Matt Jankowski
5405bdd344
Remove unused E2EE messaging code ( #31193 )
2024-09-18 09:27:43 +00:00
Eugen Rochko
e0c27a5047
Add ability to manage which websites can credit you in link previews ( #31819 )
2024-09-10 12:00:40 +00:00
Matt Jankowski
02df1b4e4a
Finish email allow/deny list naming migration ( #30530 )
2024-08-13 07:37:32 +00:00
Emelia Smith
4655be0da6
Fix add validation to webpush subscription keys ( #30542 )
2024-06-05 19:16:47 +00:00
Matt Jankowski
4a77e477ee
Consolidate account scopes for LOWER
(index using) username/domain queries ( #30451 )
2024-05-28 14:11:31 +00:00
Claire
38b9d31f63
Improve email address validation ( #29838 )
2024-04-05 07:48:45 +00:00
Matt Jankowski
67f54c4e75
Fix Rails/WhereExists
cop in app/validators ( #28854 )
2024-01-23 09:06:53 +00:00
Claire
6ad0fb5a77
Fix NULL MX handling and tighten DNS resolving specs ( #28607 )
2024-01-05 11:07:57 +00:00
Matt Jankowski
00c6ebd86f
Reduce .times
usage in StatusPin
and add PIN_LIMIT
constant in validator ( #27945 )
2023-11-20 09:07:25 +00:00
Matt Jankowski
19900f647e
Add coverage for UnreservedUsernameValidator
( #25590 )
2023-10-17 13:05:28 +02:00
Matt Jankowski
f5bc1f20e2
Add coverage for ExistingUsernameValidator
( #25592 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-10-16 15:41:23 +02:00
Matt Jankowski
660993b415
Add coverage for URLValidator
( #25591 )
2023-07-28 23:12:25 +02:00
Matt Jankowski
6602edf064
Add coverage for LanguageValidator
( #25593 )
2023-07-28 23:12:09 +02:00
Matt Jankowski
30f5ec7303
Rubocop fix: Perfomance/UnfreezeString
( #26217 )
2023-07-28 23:11:05 +02:00
Matt Jankowski
b8b2470cf8
Fix Style/SlicingWithRange
cop ( #25923 )
2023-07-12 10:03:06 +02:00
Matt Jankowski
9f5deb310b
Fix Performance/MapCompact cop ( #24797 )
...
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2023-05-23 10:49:12 +02:00
Claire
5cd55d8aaf
Fix being able to vote on your own polls ( #25015 )
2023-05-17 00:08:42 +02:00
Matt Jankowski
88d33f361f
Fix Lint/DuplicateBranch cop ( #24766 )
2023-05-02 12:57:11 +02:00
Claire
32a030dd74
Rewrite import feature ( #21054 )
2023-05-02 12:08:48 +02:00
Matt Jankowski
c40d5e5a8f
Misc coverage improvements for validators ( #23928 )
2023-03-04 17:00:00 +01:00
Matt Jankowski
4bb39ac3c3
Fix single-record invalid condition on PollVote ( #23810 )
2023-02-27 09:31:15 +01:00
Matt Jankowski
730bb3e211
Remove unused HTML Validator ( #23866 )
2023-02-24 20:06:32 +01:00
Nick Schonning
717683d1c3
Autofix Rubocop remaining Layout rules ( #23679 )
2023-02-20 06:58:28 +01:00
Nick Schonning
2177daeae9
Autofix Rubocop Style/RedundantBegin ( #23703 )
2023-02-19 07:09:40 +09:00
Claire
a5a00d7f7a
Fix email with empty domain name labels passing validation ( #23246 )
...
* Fix email with empty domain name labels passing validation
`EmailMxValidator` would allow empty labels because `Resolv::DNS` is
particularly lenient about them, but the email would be invalid and
unusable.
* Add tests
2023-01-24 20:18:41 +01:00
Claire
3654c94583
Strip spaces around URL when adding a relay ( #22655 )
...
* Strip spaces around URL when adding a relay
Fixes #22650
* Gracefuly handle URL parsing errors in URL validator
2023-01-05 13:33:33 +01:00
Eugen Rochko
317ec06dc7
Fix error when uploading malformed CSV import ( #19509 )
2022-10-28 23:30:44 +02:00
Eugen Rochko
abf6c87ee8
Fix remote account in contact account setting not being used ( #19351 )
2022-10-21 14:07:02 +02:00
Eugen Rochko
50948b46aa
Add ability to filter followed accounts' posts by language ( #19095 )
2022-09-20 23:51:21 +02:00
Eugen Rochko
a2871cd747
Add administrative webhooks ( #18510 )
...
* Add administrative webhooks
* Fix error when webhook is deleted before delivery worker runs
2022-06-09 21:57:36 +02:00
Eugen Rochko
f6d35ed57d
Remove IP matching from e-mail domain blocks ( #18190 )
...
Clear out e-mail domain blocks created from automatically resolved DNS records
2022-04-29 23:27:03 +02:00
Eugen Rochko
bbc7afa2a2
Fix being able to post URLs longer than 4096 characters ( #17908 )
2022-03-30 14:46:03 +02:00
Eugen Rochko
a29a982eaa
Change e-mail domain blocks to block IPs dynamically ( #17635 )
...
* Change e-mail domain blocks to block IPs dynamically
* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
* Update app/workers/scheduler/email_domain_block_refresh_scheduler.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-24 17:28:23 +01:00
Eugen Rochko
b6d7726ecb
Remove language detection through cld3 ( #17478 )
...
* Remove language detection through cld3
* Update app/helpers/languages_helper.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
2022-02-08 02:41:17 +01:00
Claire
d5c9feb7b7
Add support for private pinned posts ( #16954 )
...
* Add support for private pinned toots
* Allow local user to pin private toots
* Change wording to avoid "direct message"
2022-01-17 00:49:55 +01:00
Claire
b21f3aa21d
Minor memory optimizations ( #16507 )
...
Reduce constant memory usage by ~100kB and further reduce boot-up memory
allocations and temporary memory use by a further ~200kB.
2021-10-14 21:04:57 +02:00
Eugen Rochko
275fa4746b
Add configuration
attribute to GET /api/v1/instance
( #16485 )
...
List various values like file size limits and supported mime types
2021-07-10 17:58:41 +02:00
Eugen Rochko
3639862dee
Fix existing username validator not allowing multiple accounts ( #16153 )
...
Fix #16107
2021-05-04 14:22:04 +02:00
Eugen Rochko
daccc07dc1
Change auto-following admin-selected accounts, show in recommendations ( #16078 )
2021-04-24 17:01:43 +02:00
Eugen Rochko
b3ceb3dcc4
Add canonical e-mail blocks for suspended accounts ( #16049 )
...
Prevent new accounts from being created using the same underlying
e-mail as a suspended account using extensions and period
permutations. Stores e-mails as a SHA256 hash
2021-04-17 03:14:25 +02:00
Claire
051efed5ed
Bypass MX validation for explicitly allowed domains ( #15930 )
...
* Bypass MX validation for explicitly allowed domains
This spares some lookups and prevent issues in some edge cases with
local domains.
* Add tests
* Fix test
2021-03-19 23:48:47 +01:00
Claire
a4dcaef53b
Prepare Mastodon for zeitwerk autoloader ( #15917 )
...
* Prepare Mastodon for zeitwerk autoloader (Rails 6)
Add inflections and rename/move a few classes.
In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.
* Add inflection for Url → URL
2021-03-19 02:42:43 +01:00
Claire
5614e6724e
Fix URL scanning in note length validator and preview card fetching ( #15827 )
...
* Add tests
* Fix URL scanning in note length validator and preview card fetching
2021-03-04 00:12:26 +01:00
Claire
65db262550
Update twitter-text from 1.14 to 3.1.0 and fix toot character counting ( #15382 )
...
* Update twitter-text from 1.14 to 3.1.0
* Disable emoji parsing
* Properly depend on twitter-text for url detection
* Fix some URLs being wrongly detected client-side
* Add test for server-side validation of non-autolinkable URLs
* Fix server-side status length counting
2021-03-02 12:02:56 +01:00
Eugen Rochko
9aa37b32c3
Add details
to error response for POST /api/v1/accounts
in REST API ( #15803 )
2021-03-01 04:59:13 +01:00
luigi
eb51e43fb4
Optimize some regex matching ( #15528 )
...
* Use Regex#match?
* Replace =~ too
* Avoid to call match? from Nil
* Keep value of Regexp.last_match
2021-01-22 10:09:08 +01:00
luigi
087ed84367
Optimize map { ... }.compact calls ( #15513 )
...
* Optimize map { ... }.compact
using Enumerable#filter_map, supported since Ruby 2.7
* Add poyfill for Enumerable#filter_map
2021-01-10 00:32:01 +01:00
Eugen Rochko
eb35be0431
Fix follow limit preventing re-following of a moved account ( #14207 )
2020-12-18 09:18:31 +01:00
ThibG
49eb4d4ddf
Add honeypot fields and minimum fill-out time for sign-up form ( #15276 )
...
* Add honeypot fields to limit non-specialized spam
Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.
This should cut down on some non-Mastodon-specific spambots.
* Require a 3 seconds delay before submitting the registration form
* Fix tests
* Move registration form time check to model validation
* Give people a chance to clear the honeypot fields
* Refactor honeypot translation strings
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10 06:27:26 +01:00
ThibG
8d217d7231
Improve email address validation ( #14565 )
...
* Increase DNS timeout from 1 second to 5 seconds for MX check
1 seconds is rather short when using a recursive DNS resolver which
hasn't got a cached result already available. Use 5 seconds instead,
which is the timeout value we use for outgoing HTTP queries.
* Add more precise error messages for invalid e-mail addresses
2020-08-12 12:40:25 +02:00