mastodon/app/controllers/concerns
ThibG 28b482874a Improvements to signature verification (#9667)
* Refactor signature verification a bit

* Rescue signature verification if recorded public key is invalid

Fixes #8822

* Always re-fetch AP signing key when HTTP Signature verification fails

But when the account is not marked as stale, avoid fetching collections and
media, and avoid webfinger round-trip.

* Apply stoplight to key/account update as well as initial key retrieval
2019-01-07 21:45:13 +01:00
..
account_controller_concern.rb Redesign public profiles and toots (#8068) 2018-07-28 19:25:33 +02:00
accountable_concern.rb Add logging of admin actions (#5757) 2017-11-24 02:05:53 +01:00
authorization.rb
export_controller_concern.rb
localized.rb Fix spec for sr-Latn (#7203) 2018-04-20 18:14:31 +02:00
obfuscate_filename.rb
rate_limit_headers.rb
session_tracking_concern.rb Update session activation time (fixes #5605) (#7408) 2018-05-11 13:20:58 +02:00
signature_authentication.rb Allow retrieval of private statuses (single or in outbox) using HTTP signatures (#6225) 2018-02-02 10:19:59 +01:00
signature_verification.rb Improvements to signature verification (#9667) 2019-01-07 21:45:13 +01:00
user_tracking_concern.rb Fix #6331 (#6341) 2018-01-23 20:52:30 +01:00