1
0
Fork 0
mirror of https://github.com/mastodon/mastodon.git synced 2024-08-20 21:08:15 -07:00
mastodon/app/controllers
Claire 502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
..
activitypub Rename cache_* methods to preload_* in controller concern (#30209) 2024-05-16 08:03:46 +00:00
admin Extract PERMITTED_PARAMS constant from admin/domain_blocks controller (#30380) 2024-06-11 09:40:47 +00:00
api Merge pull request from GHSA-58x8-3qxw-6hm7 2024-07-04 16:26:49 +02:00
auth Remove exclusion for Rails/LexicallyScopedActionFilter cop (#30697) 2024-06-21 15:34:13 +00:00
concerns Move pagination_params into API::BaseController (#28845) 2024-05-30 14:56:48 +00:00
disputes Remove un-needed action and template options to render in controllers (#28022) 2023-11-29 10:38:05 +00:00
filters
oauth Merge pull request from GHSA-vp5r-5pgw-jwqx 2024-07-04 16:11:28 +02:00
redirect Fix redirect confirmation for accounts (#28902) 2024-01-25 10:44:25 +00:00
settings Change read:me scope to profile scope (#30357) 2024-06-06 07:30:10 +00:00
well_known Implement RFC 8414 for OAuth 2.0 server metadata (#29191) 2024-05-06 13:17:56 +00:00
about_controller.rb Simplify instance presenter view access (#26046) 2023-09-28 16:52:37 +02:00
accounts_controller.rb Rename cache_* methods to preload_* in controller concern (#30209) 2024-05-16 08:03:46 +00:00
application_controller.rb Rename cache_* methods to preload_* in controller concern (#30209) 2024-05-16 08:03:46 +00:00
authorize_interactions_controller.rb Change interaction modal in web UI (#26075) 2023-07-27 16:11:17 +02:00
backups_controller.rb Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439) 2023-10-23 15:46:21 +00:00
custom_css_controller.rb Add scope providing_styles to UserRole (#29286) 2024-02-20 09:18:05 +00:00
emojis_controller.rb
filters_controller.rb Remove un-needed action and template options to render in controllers (#28022) 2023-11-29 10:38:05 +00:00
follower_accounts_controller.rb Fix Vary headers not being set on some redirects (#27272) 2023-10-05 09:50:08 +02:00
following_accounts_controller.rb Fix Vary headers not being set on some redirects (#27272) 2023-10-05 09:50:08 +02:00
health_controller.rb Disable Rails/ApplicationController for HealthController (#28705) 2024-01-12 09:08:17 +00:00
home_controller.rb Simplify instance presenter view access (#26046) 2023-09-28 16:52:37 +02:00
instance_actors_controller.rb Move common module inclusion in sub classes to ActivityPub::BaseController (#29560) 2024-03-15 10:40:21 +00:00
intents_controller.rb Remove redundant return in IntentsController (#29099) 2024-02-06 12:56:22 +00:00
invites_controller.rb
mail_subscriptions_controller.rb Add List-Unsubscribe email header (#26085) 2023-08-01 19:34:40 +02:00
manifests_controller.rb
media_controller.rb Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
media_proxy_controller.rb Refactor: replace whitelist_mode mentions with limited_federation_mode (#26252) 2023-08-02 19:32:48 +02:00
privacy_controller.rb Simplify instance presenter view access (#26046) 2023-09-28 16:52:37 +02:00
relationships_controller.rb Fix call to inefficient delete_matched cache method in domain blocks (#28374) 2023-12-18 16:14:43 +00:00
remote_interaction_helper_controller.rb Change interaction modal in web UI (#26075) 2023-07-27 16:11:17 +02:00
severed_relationships_controller.rb Use existing SeveredRelationship.about_local_account scope in more places (#29673) 2024-03-21 08:36:49 +00:00
shares_controller.rb
statuses_cleanup_controller.rb Remove un-needed action and template options to render in controllers (#28022) 2023-11-29 10:38:05 +00:00
statuses_controller.rb Simplify instance presenter view access (#26046) 2023-09-28 16:52:37 +02:00
tags_controller.rb Rename cache_* methods to preload_* in controller concern (#30209) 2024-05-16 08:03:46 +00:00