Tag: Branch: Tree: fed5ad0e2a

develop

indiachan

indiachan-spamvector

jschan

master

0.1.4

v0.1.1

v0.1.10

v0.1.2

v0.1.3

v0.1.5

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v0.10.0

v0.10.1

v0.10.2

v0.11.0

v0.11.1

v0.11.2

v0.11.3

v0.11.4

v0.2.0

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.3.4

v0.4.0

v0.4.1

v0.5.0

v0.5.1

v0.5.2

v0.5.3

v0.6.0

v0.6.1

v0.6.2

v0.6.3

v0.6.4

v0.6.5

v0.6.6

v0.7.0

v0.7.1

v0.7.2

v0.7.3

v0.8.0

v0.8.1

v0.8.2

v0.9.0

v0.9.1

v0.9.2

v0.9.3

v0.9.4

v1.0.0

v1.0.1

v1.0.2

v1.0.3

v1.0.4

v1.0.5

v1.0.6

v1.1.0

v1.1.1

v1.2.0

v1.2.1

v1.3.0

v1.3.1

v1.3.2

v1.3.3

v1.4.0

v1.4.1

v1.6.0

v1.6.1

Branches Tags

${ item.name }

Create tag ${ searchTerm }

Create branch ${ searchTerm }

from 'fed5ad0e2a'

${ noResults }

Commit Graph

716 Commits (fed5ad0e2a31b2b549d50ff468caa4729cb0f7f0)

Author	SHA1	Message	Date
Thomas Lynch	571b481a8c	add option to limit video/image sizes	1 year ago
Thomas Lynch	dfd509abd6	close #517 fix deletebanner count message	1 year ago
Thomas Lynch	571380e243	remove applying inheritance on setting, match editstaff/editaccount	1 year ago
Thomas Lynch	277745a5ca	Fix the completely fucked up "my permission", the board equivalent, and staff permissions page since a recent permission update. Upside is it now considers the "parent" thing, which is nice.	2 years ago
Thomas Lynch	7a3095594f	Change permissions metadata to be keyed by the permission bits ... Refactor form handling for permissions in editrole/editaccount, make mush shorter and more maintainable	2 years ago
Thomas Lynch	5a7368a0a4	Add a new property to permissions metadata and reflect on frontend inability for users without that "parent" permission to edit roles/accounts to have some permissions e.g. root, edit roles, edit accs ... Put the metadata into permissions.js (also TODO: key the metadata by bits instead? i.e [Permisions.whatever]: {})	2 years ago
Thomas Lynch	bc53bc1e4a	Allow roles from globalmanage to be fetched as json	2 years ago
Thomas Lynch	f894ed34e1	fix email bug for staff	2 years ago
Thomas Lynch	a1ccd6f267	Try to integrate post moving a bit better into the existing combined actions flow ... Bugfix some move issues	2 years ago
Thomas Lynch	058d7b1dbb	Eslint and bugfix unused crossBoardMovePages	2 years ago
Thomas Lynch	516884cf3e	Cross board post move bugfixes/changes ... Make rebuilds work for both baords	2 years ago
Thomas Lynch	344ed5f662	Cross board post move bugfixes/changes	2 years ago
Thomas Lynch	b391c0cb66	Make post editing a GET endpoint with perm check like editstaff/editcustompages, much more sensible	2 years ago
Thomas Lynch	1191ec4dc8	Mostly functional cross board post moving	2 years ago
Thomas Lynch	0d6323669f	Start on cross board thread moves #250	2 years ago
Thomas Lynch	bdf5da0adc	Ban type ip display and storage improvement	2 years ago
Thomas Lynch	dc739b3cff	Bugfix, make editrole route actually allow you edit BYPASS_CAPTCHA perm	2 years ago
Thomas Lynch	f4328812f2	Add e2e tests for twofactor ... Remove some cruft from package-lock from speakeasy Add guard in dotwofactor for no/null (not blank) twofactor	2 years ago
Thomas Lynch	29bb4856ab	2fa improvements ... - Don't allow code re-use, successfully used codes will be invalid on repeated use for the window time - Don't attach the full twofactor secret to user object in session for security. Only store a boolean if it's enabled for rendering, checks, etc. The full account should be fetched first before doTwoFactor() - Better names for some keys of twofactor redis stuff	2 years ago
Thomas Lynch	d9288a137a	Refactor new OTPAuth...validate pattern, remove await -- it isn't and shouldn't be async	2 years ago
Thomas Lynch	e5d0f9871f	Add text version of secret to twofactor.html for people without/who dont want to use a camera or screenshot the image ... Add warning to twofactor.html that other sessions will be logged out and they have to log in again Change cache-control header to no-cache, even though private is secure (prevent showing cached page without outdated secret)	2 years ago
Thomas Lynch	b93bab7faf	Switch speakeasy -> otpauth (maintained, more modern, actively developed) ... Remove dev debug skip of 2fa generation ratelimit Shorten totp validity window Remove ugly stuff from login/changepassword forms, change wording	2 years ago
Thomas Lynch	4d86406483	Initial commit of 2FA for accounts, TOTP-based	2 years ago
Thomas Lynch	b69337e2f1	Show ban notes in mod view tables and allow editing them	2 years ago
Thomas Lynch	3b08cc684b	Start on ban notes	2 years ago
Thomas Lynch	190410cc54	Bugfix issue with tor and renewing bypasses in some situations. Should be fetching *upserted* id from db or just using known ID.	2 years ago
Thomas Lynch	0fc87e752d	make captcha font apply to text AND grid ... set a new default font which is common on linux, in debian repos, and has the chess characters remove 24MB font file that came from i dont even remember where	2 years ago
Thomas Lynch	6b437d7159	Dont show replayable option if other files disabled on board ... Rebuild board pages on file type for image/other changes, to account for tegaki in postform changes	2 years ago
Thomas Lynch	05db1d898a	eslint fix remove debuglogs import, settings.json update is now logged as a render event rather than in debuglogs	2 years ago
Thomas Lynch	cc2eefc477	Bugfix showing correct amount of deleted asset/banner on board, deletedCount->modifiedCount because we are updating board object not deleting a document	2 years ago
Thomas Lynch	9a7053242d	Close #370 optional disable overboard reverse image links	2 years ago
Thomas Lynch	2a48b10054	Fix duplicate key in projectedsettings for board settings, and make custompages jsons get removed on deleting custom page. ... Close #479 add endpoints for board and global settings.json to api with options that would be useful for a 3rd party app. Add the associated tasks, calls to them in settings. Small change and add comments in lib/build/render.	2 years ago
Thomas Lynch	641c087ecc	Add public json for modlog list, logs, custompages ... update the banners task to output json (not just render it), so it can be reached on first pageload close #491	2 years ago
Thomas Lynch	3cb5e0197a	Revert "Close #480 dont show "register" on login page if not allowed for regular user, since users might reach it clicking "manage" after the login redirect" ... This reverts commit 9c5dd5efa8.	2 years ago
Thomas Lynch	35da2a9ff1	Close #478 option to hide banners and [banners] links board setting	2 years ago
Thomas Lynch	fd7fc1adbf	Close #470 ability to renew an existing bypass, which is slightly useful if you allow long living bypasses	2 years ago
Thomas Lynch	9c5dd5efa8	Close #480 dont show "register" on login page if not allowed for regular user, since users might reach it clicking "manage" after the login redirect	2 years ago
Thomas Lynch	9517ec2f05	Allow "other" files in addassets, to allow e.g. fonts	2 years ago
Thomas Lynch	47ab8d22c0	Configurable hot threads max age, update migration, changelog, etc	2 years ago
Thomas Lynch	47083e149b	Fix the anonymizer bypass captcha permission issue (and fix the stupid pre-bypass and postsEarly in general)	2 years ago
Thomas Lynch	3a4737ad8e	Add account permission to bypass captcha ref #435 still TODO fixing it for anonymizers	2 years ago
Thomas Lynch	962481845d	Bugfix double sending headers on return from create model, e.g. if board already exists	2 years ago
Thomas Lynch	06828da6c0	Refactor captcha generators and captcha model ... Generators changes: - take captchaoptions as argument, so no longer require config.get or captchas db imports - return the captcha object (gm instance) and solution (whatever). The model itself inserts the solution to db, gets captchaid for filename and cookie, and writes the image to disk. Slightly cleaner imo, and makes the captcha generators more testable without requiring any mocking for DB/config.	2 years ago
Thomas Lynch	c969814f54	First version of grid v2	2 years ago
Thomas Lynch	8f74885ba2	Add noise and paint slider options to grid captcha	2 years ago
Thomas Lynch	3ab0a271c4	Inactive accounts handling schedule, globalsettings for it and migration. ... Plus the same for abandoned boards handling, just still TODO the schedule. ref #418	2 years ago
Thomas Lynch	6ec6b32ed5	Change "wave" and "paint" text effect captcha options from toggle to slider ... Add "noise" text captcha effect slider Add font lib to get list of system fonts Add "font" text captcha option ref #469	2 years ago
Thomas Lynch	c8ebf9a579	Improvement to grid v1 to allow customising, allowing for something like this. ... -true characters -false characters -question text Make optional (and add additional options for) some filters/effects -paint -line -wave	2 years ago
Thomas Lynch	18ab7d24ee	When strict mime validation is enabled, actually tell the user what the server thinks the mime is in the mismatch error message. ... note: only for making posts (for now), pending a refactor of some checks that are shared and duplicated between other file upload models e.g. banners/asset	2 years ago
Thomas Lynch	4022999966	Remove or update some no longer relevant todos. ... re: the captcha one, roundrobin = too fast expiring, sampling expireAfter $gte some time = possible to not get returned a captcha. so stucking with random. been working fine.	2 years ago