ThibG 89d600bedb Move signature verification stoplight to the requests themselves (#10813) ...

* Move signature verification stoplight to the requests themselves

This avoids blocking messages from known keys for 5 minutes when only one fails…

* Put the stoplight on the actual client IP, not a potential reverse proxy

2019-05-23 15:22:39 +02:00

..

account_controller_concern.rb

Mark the 410 gone response for suspended accounts as cachable (#10339)

2019-03-21 23:33:18 +01:00

accountable_concern.rb

Add logging of admin actions (#5757)

2017-11-24 02:05:53 +01:00

authorization.rb

Add moderator role and add pundit policies for admin actions (#5635)

2017-11-11 20:23:33 +01:00

export_controller_concern.rb

Remove exports/base controller in favor of shared concern (#3444)

2017-05-30 19:06:01 +02:00

localized.rb

Fix spec for sr-Latn (#7203)

2018-04-20 18:14:31 +02:00

obfuscate_filename.rb

Remove methods from ObfuscateFilename and spec (#3347)

2017-05-29 18:14:16 +02:00

rate_limit_headers.rb

Apply a 25x rate limit by IP even to authenticated requests (#5948)

2017-12-11 15:32:29 +01:00

session_tracking_concern.rb

Update session activation time (fixes #5605) (#7408)

2018-05-11 13:20:58 +02:00

signature_authentication.rb

Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225)

2018-02-02 10:19:59 +01:00

signature_verification.rb

Move signature verification stoplight to the requests themselves (#10813)

2019-05-23 15:22:39 +02:00

user_tracking_concern.rb

Fix #6331 (#6341)

2018-01-23 20:52:30 +01:00