a097dd489b
Change default S3 ACL string used by Paperclip from 'public' (which is invalid) to 'public-read'
2017-01-15 20:58:46 +11:00
2e71bb031b
Fix Paperclip timeout setting. Fix bug introduced in #437
2017-01-08 19:12:54 +01:00
7ddec6e7c3
Add read timeout to paperclip when it's downloading remote images
2017-01-07 15:43:56 +01:00
b891a81008
Follow call on locked account creates follow request instead
...
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
2016-12-22 23:03:57 +01:00
6d71044c85
Don't use rack timeout in any but production environments
2016-12-21 19:10:40 +01:00
6de079a5af
Removing external hub completely, fix #333 fixing digit-only hashtags,
...
removing web app capability from non-webapp pages
2016-12-18 12:24:37 +01:00
8b93f45f3d
Fix paperclip config
2016-12-07 17:19:29 +01:00
f114bc7bb7
Update Paperclip config to allow plugging in Minio instead of AWS
2016-12-07 16:59:18 +01:00
1357c1cb3d
Add single user mode
2016-12-06 17:19:26 +01:00
b362de2232
Adding configurable e-mail blacklist
2016-12-04 19:07:02 +01:00
f763e844e8
Do not use expiring links after all
2016-12-04 13:02:43 +01:00
80c44ed9c1
Do not autoplay videos, display play button instead. Use expiring links when using S3. Do not keep originals
...
for avatars/headers, resize avatars down to 120x120 instead of 300x300. Set cache headers on S3 stuff, also
make it private (aka only accessible via expiring links to prevent hotlinking)
2016-12-04 12:28:10 +01:00
290ffb63cd
Fix cloudfront config
2016-12-03 22:12:22 +01:00
d3bd10dfe4
Add Cloudfront support
2016-12-03 22:08:15 +01:00
5973ca3d11
Upgrade Paperclip to 5, AWS-SDK to 2, do not generate medium/small versions of avatars
2016-11-29 14:20:15 +01:00
cc70f28f19
Adding rack timeout of 30sec, PuSH jobs moved to push queue so they
...
can be processed separately
2016-11-29 02:07:14 +01:00
c0555f2db6
Don't rate-limit PuSH endpoints
2016-11-29 00:44:11 +01:00
4e351baf88
Fix URLs in inline-rendered XML
2016-11-29 00:26:01 +01:00
41ef277da3
Fix URLs in ApplicationController.renderer
2016-11-28 21:21:05 +01:00
dda9ac9222
Fix reset date format when rate limited
2016-11-25 18:20:47 +01:00
8efa081f21
Remove Neo4J
2016-11-24 23:46:27 +01:00
8e34bed7cc
Mini Profiler not working well, remove it
2016-11-24 19:59:11 +01:00
fc90d38893
Moving some counter queries out of subqueries in the API
2016-11-22 22:59:54 +01:00
116ab27e08
i18n for devise mailer too
2016-11-16 18:25:21 +01:00
546c4718e7
Localizations for most server-side strings
2016-11-16 00:55:33 +01:00
fdc17bea58
Fix rubocop issues, introduce usage of frozen literal to improve performance
2016-11-15 16:56:29 +01:00
86574ea524
Adding Emoji One
2016-11-08 21:46:29 +01:00
2f21f4cc01
Fix region setting for AWS gem
2016-11-08 18:55:46 +01:00
dbe00a4156
Improved configuration from ENV, cleaned up timeline filter methods
...
to be more readable, add extra logging to process feed service
2016-11-07 23:20:52 +01:00
b835f4aa1c
Fix insecure S3 URLs
2016-11-06 20:59:06 +01:00
d14967e1c8
Fix URL configuration when S3 is enabled
2016-11-06 20:43:16 +01:00
45230c56ab
Improve S3 config
2016-11-06 18:55:20 +01:00
3ab193bc3f
Adding optional S3, fail-mastodon
2016-11-06 18:35:46 +01:00
9467b900a2
Make cookies https-only if LOCAL_HTTPS is true, set X-Frame-Options to DENY,
...
add permissive CORS to API controllers
2016-11-02 12:58:15 +01:00
720d1f8f3d
Restrict access to oauth/applications to admins only
2016-10-23 12:08:52 +02:00
a9e40a3d80
Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting
...
to the API
2016-10-22 19:39:44 +02:00
43df35213e
Improving all forms
2016-10-18 16:37:15 +02:00
d5e086a47b
Adding application/jrd+json webfinger resource
2016-10-18 02:54:49 +02:00
e21a3fe0cd
Adding sync of follow relationships to Neo4J, accounts/suggestions API
2016-10-14 23:10:07 +02:00
3554d638b3
Fix #72 - add follow/unfollow button to public profiles
2016-10-06 21:27:58 +02:00
f06f295890
Fix doorkeeper skip_authorization
2016-10-02 22:55:09 +02:00
4909bbf415
Add logging for outgoing http requests
2016-10-02 14:58:06 +02:00
492224b93f
Allow non-https redirect URIs for OAuth apps (AndStatus seems to require this)
2016-09-30 22:40:31 +02:00
7e14eefc81
Replace logo, fix #57 - delete/unreblog/unfavourite API, fix #45 - app
...
registration API
2016-09-26 23:56:53 +02:00
3b56350121
Fix #6 - Rate limit GET reqs to 300/5min, POST to 100/5min
2016-09-24 13:53:54 +02:00
1022d682dc
Normalized data in Redux, fix for asset URLs when rendered outside request
2016-09-04 14:04:26 +02:00
92afd29650
The frontend will now be an OAuth app, auto-authorized. The frontend will use an access token for API requests
...
Adding better errors for the API controllers, posting a simple status works from the frontend now
2016-08-26 19:12:19 +02:00
44e57f64dd
Improving statuses, adding a composer drawer, which doesn't work yet
2016-08-25 19:52:55 +02:00
bc0692d75b
Removing mini-profiler that doesn't work, formatting timelines a bit better
2016-08-24 19:23:37 +02:00
68c93f8b85
Final fix for ActionCable origin issues
2016-08-18 18:51:50 +02:00
