catstodon/spec/controllers
Claire 94bcf45321
Fix authentication failures after going halfway through a sign-in attempt (#16607)
* Add tests

* Add security-related tests

My first (unpublished) attempt at fixing the issues introduced (extremely
hard-to-exploit) security vulnerabilities, addressing them in a test.

* Fix authentication failures after going halfway through a sign-in attempt

* Refactor `authenticate_with_sign_in_token` and `authenticate_with_two_factor` to make the two authentication steps more obvious
2021-08-25 22:52:41 +02:00
..
activitypub Fix anonymous access to outbox not being cached by the reverse proxy (#16458) 2021-07-03 21:13:47 +02:00
admin Add ability to skip sign-in token authentication for specific users (#16427) 2021-07-08 05:31:28 +02:00
api Fix app name, website and redirect URIs not having a maximum length (#16042) 2021-04-15 16:28:43 +02:00
auth Fix authentication failures after going halfway through a sign-in attempt (#16607) 2021-08-25 22:52:41 +02:00
concerns Fix cache_collection crashing when given an empty collection (#15921) 2021-03-18 00:41:32 +01:00
oauth Bump doorkeeper from 5.3.3 to 5.4.0 (#13733) 2020-05-12 15:25:33 +02:00
settings Fix user email address being banned on self-deletion (#16503) 2021-07-14 05:35:49 +02:00
well_known Fix anonymous access to outbox not being cached by the reverse proxy (#16458) 2021-07-03 21:13:47 +02:00
about_controller_spec.rb Compensate for scrollbar disappearing when media modal visible (#8100) 2018-07-31 01:14:33 +02:00
account_follow_controller_spec.rb Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
account_unfollow_controller_spec.rb Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
accounts_controller_spec.rb Prepare Mastodon for Rails 6 (#15911) 2021-03-17 10:09:55 +01:00
application_controller_spec.rb Update Mastodon to Rails 6.1 (#15910) 2021-03-24 10:44:31 +01:00
authorize_interactions_controller_spec.rb Change ResolveAccountService's handling of skip_webfinger (#15750) 2021-02-24 06:32:13 +01:00
emojis_controller_spec.rb Misc. typos (#8694) 2018-09-14 00:53:09 +02:00
follower_accounts_controller_spec.rb Fix serialization of followers/following counts when user hides their network (#16418) 2021-06-21 20:14:47 +02:00
following_accounts_controller_spec.rb Fix serialization of followers/following counts when user hides their network (#16418) 2021-06-21 20:14:47 +02:00
home_controller_spec.rb Fix blurhash and autoplay not working on public pages (#11585) 2019-08-16 19:15:05 +02:00
intents_controller_spec.rb Add remote interaction dialog for toots (#8202) 2018-08-18 03:03:12 +02:00
invites_controller_spec.rb Lint pass (#8876) 2018-10-04 12:36:53 +02:00
manifests_controller_spec.rb Use raw status code on have_http_status (#7214) 2018-04-21 21:35:07 +02:00
media_controller_spec.rb Fix media attachments enumeration (#14254) 2020-07-07 15:26:51 +02:00
media_proxy_controller_spec.rb Fix media attachments enumeration (#14254) 2020-07-07 15:26:51 +02:00
relationships_controller_spec.rb Remove PubSubHubbub-related columns from accounts table (#16170) 2021-05-07 19:32:58 +02:00
remote_follow_controller_spec.rb Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
remote_interaction_controller_spec.rb Add specs for RemoteInteractionController (#9524) 2018-12-14 20:36:40 +01:00
shares_controller_spec.rb Fix blurhash and autoplay not working on public pages (#11585) 2019-08-16 19:15:05 +02:00
statuses_cleanup_controller_spec.rb Add feature to automatically delete old toots (#16529) 2021-08-09 23:11:50 +02:00
statuses_controller_spec.rb Add support for reversible suspensions through ActivityPub (#14989) 2020-11-08 00:28:39 +01:00
tags_controller_spec.rb Redesign public hashtag page to use a masonry layout (#9822) 2019-01-16 19:47:46 +01:00