WIP: Secure mode #31

Closed

norm wants to merge 21 commits from (deleted):feat/secure-fetch into main

Author	SHA1	Message	Date
Francis Dinh	a1b50a5ba5	Set Cache-Control to 'no-store' in private/secure mode Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-08-11 10:06:33 -04:00
Francis Dinh	ebc34ab09c	Merge branch 'main' into feat/secure-fetch Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-08-10 02:30:34 -04:00
Francis Dinh	429cb3ad7b	Remove check for signature in emoji fetch Some checks failed ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-08-01 00:00:35 -04:00
Francis Dinh	e5595ca31c	Skip rendering private data in privateMode Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details This reverts commit `cfd251d9dc`. Instead of adding a conditional in the Pug templates, just skip rendering altogether on the affected routes. From #31: > I'm not really happy with how the pug templates have > unless privatemode everywhere. I think it would make more sense to > not render the template in the first place if you are in private > mode? I think you should be able to just skip to next in the > router as if you didn't find something.	2022-07-31 23:57:38 -04:00
Francis Dinh	cce01c9a70	security: combine save functions Some checks failed ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-07-31 22:59:21 -04:00
Francis Dinh	7485d8d360	Remove deprecated URLs Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-07-31 22:54:12 -04:00
Norm	daa286e333	Merge branch 'main' into feat/secure-fetch Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-07-31 22:38:09 +00:00
Francis Dinh	5ffa80b27d	Merge remote-tracking branch 'upstream/main' into feat/secure-fetch	2022-07-31 18:34:37 -04:00
Norm	530c7bb5e1	Merge branch 'main' into feat/secure-fetch Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-07-30 23:00:05 +00:00
Francis Dinh	66df12df0a	Merge branch 'main' into feat/secure-fetch	2022-07-30 18:59:24 -04:00
Francis Dinh	4753b5058c	Translate/remove new comments	2022-07-30 18:59:04 -04:00
Norm	c1547c9159	Merge branch 'main' into feat/secure-fetch Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-07-27 21:08:08 +00:00
Francis Dinh	55b2aebec4	Remove signToActivityPubGet option Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details Makes it so that all requests are signed, equivalent to signToActivityPubGet always being true.	2022-07-27 02:32:47 -04:00
Norm	d27ab85e0f	Merge branch 'main' into feat/secure-fetch Some checks failed ci/woodpecker/pr/lint-backend Pipeline was successful Details ci/woodpecker/pr/build Pipeline was successful Details ci/woodpecker/pr/lint-client Pipeline failed Details ci/woodpecker/pr/test Pipeline failed Details	2022-07-26 19:30:47 +00:00
Francis Dinh	664df9a163	Add en-US strings for secure mode	2022-07-26 00:14:28 -04:00
Francis Dinh	b4582a829f	Fix linter errors	2022-07-26 00:14:28 -04:00
nullobsi	cfd251d9dc	Hide private data in pug when private mode is enabled	2022-07-26 00:14:28 -04:00
nullobsi	126b7f4ad7	Add secure mode settings to Security tab	2022-07-26 00:14:28 -04:00
nullobsi	7dc19b861d	In private mode, block access to many public APIs	2022-07-26 00:14:28 -04:00
nullobsi	ecf9682747	Add Secure Mode and Private Mode - Add instance actor - Add private mode, which uses an allowlist - Add Secure Mode, restricts access to blocked instances	2022-07-26 00:14:28 -04:00
nullobsi	faa8f4ccf0	Add migration for allowedHosts, secureMode, privateMode	2022-07-26 00:14:28 -04:00