +02:00
Kurtis Rainbolt-Greene
e4cfe4b3db
First pass at multi-database for read replica using Rails native adapter (#25693)
Co-authored-by: emilweth <7402764+emilweth@users.noreply.github.com>
2023-07-08 19:45:36 +02:00
Claire
dc8f1fbd97
Merge pull request from GHSA-9928-3cp5-93fm
* Fix attachments getting processed despite failing content-type validation

* Add a restrictive ImageMagick security policy tailored for Mastodon

* Fix misdetection of MP3 files with large cover art

* Reject unprocessable audio/video files instead of keeping them unchanged
2023-07-06 15:05:05 +02:00
Eugen Rochko
ba06a2f104
Revert "Rails 7 update" (#25667) 2023-07-02 11:14:22 +02:00
Matt Jankowski
50c2a03695
Rails 7 update (#24241) 2023-07-02 10:38:53 +02:00
Claire
f378f10404
Fix compatibility of recent migration with PostgreSQL 10 (#25324) 2023-06-07 01:53:50 +02:00
Nick Schonning
c66250abf1
Autofix Rubocop Regex Style rules (#23690)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-06-06 14:50:51 +02:00
Claire
e428670e61
Fix CSP headers when S3_ALIAS_HOST includes a path component (#25273) 2023-06-05 17:35:05 +02:00
Matt Jankowski
e49819142f
Remove unmaintained nsa gem (#25265) 2023-06-05 01:57:05 +02:00
Claire
94329f28e1
Change wording of “Content cache retention period” setting to highlight destructive implications (#23261) 2023-06-02 18:09:08 +02:00
Renaud Chaput
942d850b0a
Allow carets in URL search params (#25216) 2023-06-01 12:14:49 +02:00
Nick Schonning
c0b9664a31
Autofix Rubocop spacing in config (#25022) 2023-05-22 13:17:56 +02:00
Nick Schonning
cee4369cf5
Autofix Rubocop Lint/AmbiguousOperatorPrecedence (#25002) 2023-05-16 10:51:59 +02:00
Matt Jankowski
d9a958fcf7
Fix Performance/RedundantMerge cop (#24817) 2023-05-04 05:25:43 +02:00
Matt Jankowski
d902a707a3
Fix Rails/CompactBlank cop (#24690) 2023-04-30 14:07:21 +02:00
Matt Jankowski
5a2aa06a51
Fix Rails/Present cop (#24688) 2023-04-30 06:47:50 +02:00
Nick Schonning
49fad26eca
Drop EOL Ruby 2.7 (#24237) 2023-04-27 01:46:18 +02:00
Nick Schonning
4687967176
Autofix Rubocop Style/NumericLiterals (#24468) 2023-04-23 22:30:07 +02:00
Claire
5c499f54e3
Change root Chewy strategy to emit a warning instead of erroring out in production mode (#24327) 2023-04-03 15:05:39 +02:00
Nick Schonning
500d6f93be
Autofix Rubocop Style/IdenticalConditionalBranches (#24322) 2023-03-31 09:33:52 +02:00
Eugen Rochko
a9b5598c97
Change user settings to be stored in a more optimal way (#23630)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-03-30 14:44:00 +02:00
Claire
e084b5b82d
Fix user archive takeout when using OpenStack Swift or S3 providers with no ACL support (#24200) 2023-03-27 17:07:37 +02:00
Claire
f432db7b9f
Fix sidekiq jobs not triggering Elasticsearch index updates (#24046) 2023-03-12 23:47:55 +01:00
Jean byroot Boussier
922837dc96
Upgrade to latest redis-rb 4.x and fix deprecations (#23616)
Co-authored-by: Jean Boussier <jean.boussier@gmail.com>
2023-03-04 16:38:28 +01:00
Jamie Hoyle
de137e6bb0
Added support for specifying S3 storage classes in environment (#22480) 2023-03-03 20:53:37 +01:00
Eugen Rochko
c6ef56fd5e
Change rate limits to 1,500/5m per user, 300/5m per app (#23347) 2023-02-02 00:07:49 +01:00
luzpaz
596923da4a
Fix typos in source documentation (#21046)
Fixed 2 source comment/documentation typos
2022-12-15 15:57:26 +01:00
Claire
d587a268fd
Add logging for Rails cache timeouts (#21667)
* Reduce redis cache store connect timeout from default 20 seconds to 5 seconds

* Log cache store errors
2022-11-27 20:37:37 +01:00
Claire
7955d4b959
Add form-action CSP directive (#20781) 2022-11-17 10:55:03 +01:00
trwnh
a2931d19ae
Add missing admin scopes (fix #20892) (#20918) 2022-11-17 10:50:21 +01:00
Eugen Rochko
43b0b2f3f4
Fix wrong directive unsafe-wasm-eval to wasm-unsafe-eval (#20729) 2022-11-15 03:39:06 +01:00
prplecake
b46b7c3d5e
Use "unsafe-wasm-eval" instead of "unsafe-eval" in script-src CSP (#20606)
* Add "unsafe-eval" to script-src CSP

* Use 'unsafe-wasm-eval' instead of 'unsafe-eval'
2022-11-15 03:22:38 +01:00
Eugen Rochko
21fd25a269
Fix rate limiting for paths with formats (#20675) 2022-11-14 20:26:31 +01:00
Matt Corallo
9d039209cc
Add Cache-Control header to openstack-stored files (#20610)
When storing files in S3, paperclip is configured with a Cache-Control header
indicating the file is immutable, however no such header was added when using
OpenStack storage.

Luckily Paperclip's fog integration makes this trivial, with a simple
`fog_file` `Cache-Control` default doing the trick.
2022-11-14 05:26:49 +01:00
David Hewitt
290d78cea4
Allow unsetting x-amz-acl S3 Permission headers (#20510)
Some "S3 Compatible" storage providers (Cloudflare R2 is one such example) don't support setting ACLs on individual uploads with the `x-amz-acl` header, and instead just have a visibility for the whole bucket. To support uploads to such providers without getting unsupported errors back, lets use a black `S3_PERMISSION` env var to indicate that these headers shouldn't be sent.

This is tested as working with Cloudflare R2.
2022-11-13 06:57:10 +01:00
prplecake
aafbc82d88
Add "unsafe-eval" to script-src CSP (#18817) 2022-10-26 19:23:16 +02:00
Eugen Rochko
bf0ab3e0fa
Fix vacuum scheduler missing lock, locks never expiring (#19458)
Remove vacuuming of orphaned preview cards
2022-10-26 12:10:48 +02:00
Eugen Rochko
0d6b878808
Add user content translations with configurable backends (#19218) 2022-09-23 23:00:12 +02:00
Eugen Rochko
546672e292
Change "Allow trends without prior review" setting to include statuses (#17977)
* Change "Allow trends without prior review" setting to include posts

* Fix i18n-tasks
2022-08-28 04:00:39 +02:00
Jeong Arm
861b35dd54
Support "http_hidden_proxy" ENV var for hidden service only proxy (#18427)
* Support "http_hidden_proxy" ENV var for hidden service only proxy

* Fallback to http_proxy if http_hidden_proxy is not set
2022-08-25 04:41:14 +02:00
Eugen Rochko
e7aa2be828
Change how hashtags are normalized (#18795)
* Change how hashtags are normalized

* Fix tests
2022-07-13 15:03:28 +02:00
Claire
ae4f068a84
Fix CAS_DISPLAY_NAME, SAML_DISPLAY_NAME and OIDC_DISPLAY_NAME being ignored (#18568) 2022-06-01 19:22:55 +02:00
Eugen Rochko
96129c2f10
Fix confirmation redirect to app without Location header (#18523) 2022-05-26 22:03:54 +02:00
Eugen Rochko
679b7158e3
Change search indexing to use batches to minimize resource usage (#18451) 2022-05-18 23:29:14 +02:00
Eugen Rochko
7b0fe4aef9
Fix opening and closing Redis connections instead of using a pool (#18171)
* Fix opening and closing Redis connections instead of using a pool

* Fix Redis connections not being returned to the pool in CLI commands
2022-04-29 22:43:07 +02:00
Claire
8284110c55
Fix stoplight not using REDIS_NAMESPACE (#18160) 2022-04-28 18:11:31 +02:00
Eugen Rochko
3917353645
Fix single Redis connection being used across all threads (#18135)
* Fix single Redis connection being used across all Sidekiq threads

* Fix tests
2022-04-28 17:47:34 +02:00
Eugen Rochko
6e418bf346
Fix cookies secure flag being set when served over Tor (#17992) 2022-04-08 12:47:18 +02:00
Holger
39b489ba4c
fix: s3_force_single_request not parsed (#17922) 2022-04-01 23:56:23 +02:00
Eugen Rochko
cefa526c6d
Refactor formatter (#17828)
* Refactor formatter

* Move custom emoji pre-rendering logic to view helpers

* Move more methods out of Formatter

* Fix code style issues

* Remove Formatter

* Add inline poll options to RSS feeds

* Remove unused helper method

* Fix code style issues

* Various fixes and improvements

* Fix test
2022-03-26 02:53:34 +01:00
Claire
895212bb2f
Fix PgHero suggesting migrations (#17807)
* Fix PgHero suggesting migrations

Fixes #17768

* Keep migration suggestions in development env
2022-03-15 20:27:49 +01:00
Yamagishi Kazutoshi
eb9a7e3626
Fix LetterOpennerWeb CSP (#17770) 2022-03-14 19:20:40 +01:00
dependabot[bot]
46ad7fea9d
Bump rack-attack from 6.5.0 to 6.6.0 (#17405)
* Bump rack-attack from 6.5.0 to 6.6.0

Bumps [rack-attack](https://github.com/rack/rack-attack) from 6.5.0 to 6.6.0.
- [Release notes](https://github.com/rack/rack-attack/releases)
- [Changelog](https://github.com/rack/rack-attack/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rack/rack-attack/compare/v6.5.0...v6.6.0)

---
updated-dependencies:
- dependency-name: rack-attack
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix usage of deprecated API

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2022-03-12 09:23:53 +01:00
chandrn7
a6ed6845c9
Allow login through OpenID Connect (#16221)
* added OpenID Connect as an SSO option

* minor fixes

* added comments, removed an option that shouldn't be set

* fixed Gemfile.lock

* added newline to end of Gemfile.lock

* removed tab from Gemfile.lock

* remove chomp

* codeclimate changes and small name change to make function's purpose clearer

* codeclimate fix

* added SSO buttons to /about page

* minor refactor

* minor style change

* removed spurious change

* removed unecessary conditional from ensure_valid_username and added support for auth.info.name in user_params_from_auth

* minor changes
2022-03-09 12:07:35 +01:00
Josh Soref
b5329e0035
Spelling (#17705)
* spelling: account

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: affiliated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: appearance

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: autosuggest

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: cacheable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: component

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: conversations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: domain.example

Clarify what's distinct and use RFC friendly domain space.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: environment

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: exceeds

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: functional

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: inefficiency

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: not

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: notifications

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: occurring

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: position

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: progress

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: promotable

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: reblogging

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: repetitive

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: resolve

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: saturated

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: similar

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: strategies

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: success

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: targeting

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: thumbnails

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unauthorized

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: unsensitizes

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: validations

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

* spelling: various

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>

Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
2022-03-06 22:51:40 +01:00
luzpaz
73f5e4a1d9
Fix various typos (#17621)
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,ro`
2022-02-22 20:14:17 +01:00
Claire
8603a07504
Fix error when trying to register (#17600) 2022-02-21 14:55:38 +01:00
zunda
f9e7f2e409
Avoid return within block (#17590)
This prevents the error: LocalJumpError (unexpected return)
2022-02-18 20:21:21 +01:00
Jeong Arm
1de2e3f980
Throttle IPv6 signup for subnet (#17588) 2022-02-18 13:51:51 +01:00
Claire
cfa583fa71
Remove support for OAUTH_REDIRECT_AT_SIGN_IN (#17287)
Fixes #15959

Introduced in #6540, OAUTH_REDIRECT_AT_SIGN_IN allowed skipping the log-in form
to instead redirect to the external OmniAuth login provider.

However, it did not prevent the log-in form on /about introduced by #10232 from
appearing, and completely broke with the introduction of #15228.

As I restoring that previous log-in flow without introducing a security
vulnerability may require extensive care and knowledge of how OmniAuth works,
this commit removes support for OAUTH_REDIRECT_AT_SIGN_IN instead for the time
being.
2022-01-23 15:50:41 +01:00
Eugen Rochko
8e84ebf0cb
Remove IP tracking columns from users table (#16409) 2022-01-16 13:23:50 +01:00
Jeong Arm
ea61d3acd6
Fix media API limit (#17272) 2022-01-10 14:25:24 +01:00
Eugen Rochko
fe71548844
Fix warnings on Rails boot (#16946) 2021-12-27 00:47:20 +01:00
Takeshi Umeda
06631fdc53
Fix ElasticSearch to Elasticsearch (#17050) 2021-11-26 08:30:02 +01:00
Takeshi Umeda
3419d3ec84
Bump chewy from 5.2.0 to 7.2.3 (supports Elasticsearch 7.x) (#16915)
* Bump chewy from 5.2.0 to 7.2.2

* fix style (codeclimate)

* fix style

* fix style

* Bump chewy from 7.2.2 to 7.2.3
2021-11-18 22:02:08 +01:00
Claire
6da135a493
Fix reviving revoked sessions and invalidating login (#16943)
Up until now, we have used Devise's Rememberable mechanism to re-log users
after the end of their browser sessions. This mechanism relies on a signed
cookie containing a token. That token was stored on the user's record,
meaning it was shared across all logged in browsers, meaning truly revoking
a browser's ability to auto-log-in involves revoking the token itself, and
revoking access from *all* logged-in browsers.

We had a session mechanism that dynamically checks whether a user's session
has been disabled, and would log out the user if so. However, this would only
clear a session being actively used, and a new one could be respawned with
the `remember_user_token` cookie.

In practice, this caused two issues:
- sessions could be revived after being closed from /auth/edit (security issue)
- auto-log-in would be disabled for *all* browsers after logging out from one
  of them

This PR removes the `remember_token` mechanism and treats the `_session_id`
cookie/token as a browser-specific `remember_token`, fixing both issues.
2021-11-06 00:13:58 +01:00
Jeong Arm
c8ce728705
Support authentication for ElasticSearch (#16890)
* Support authentication for ElasticSearch

* Fix chewy auth settings
2021-10-24 17:20:03 +02:00
Claire
b21f3aa21d
Minor memory optimizations (#16507)
Reduce constant memory usage by ~100kB and further reduce boot-up memory
allocations and temporary memory use by a further ~200kB.
2021-10-14 21:04:57 +02:00
Daniel
2ed1c92c63
New env variable: CAS_SECURITY_ASSUME_EMAIL_IS_VERIFIED (#16655)
When using a CAS server, the users only have a temporary email
`change@me-foo-cas.com` which can't be changed but by an
administrator.

We need a new environment variable like for SAML to assume the email
from CAS is verified.

* config/initializers/omniauth.rb: define CAS option for assuming
  email are always verified.
* .env.nanobox: add new variable as an example.
2021-08-25 18:41:24 +02:00
Claire
211d5c3c30
Fix inefficiencies in auto-linking code (#16506)
The auto-linking code basically rewrote the whole string escaping non-ascii
characters in an inefficient way, and building a full character offset map
between the unescaped and escaped texts before sending the contents to
TwitterText's extractor.

Instead of doing that, this commit changes the TwitterText regexps to include
valid IRI characters in addition to valid URI characters.
2021-07-15 15:56:58 +02:00
Claire
b715cede4d
Fix mailer jobs for deleted notifications erroring out (#16294)
Fixes an oversight in the Rails 6 migration
2021-05-24 03:02:46 +02:00
Claire
97539b6a96
Fix host check on healthcheck path not being disabled (#16270)
Fixes #16251

There was a typo in #16243
2021-05-17 22:36:08 +02:00
Jeong Arm
f09322f9cc
Disable host check on healthcheck path (#16243) 2021-05-16 19:48:59 +02:00
Takeshi Umeda
9b18914c35
Add a Redis environment variable for sidekiq (#16188) 2021-05-09 10:40:17 +02:00