jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
99221e4028016900fc8ddc04b2da07a9a5c229e8
danbooru/app/logical
History
evazion 99221e4028 Downloads::File: fix SSRF attack when fetching remote size (#2498). 
Fixes the banned IP check not being applied when fetching the remote
file size. This allowed one to trick Danbooru into sending HEAD requests
to private IPs:

  http://danbooru.donmai.us/uploads/new?url=http://127.0.0.1/test.jpg
2018-09-18 12:16:27 -05:00
..
danbooru
Fix #3642: Issues with sequential pagination.
2018-04-14 10:56:20 -05:00
downloads
Downloads::File: fix SSRF attack when fetching remote size (#2498).
2018-09-18 12:16:27 -05:00
google_big_query
Revert "Revert "implement post keepers""
2018-03-06 18:04:31 -08:00
iqdb
Refactor sources
2018-08-24 12:10:51 -07:00
meta_searches
fixes #1227
2014-02-28 16:40:11 -08:00
moderator
Add Docker and Travis config files to enable CI tests
2018-05-09 09:56:38 -07:00
post_sets
optimization: prefer relation.none over relation.where("false")
2018-08-23 15:21:51 -05:00
reports
remove similar users report
2018-08-03 17:40:00 -07:00
sources
moebooru: use the image url as the canonical url.
2018-09-16 21:00:11 -05:00
storage_manager
fix upload preprocessing for pixiv posts
2018-07-23 16:24:31 -07:00
upload_service
fix invalid content type leaving upload stuck in preprocessing status (#3896)
2018-09-13 13:50:18 -07:00
admin_dashboard.rb
tests: add misc controller tests.
2017-02-06 18:48:35 -06:00
alias_and_implication_importer.rb
BulkUpdateRequest#approve!: don't swallow exceptions.
2018-02-24 14:37:02 -06:00
api_cache_generator.rb
support dedicated image servers
2018-01-03 13:32:50 -08:00
apng_inspector.rb
uploads: autotag animated_gif/png during upload.
2018-03-20 19:49:06 -05:00
approver_pruner.rb
add inactive approver pruner
2018-08-28 15:02:03 -07:00
bulk_revert.rb
Add category for mod actions
2018-01-13 20:55:52 -08:00
cache.rb
use Cache.hash instead of Cache.sanitize
2017-08-24 15:43:38 -07:00
cloudflare_service.rb
support dedicated image servers
2018-01-03 13:32:50 -08:00
current_user.rb
more consistent behavior of CurrentUser.root_url
2018-08-15 16:08:10 -07:00
d_text.rb
Fix #3591: DeviantArt commentaries: strip embedded image/text thumbs.
2018-03-31 11:27:14 -05:00
daily_maintenance.rb
Fix #3837: Remove expired bans.
2018-08-24 16:49:34 -05:00
danbooru_image_resizer.rb
make image cropping optional
2018-07-09 10:07:51 -07:00
danbooru_math.rb
Add additional post flag validation preventing targeting
2018-06-26 15:09:39 -07:00
delayed_job_error_checker.rb
remove hardcoded references to webmaster@danbooru.donmai.us and r888888888@gmail.com
2018-07-02 10:49:26 -07:00
deviant_art_api_client.rb
cache api clients
2018-09-11 14:19:17 -07:00
forum_updater.rb
Raise error on unpermitted params.
2018-04-06 18:09:57 -07:00
httparty_cache.rb
fix cache key (#3886)
2018-09-11 14:19:17 -07:00
image_proxy.rb
Refactor sources
2018-08-24 12:10:51 -07:00
iqdb_proxy.rb
iqdb fixes
2018-06-23 11:15:14 -07:00
janitor_trial_tester.rb
Kill trailing whitespace in ruby files
2013-03-19 23:10:10 +11:00
mentionable.rb
Raise error on unpermitted params.
2018-04-06 18:09:57 -07:00
missed_search_service.rb
add httparty option config
2017-07-12 15:52:48 -07:00
monthly_maintenance.rb
eliminate monthly janitor trial messages
2018-08-28 14:58:00 -07:00
nico_seiga_api_client.rb
cache api clients
2018-09-11 14:19:17 -07:00
note_sanitizer.rb
Fix #3225: Exception in NoteSanitizer#relativize_links.
2017-07-19 21:13:04 -05:00
pawoo_api_client.rb
Refactor sources
2018-08-24 12:10:51 -07:00
pixiv_api_client.rb
cache api clients
2018-09-11 14:19:17 -07:00
pixiv_ugoira_converter.rb
make image cropping optional
2018-07-09 10:07:51 -07:00
pixiv_web_agent.rb
reduce expiry for cached pixiv tokens to 1 week, revert to old method for extracting image url from page (fixes #3722)
2018-05-25 10:04:28 -07:00
popular_search_service.rb
add exception handling for failed popular search service calls
2018-09-04 13:44:51 -07:00
post_keeper_manager.rb
fix bug with postkeepermanager not loading a post from an id
2018-05-10 09:56:18 -07:00
post_pruner.rb
Raise error on unpermitted params.
2018-04-06 18:09:57 -07:00
post_query_builder.rb
search: add status:modqueue, status:unmoderated metatags.
2018-08-23 14:48:39 -05:00
post_search_context.rb
Fix #1156: Allow sequential search navigator to work without a search.
2017-07-24 19:30:30 -05:00
post_view_count_service.rb
move explore links to sidebar, fix popular searches action
2017-11-13 11:14:09 -08:00
post_vote_similarity.rb
fixes #3333
2017-10-12 16:36:17 -07:00
related_tag_calculator.rb
related tags: fix deprecation warning in order("count(*) DESC").
2018-04-28 22:00:20 -05:00
related_tag_query.rb
Added list_of_* wikis to copyright related tag response
2017-12-18 15:36:08 -08:00
remote_file_manager.rb
fixes #3560
2018-02-22 11:15:42 -08:00
session_creator.rb
Remove controller-level force_ssl checks.
2018-04-19 00:49:50 -05:00
session_loader.rb
Replace AnonymousUser with User.new.
2018-09-09 21:53:08 -05:00
sqs_service.rb
sqs_service.rb: fix exception when related tags sqs not configured.
2017-03-23 03:20:33 -05:00
storage_manager.rb
more consistent behavior of CurrentUser.root_url
2018-08-15 16:08:10 -07:00
tag_alias_correction.rb
tag alias corrections: fix ActionView::Template::Error exception (#3668).
2018-04-27 00:17:14 -05:00
tag_alias_request.rb
String: add truthy? & falsy? core extensions.
2018-05-03 19:57:14 -05:00
tag_autocomplete.rb
Fix #3902: Add source of tag autocomplete to the results.
2018-09-17 18:07:48 -05:00
tag_category.rb
Convert tag category Javascript/CSS assets to ERB
2017-12-24 17:01:17 -08:00
tag_change_request_pruner.rb
Implement forum topic voting and tag change pruning (#3580)
2018-04-26 15:31:06 -07:00
tag_correction.rb
fixes #3668
2018-04-26 10:25:24 -07:00
tag_implication_request.rb
String: add truthy? & falsy? core extensions.
2018-05-03 19:57:14 -05:00
tag_name_validator.rb
tag.rb: validate tag names.
2017-02-08 23:30:23 -06:00
tag_pruner.rb
potential fix for #1305
2013-04-14 18:22:25 -07:00
tag_relationship_retirement_service.rb
Expire unused aliases and implications after 2 years of inactivity
2018-08-01 16:54:48 -07:00
tumblr_api_client.rb
cache api clients
2018-09-11 14:19:17 -07:00
twitter_service.rb
twitter: don't fail when api key isn't configured.
2018-09-16 15:03:47 -05:00
upload_error_checker.rb
Add matching storage manager
2018-07-12 17:15:41 -07:00
upload_service.rb
add default source when creating posts from uploads in case canonical url doesn't exist
2018-08-29 14:21:39 -07:00
user_deletion.rb
Add category for mod actions
2018-01-13 20:55:52 -08:00
user_email_change.rb
When email change fails, give appropriate error message
2014-01-24 13:52:43 -05:00
user_name_validator.rb
add fix script for user names
2017-03-06 16:59:24 -08:00
user_promotion.rb
mod actions: separate account upgrades from promotions (fix #3841)
2018-08-26 11:12:04 -05:00
user_revert.rb
implement postarchive
2017-02-21 13:40:52 -08:00
weekly_maintenance.rb
add inactive approver pruner
2018-08-28 15:02:03 -07:00