Commit Graph

338 Commits

Author SHA1 Message Date
4cd8fb2ddb add expires status and language code 2023-11-09 23:14:42 +03:00
44f8a72a76 fix resize banner 2023-11-06 18:05:24 +03:00
4d240f9ca0 improvment reactions page 2023-11-06 16:45:04 +03:00
6b3240dd9a remove unusable signup feature 2023-11-06 13:11:16 +03:00
1c3cb0f358 footer sign-in changed 2023-11-06 12:46:18 +03:00
53dd0c50ef removed session id from register 2023-11-06 12:17:09 +03:00
ab58d8a900 Merge remote-tracking branch 'upstream/master' into localhost_custom 2023-11-06 12:07:24 +03:00
baa1176144 visible profile banner 2023-11-06 02:31:53 +03:00
306b0fe3b3 NSFW content in spoiler 2023-11-05 17:46:14 +03:00
e99b6aa5f2 visible quoted status 2023-11-05 01:22:24 +03:00
aeba4e6682 style for pleroma reactions 2023-11-04 01:25:44 +03:00
ad6f560213 hide muted user posts in threads or whatever timelines 2023-11-03 18:27:27 +03:00
a4a97a6498 loading lazy for status images 2023-11-03 14:19:20 +03:00
df746e8482 upd readme 2023-11-03 01:30:57 +03:00
bb5ee85c34 hide boosts by default 2023-11-03 01:20:55 +03:00
r
f4881e7267 Remove form-action CSP directive
Chrome incorrectly restricts the redirect URL to the sources specified
in the form-action value, which prevents the instance oauth page from
loading.
2023-10-25 06:40:34 +00:00
r
597cfc6b1e fluoride: Add image preview for profile image 2023-10-22 11:12:27 +00:00
r
9b053e32ec Fix replace syntax 2023-10-22 11:11:21 +00:00
r
67b13c71ba Use CSP header to restrict resource loading
This helps mitigate XSS exploits.
Users will have to save the settings again to make the custom CSS
work.
2023-10-15 15:53:44 +00:00
r
ed521dd33d Restrict instance level custom CSS to static directory 2023-10-15 15:46:54 +00:00
96a0d7cf05 fix merge conflicts 2023-10-12 16:07:27 +03:00
4379eab5bf merge with upstream 2023-10-12 15:32:55 +03:00
3762ccfb83 true remote timeline 2023-10-12 15:15:07 +03:00
r
927072e26a Remove unused session ID field 2023-10-07 10:20:11 +00:00
r
c7f40c1e15 Cleanup oauth redirect URL generation 2023-10-07 09:19:56 +00:00
r
d297eb5658 Use stricter cookie attributes 2023-10-07 09:11:43 +00:00
r
b83a00aa2c Revoke oauth token on signout 2023-10-02 06:44:26 +00:00
r
df031d5edd Cleanup file upload functions 2023-10-01 13:29:04 +00:00
r
81bdc7c705 Add profile edit page 2023-10-01 13:04:07 +00:00
r
8e3999fc3d Fix minimum required Go version in go.mod 2023-09-24 10:41:21 +00:00
r
6707a01a84 Use a custom LimitedReader instead of http.MaxBytesReader
Fixes compatibility with older Go versions.
2023-09-24 10:38:28 +00:00
romin
cba88f94a2 Sanitize user field name 2023-09-22 15:56:26 +00:00
r
e50f12b615 Restrict instance domain in single_instance mode 2023-09-18 10:07:54 +00:00
r
ad38855261 Set timeout and response size limit for the http client 2023-09-18 04:05:20 +00:00
r
60ccc9686a fluoride: Allow submitting the form with Ctrl+Enter 2023-09-09 08:14:16 +00:00
r
60392e61c7 Disable access log by default
Access logs aren't really useful during normal operation. Add a new flag
-v to enable the verbose logging mode, which is still useful during the
development.

Also remove the log_file config because it's no longer useful.
2023-09-09 06:38:52 +00:00
r
8eec93e028 Trim leading and trailing white space from selectable text 2023-09-08 18:11:07 +00:00
r
461908e031 Load CSS on the root page
This applies the background color to the root page and avoids flicker
during the initial page load.
2023-09-08 18:10:29 +00:00
r
426e9ad14f Fix display name and title on mute page 2023-09-08 14:46:40 +00:00
r
8a26dd1908 Fix userlist margin 2023-09-08 14:38:51 +00:00
fa5eaa4442 Just merge with upstream/master 2023-03-18 14:59:40 +03:00
r
5147897c6c Add support for expiring mutes 2022-12-17 08:26:51 +00:00
r
9816045c21 Pass with_relationships param for accounts 2022-12-17 06:58:47 +00:00
r
6002284c5a Show emojis in Mastadon field names 2022-12-17 06:56:39 +00:00
e924503f2d Tagged timeline improvments and visible now 2022-12-14 02:56:26 +03:00
f729e29a8d Fix for fluoride.js 2022-12-02 16:47:28 +03:00
8c41878b6d Partially selectable reblogs visibility (fluoride required fix) 2022-12-02 04:45:19 +03:00
a678b620a1 Some signin page changes 2022-11-13 02:19:17 +03:00
0f060f09c9 Added sign up support. Tested on mastodon
But required test on GoToSocial.
Confirmation inside bloat-fe not supported
2022-11-13 00:00:02 +03:00
f9702f81a9 Merge patch and add useredit template...
Patch from: https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73
Patch description:
Use cookies for session
Remove the server side session storage and store all the session related data
in the client side cookies. This decreases the exposure of the auth tokens.
It also simplifies the installation process as bloat no longer requires write
access to the filesystem.

This is a breaking change, all the existing sessions will stop working.
2022-11-12 01:20:49 +03:00