mastodon/app
ThibG fa929d8b81
Tweak signature verification (#15069)
* Add more specific error message when request body digest is invalid

This may help other implementors debug their implementation.

* Relax Host parameter requirement to GET requests

The only POST requests processed by Mastodon need objects/actors (including
their host) to be explicitly mentioned in the request's body, so replaying
a legitimate request to another host should not be a security issue.

* Support Digest headers using multiple algorithms or lowercase alogirthm names
2020-11-01 23:38:31 +01:00
..
chewy
controllers Tweak signature verification (#15069) 2020-11-01 23:38:31 +01:00
helpers
javascript Fix some account media gallery items having empty labels (#15073) 2020-11-01 18:31:39 +01:00
lib Add follower synchronization mechanism (#14510) 2020-10-21 18:04:09 +02:00
mailers
models Add follower synchronization mechanism (#14510) 2020-10-21 18:04:09 +02:00
policies
presenters
serializers
services
validators
views
workers Fix poll ending notifications being created for each vote (#15071) 2020-11-01 06:34:43 +01:00