This repository has been archived on 2024-07-22. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/app/controllers/concerns
ThibG 28b482874a Improvements to signature verification (#9667)
* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval
2019-01-07 21:45:13 +01:00
..
account_controller_concern.rb Redesign public profiles and toots (#8068) 2018-07-28 19:25:33 +02:00
accountable_concern.rb
authorization.rb
export_controller_concern.rb
localized.rb Fix spec for sr-Latn (#7203) 2018-04-20 18:14:31 +02:00
obfuscate_filename.rb
rate_limit_headers.rb Apply a 25x rate limit by IP even to authenticated requests (#5948) 2017-12-11 15:32:29 +01:00
session_tracking_concern.rb Update session activation time (fixes #5605) (#7408) 2018-05-11 13:20:58 +02:00
signature_authentication.rb Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225) 2018-02-02 10:19:59 +01:00
signature_verification.rb Improvements to signature verification (#9667) 2019-01-07 21:45:13 +01:00
user_tracking_concern.rb Fix #6331 (#6341) 2018-01-23 20:52:30 +01:00