1
0
mirror of https://github.com/mastodon/mastodon synced 2024-12-01 08:18:22 +09:00
mastodon/app/controllers/concerns
ThibG 28b482874a Improvements to signature verification (#9667)
* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval
2019-01-07 21:45:13 +01:00
..
account_controller_concern.rb Redesign public profiles and toots (#8068) 2018-07-28 19:25:33 +02:00
accountable_concern.rb Add logging of admin actions (#5757) 2017-11-24 02:05:53 +01:00
authorization.rb Add moderator role and add pundit policies for admin actions (#5635) 2017-11-11 20:23:33 +01:00
export_controller_concern.rb Remove exports/base controller in favor of shared concern (#3444) 2017-05-30 19:06:01 +02:00
localized.rb Fix spec for sr-Latn (#7203) 2018-04-20 18:14:31 +02:00
obfuscate_filename.rb Remove methods from ObfuscateFilename and spec (#3347) 2017-05-29 18:14:16 +02:00
rate_limit_headers.rb Apply a 25x rate limit by IP even to authenticated requests (#5948) 2017-12-11 15:32:29 +01:00
session_tracking_concern.rb Update session activation time (fixes #5605) (#7408) 2018-05-11 13:20:58 +02:00
signature_authentication.rb Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225) 2018-02-02 10:19:59 +01:00
signature_verification.rb Improvements to signature verification (#9667) 2019-01-07 21:45:13 +01:00
user_tracking_concern.rb Fix #6331 (#6341) 2018-01-23 20:52:30 +01:00