mastodon/app/controllers/concerns
ThibG 28b482874a Improvements to signature verification (#9667)
* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval
2019-01-07 21:45:13 +01:00
..
account_controller_concern.rb
accountable_concern.rb
authorization.rb
export_controller_concern.rb
localized.rb Fix spec for sr-Latn (#7203) 2018-04-20 18:14:31 +02:00
obfuscate_filename.rb
rate_limit_headers.rb
session_tracking_concern.rb
signature_authentication.rb
signature_verification.rb Improvements to signature verification (#9667) 2019-01-07 21:45:13 +01:00
user_tracking_concern.rb