pleroma

コミットグラフ

作成者	SHA1	メッセージ	日付
shibayashi	64035201b5	Security/Drops the sysadmin privilege from the daemon	5年前
scarlett	4b40e4188c	Simplify the NetBSD rc script.	5年前
scarlett	9d3eda1959	Add an rc.d script for NetBSD.	5年前
nonlinear	75f2177d5b	Update/add OpenBSD config files	5年前
nonlinear	04513a13e0	Added init file for OpenBSD	5年前
Mark Felder	d56772c813	proxy buffering still needs to be off	5年前
Mark Felder	48c4f88ffd	Update proxy config to improve behavior and allow compatibility with Safari on MacOS and iOS	5年前
href	97b00d366f	reverse_proxy: more headers	5年前
shibayashi	124a9bb7a5	Add MIX_ENV=prod	5年前
William Pitcock	e4bd5a6950	example configs: kill STS/CT headers	5年前
William Pitcock	057a9017b3	example configs: remove obsolete CSP configuration	5年前
William Pitcock	fd918863aa	nginx example config: remove CORS headers, now managed by CORSPlug.	5年前
Hakaba Hitoyo	3ea4f9ac8d	Remove Access-Control-Allow-Origin	5年前
shibayashi	800d233631	Use example.tld so a single search and replace works	5年前
shibayashi	941f9a888c	Update instructions	5年前
shibayashi	732d3fce73	Use the same example domain in all config examples	5年前
shibayashi	56c49513e0	Use the server name as variable	5年前
shibayashi	043cb7138e	Add a little bit more detail in the comments.	5年前
shibayashi	0a58428de6	Add some security related directives to the systemd service example	5年前
barrucadu	a32e013909	Relax form-action content security policy 'self' only allows forms submitted to the same origin, which breaks the "remote follow" form. To allow remote following, we want to allow forms to be submitted to any host.	5年前
shibayashi	8a4e2f48bf	installation/pleroma-apache.conf: OCSP stapling needs to be outside of the virtualhost directive	5年前
shibayashi	d027c53d75	Add frame-ancestors 'none' to all configs	5年前
shibayashi	d035566116	installation/pleroma.nginx: Add 'always' to the security headers, so that they are included regardless of the status code	5年前
shibayashi	64388c420a	installation/pleroma-apache.conf: Add TLS configuration and security headers	5年前
shibayashi	3487e15963	installation/pleroma.vcl: Add HTTP security headers	5年前
shibayashi	82e661cd07	installation/caddyfile-pleroma.example: Add Content-Security-Policy	5年前
Haelwenn (lanodan) Monnier	0fd2eaf7af	installation/pleroma.nginx: Add Content-Security-Policy Closes: https://git.pleroma.social/pleroma/pleroma/issues/266	5年前
shibayashi	bff5ed154f	Improve example Caddyfile	5年前
vaartis	9c5ca9e15e	Add an OpenRC service	5年前
Artik Banana	394d0c94c4	Add comment about TLS curves for older servers.	6年前
dex	750cfbf38d	* fix nginx 1.15 warning: nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead	6年前
Artik Banana	93c614bf13	* Removed TLSv1 and TLSv1.1 * Added OCSP Stapling * Added SSL Cache * Changed ciphers * Specified ECDH curves	6年前
Artik Banana	c645a8de2b	Security upgrades: * Removed TLSv1 and TLSv1.1 * Added OCSP Stapling * Added SSL Cache * Changed ciphers * Specified ECDH curves	6年前
witti	13925e0eb3	caddy config example	6年前
Dominik V. Salonen	a6fd9c4b00	Update pleroma.nginx proxy_ignore_client_abort will continue to fetch from upstream even if a client aborts the connection. This is highly recommended when cache is being used. If a client leaves/refreshes the page while a user's avatar or some other media is halfway loaded, the cached copy might in some cases be broken. Leaving future requests to the same URL broken until cache expires.	6年前
Niklas Poslovski	f0e8194a71	Repair some access-control headers required for third-party webclients	6年前
Niklas Poslovski	d81a4e9280	Add access-control-expose-headers to Nginx default config	6年前
Normandy	38f5f6f659	Remove alias directive in service file Systemd will complain otherwise.	6年前
Mark Felder	a85d051675	Don't strip headers from backend for /notice/ either	6年前
Mark Felder	4233b1504f	Caching notice URLs does not produce pleasant results	6年前
Artik Banana	0a1fd8adf0	Added headers for a more secure default.	6年前
csaurus	1c6a691570	Add info about certbot with the webroot plugin to pleroma.nginx	6年前
Mark Felder	8dbb4c6c50	Remove hack for /about/more as we are doing this in Pleroma now	6年前
Mark Felder	5256c712dc	Caching /objects/ URLs breaks them in Mastoweb as they don't redirect to the /notice/ Not sure why it matters if you cache it or not. What's different about this JSON blob? Perhaps it's a header that needs to be set for the redirect to happen?	6年前
Mark Felder	fcb32345d7	Remove attempted caching of toots This does not work as expected. We should not attempt to be clever here. Varnish will do the right thing if we just teach Pleroma to set headers properly for content we know can be cached.	6年前
Stanislas	73ca18744e	Indentation for Apache vhost	6年前
nepfag	5cb3d441bc	Apache config for everything on one host.	6年前
Hector A. Escobedo	7e262c2997	Fix max upload size in nginx config. The built-in nginx default does not allow users to upload images larger than 1 MB. This increases the maximum request size to match the default Pleroma config upload_limit parameter. Some helpful comments were also added.	6年前
lambda	f5943f4a59	Delete Caddyfile It doesn't work correctly.	6年前
William Pitcock	d8464b603e	nginx: document how to enable CORS support	6年前

1 2

73 コミット (7ac152ed38267bde3e318fab82db7d7d610cdbbb)