Commit graph

116 commits

Author SHA1 Message Date
r
f4881e7267 Remove form-action CSP directive
Chrome incorrectly restricts the redirect URL to the sources specified
in the form-action value, which prevents the instance oauth page from
loading.
2023-10-25 06:40:34 +00:00
r
9b053e32ec Fix replace syntax 2023-10-22 11:11:21 +00:00
r
67b13c71ba Use CSP header to restrict resource loading
This helps mitigate XSS exploits.
Users will have to save the settings again to make the custom CSS
work.
2023-10-15 15:53:44 +00:00
r
927072e26a Remove unused session ID field 2023-10-07 10:20:11 +00:00
r
c7f40c1e15 Cleanup oauth redirect URL generation 2023-10-07 09:19:56 +00:00
r
d297eb5658 Use stricter cookie attributes 2023-10-07 09:11:43 +00:00
r
b83a00aa2c Revoke oauth token on signout 2023-10-02 06:44:26 +00:00
r
81bdc7c705 Add profile edit page 2023-10-01 13:04:07 +00:00
r
e50f12b615 Restrict instance domain in single_instance mode 2023-09-18 10:07:54 +00:00
r
60392e61c7 Disable access log by default
Access logs aren't really useful during normal operation. Add a new flag
-v to enable the verbose logging mode, which is still useful during the
development.

Also remove the log_file config because it's no longer useful.
2023-09-09 06:38:52 +00:00
r
426e9ad14f Fix display name and title on mute page 2023-09-08 14:46:40 +00:00
r
5147897c6c Add support for expiring mutes 2022-12-17 08:26:51 +00:00
r
887ed241d6 Use cookies for session storage
Remove the server side session storage and store all the session related data
in the client side cookies. This decreases the exposure of the auth tokens.
It also simplifies the installation process as bloat no longer requires write
access to the filesystem.

This is a breaking change, all the existing sessions will stop working.
2022-10-25 14:14:46 +00:00
r
2d49ff9fb4 Switch to html/template 2022-03-30 15:52:30 +00:00
r
c390a0c327 Add lists 2022-02-11 11:49:23 +00:00
r
556a87e8e8 Remove poll type from notification exclude 2021-12-13 14:31:20 +00:00
r
db29c3d874 Add an option to hide unsupported notifications 2021-12-13 13:58:15 +00:00
r
4d68062f2d Add "mute (keep notifications)" button 2021-10-29 14:20:15 +00:00
r
7d389d2258 Show signin button in case of an auth error 2021-10-23 13:41:41 +00:00
r
816281c225 Add quick reply 2021-09-05 17:17:59 +00:00
r
469f2d1d25 Fix HTML escaping 2021-04-23 10:19:09 +00:00
r
76c5baef6a Add option for user CSS 2021-04-03 09:24:39 +00:00
r
2cb6a515ac Update error page
- Add retry button for GET requests
- Only show signin button when it's a session error
2021-04-03 06:40:32 +00:00
r
6c5de76562 Refactor 2021-03-28 16:12:41 +00:00
r
6ddcb16694 Add username to page title
Makes it easier to search a user page in browser history
2021-01-30 16:55:55 +00:00
r
4f1425febf Add filters 2021-01-30 16:53:57 +00:00
r
ac342dde07 Add remote timeline 2021-01-23 08:44:05 +00:00
r
eca0366c21 Simplify timeline pagination 2021-01-23 07:02:12 +00:00
r
f4620a8c69 Make redirection work without Referer header 2021-01-17 05:44:07 +00:00
r
91f68ccfb3 Add follow request support 2021-01-16 09:49:15 +00:00
r
fa27d9c6eb Refactor things
- Remove separate auth/logging and merge them into transport.go
- Add helper function for http handlers
2020-11-22 17:29:58 +00:00
r
c3d90539e9 Add notification interval setting
It replaces the "Auto refresh notifications" checkbox
2020-11-14 14:22:34 +00:00
r
471e73d200 Avoid unnecessary API call on thread page 2020-10-30 17:09:47 +00:00
r
8fd0322439 Fix retweeted by id on user page 2020-10-19 10:02:20 +00:00
r
fdd9b8fd2b Add setting for default format 2020-10-19 06:51:23 +00:00
r
a23fd4afaf Avoid search call for empty query 2020-10-19 06:05:59 +00:00
r
7d989d56e5 Fix search query escaping 2020-10-17 16:25:08 +00:00
r
9c5cb289f9 Fix next link on timeline page 2020-09-27 10:11:18 +00:00
r
2b1c703b6c Add likes list 2020-09-27 10:04:56 +00:00
r
59692b7155 Add blocks list 2020-09-27 09:50:04 +00:00
r
0df863ac40 Add mutes list 2020-09-27 09:45:48 +00:00
r
da22d19fb4 Add bookmarks
- Add bookmark/unbookmark link on mouse hover
- Add bookmarks section on user profile page
2020-09-27 09:37:15 +00:00
r
7a59d010f6 Fix issues related to AntiDopamine mode
- Add AntiDopamine mode description
- Update fluoride to support AntiDopamine mode
2020-09-03 06:29:03 +00:00
Hyphen
28695fb8e6 Add the Anti Dopamine feature 2020-09-03 04:49:11 +00:00
r
f215ab481d Fix typo 2020-07-28 13:36:57 +00:00
r
34c1d087af Disable scope selection when replying to a direct post 2020-06-18 05:04:18 +00:00
r
eb3bc15da9 Show status numbers 2020-06-05 06:28:50 +00:00
r
61fbb24db8 Fix signin page redirection in single instance mode 2020-05-29 16:02:26 +00:00
r
fd2a353770 Refactor things 2020-05-24 04:38:34 +00:00
r
f380371654 Add option to hide attachments 2020-04-25 09:35:18 +00:00