Commit graph

14 commits

Author SHA1 Message Date
localhost_frssoft ab58d8a900 Merge remote-tracking branch 'upstream/master' into localhost_custom 2023-11-06 12:07:24 +03:00
r 67b13c71ba Use CSP header to restrict resource loading
This helps mitigate XSS exploits.
Users will have to save the settings again to make the custom CSS
work.
2023-10-15 15:53:44 +00:00
r 927072e26a Remove unused session ID field 2023-10-07 10:20:11 +00:00
localhost_frssoft f9702f81a9 Merge patch and add useredit template...
Patch from: https://git.freesoftwareextremist.com/bloat/commit/?id=887ed241d64ba5db3fd3d87194fb5595e5ad7d73
Patch description:
Use cookies for session
Remove the server side session storage and store all the session related data
in the client side cookies. This decreases the exposure of the auth tokens.
It also simplifies the installation process as bloat no longer requires write
access to the filesystem.

This is a breaking change, all the existing sessions will stop working.
2022-11-12 01:20:49 +03:00
r 887ed241d6 Use cookies for session storage
Remove the server side session storage and store all the session related data
in the client side cookies. This decreases the exposure of the auth tokens.
It also simplifies the installation process as bloat no longer requires write
access to the filesystem.

This is a breaking change, all the existing sessions will stop working.
2022-10-25 14:14:46 +00:00
r 911c9b7993 Remove session details on signout 2020-03-04 15:59:59 +00:00
r 5d58269132 Add status deletion 2020-02-02 08:30:40 +00:00
r 2af37d4778 Refactor everything 2020-01-28 17:58:29 +00:00
r bf2cfaf0ed Add CSRF protection 2020-01-26 06:49:29 +00:00
r 2678f33157 Add support for scopes
- Add scope selection for for new post
- Save new post scope in db
- Copy scope on reply
- Show scope icon on posts
2019-12-21 13:26:31 +00:00
r 3af4361927 Use a custom client for settings 2019-12-21 11:13:21 +00:00
r e73eb1162a Use json format for app and session repo 2019-12-21 10:56:40 +00:00
r 59aad78f66 Use filesystem based kv store instead of sqlite 2019-12-17 20:17:25 +00:00
r 5e4da01c3a Initial commit 2019-12-13 18:26:24 +00:00