catstodon/app/controllers/api
Claire 502cf75b16
Merge pull request from GHSA-58x8-3qxw-6hm7
* Fix insufficient permission checking for public timeline endpoints

Note that this changes unauthenticated access failure code from 401 to 422

* Add more tests for public timelines

* Require user token in `/api/v1/statuses/:id/translate` and `/api/v1/scheduled_statuses`
2024-07-04 16:26:49 +02:00
..
v1 Merge pull request from GHSA-58x8-3qxw-6hm7 2024-07-04 16:26:49 +02:00
v2 Eager loading fixes for api/ controllers (#28848) 2024-01-23 11:41:54 +00:00
v2_alpha Change /api/v2_alpha/notifications to only return historical data in pages (#30781) 2024-06-20 15:54:50 +00:00
web Improve spec coverage for api/web/push_subscriptions controller (#27858) 2023-11-15 13:14:51 +00:00
base_controller.rb Add API::Pagination concern (#28826) 2024-04-17 09:22:45 +00:00
oembed_controller.rb Fix OEmbed leaking information about existence of non-public statuses (#12930) 2020-01-24 00:20:51 +01:00