FoundKeyGang/FoundKey
FoundKeyGang
/
FoundKey
7
19
Fork 22
Code Issues 37 Pull Requests 4 Releases Activity

WIP: Secure mode #169

Closed
norm wants to merge 5 commits from secure-mode into main
pull from: secure-mode
merge into: FoundKeyGang:main
Conversation 1 Commits 5 Files Changed 85 +532 -30
norm commented 2022-09-22 15:27:44 +00:00
Owner
Copy Link

Commits pulled from https://github.com/misskey-dev/misskey/pull/7709 and #31.

Fixes: #29
Changelog: Added

Commits pulled from https://github.com/misskey-dev/misskey/pull/7709 and #31. Fixes: https://akkoma.dev/FoundKeyGang/FoundKey/issues/29 Changelog: Added
norm added 21 commits 2022-09-22 15:27:44 +00:00
ecf9682747
Add Secure Mode and Private Mode 
- Add instance actor
- Add private mode, which uses an allowlist
- Add Secure Mode, restricts access to blocked instances
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
d27ab85e0f Merge branch 'main' into feat/secure-fetch
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
55b2aebec4
Remove signToActivityPubGet option 
Makes it so that all requests are signed, equivalent to
signToActivityPubGet always being true.
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
c1547c9159 Merge branch 'main' into feat/secure-fetch
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
530c7bb5e1 Merge branch 'main' into feat/secure-fetch
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
daa286e333 Merge branch 'main' into feat/secure-fetch
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
7485d8d360
Remove deprecated URLs
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
cce01c9a70
security: combine save functions
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
e5595ca31c
Skip rendering private data in privateMode 
This reverts commit cfd251d9dc.

Instead of adding a conditional in the Pug templates, just skip
rendering altogether on the affected routes.

From #31:
> I'm not really happy with how the pug templates have
> unless privatemode everywhere. I think it would make more sense to
> not render the template in the first place if you are in private
> mode? I think you should be able to just skip to next in the
> router as if you didn't find something.
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
429cb3ad7b
Remove check for signature in emoji fetch
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
ebc34ab09c
Merge branch 'main' into feat/secure-fetch
ci/woodpecker/pr/lint-backend Pipeline was successful Details
ci/woodpecker/pr/build Pipeline was successful Details
ci/woodpecker/pr/lint-client Pipeline failed Details
ci/woodpecker/pr/test Pipeline failed Details
a1b50a5ba5
Set Cache-Control to 'no-store' in private/secure mode
norm force-pushed secure-mode from c28283ec4f to f7b8214961 2022-09-22 15:39:16 +00:00 Compare
norm force-pushed secure-mode from f7b8214961 to 7faae255ff 2022-09-22 15:42:29 +00:00 Compare
norm force-pushed secure-mode from 7faae255ff to c1cecda8c4 2022-09-22 15:52:56 +00:00 Compare
norm force-pushed secure-mode from c1cecda8c4 to eeadc89f97 2022-09-22 15:54:10 +00:00 Compare
norm force-pushed secure-mode from eeadc89f97 to 7ffcd3ad1f 2022-09-22 16:02:22 +00:00 Compare
norm force-pushed secure-mode from 7ffcd3ad1f to c5aa7b73a0 2022-09-22 16:46:38 +00:00 Compare
norm force-pushed secure-mode from c5aa7b73a0 to 0c82f9607a 2022-09-22 16:50:07 +00:00 Compare
norm force-pushed secure-mode from 0c82f9607a to 8aee4bb4d8 2022-10-14 23:37:16 +00:00 Compare
norm force-pushed secure-mode from 8aee4bb4d8 to 2ef2bf783b 2022-10-15 16:01:29 +00:00 Compare
norm force-pushed secure-mode from 2ef2bf783b to be59d9d37d 2022-10-15 16:03:27 +00:00 Compare
norm force-pushed secure-mode from be59d9d37d to eefcf9ebb0 2022-10-15 16:06:52 +00:00 Compare
norm force-pushed secure-mode from eefcf9ebb0 to aa76c974f3 2022-10-15 16:10:34 +00:00 Compare
norm commented 2023-06-28 22:34:55 +00:00
Author
Owner
Copy Link

superseded by #399

superseded by #399
norm closed this pull request 2023-06-28 22:34:55 +00:00
Some checks failed
ci/woodpecker/push/build Pipeline was successful
Details
ci/woodpecker/push/lint-backend Pipeline was successful
Details
ci/woodpecker/push/lint-client Pipeline was successful
Details
ci/woodpecker/push/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/push/test Pipeline was successful
Details
ci/woodpecker/pr/lint-backend Pipeline was successful
Details
ci/woodpecker/pr/build Pipeline was successful
Details
ci/woodpecker/pr/lint-client Pipeline failed
Details
ci/woodpecker/pr/lint-foundkey-js Pipeline was successful
Details
ci/woodpecker/pr/test Pipeline failed
Details

Pull request closed

This pull request cannot be reopened because the branch was deleted.
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
feature

task that proposes new feature(s)

  
fix

task to fix behavioral problems in the FoundKey codebase

  
upkeep

task that should make FoundKey smaller and more maintainable

No Label
feature
fix
upkeep
Milestone
Clear milestone
No items
No Milestone
Assignees
Clear assignees
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: FoundKeyGang/FoundKey#169
No description provided.
Delete Branch "secure-mode"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?