github/diaspora
1
1
Fork 0
mirror of https://github.com/diaspora/diaspora.git synced 2026-01-10 07:38:10 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
0a70e51f741621710f96011a8905c4e8ba9611f6
diaspora/app/controllers
History
Jonne Haß 0a70e51f74 Add a token the filename for exported user data 
Also redirect to it for download, for Amazon S3
compatibility.

Prior to this patch an attacker could obtain an
users export by guessing the filename with a high
chance of success. Fully authenticating the
download request is a lot harder due to our diverse
deployment scenarios.

This brings the used method in line with the photo
export feature.

Thanks to @tomekr for the report.
2015-04-22 20:19:17 +02:00
..
admin
Lock account #5564
2015-02-19 05:45:04 +05:30
api/v1
Implement token authentication
2014-11-13 11:27:56 +01:00
admins_controller.rb
Remove blueprint code
2015-03-02 00:04:57 +01:00
application_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
aspect_memberships_controller.rb
Port contacts page to backbonejs
2015-01-04 17:13:18 +01:00
aspects_controller.rb
Add toggle_chat_privilege to aspect controller
2014-11-13 11:24:07 +01:00
blocks_controller.rb
updated before_filters to before_actions as recommended for rails 4
2014-08-23 16:34:01 +02:00
comments_controller.rb
fix and stablize some cukes
2014-08-24 01:02:35 +02:00
contacts_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
conversation_visibilities_controller.rb
Changes delete conversation button tooltip to 'hide' or 'delete'
2014-12-19 18:26:43 -03:00
conversations_controller.rb
Remove blueprint code
2015-03-02 00:04:57 +01:00
help_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
home_controller.rb
Replace default.html with a regular view
2015-03-28 23:12:07 +01:00
invitation_codes_controller.rb
updated before_filters to before_actions as recommended for rails 4
2014-08-23 16:34:01 +02:00
invitations_controller.rb
rightbar invitations ported to bootstrap
2015-03-01 12:04:53 +01:00
likes_controller.rb
Add ActiveRecord::RecordNotFound catching. Add tests.
2014-12-22 12:36:09 +01:00
messages_controller.rb
updated before_filters to before_actions as recommended for rails 4
2014-08-23 16:34:01 +02:00
notifications_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
participations_controller.rb
Some fixes to participation controls
2015-02-27 15:31:30 +01:00
people_controller.rb
Fix layout regression: missing header on search page
2015-03-28 13:54:52 +01:00
photos_controller.rb
Fix layout regression: missing header on search page
2015-03-28 13:54:52 +01:00
poll_participations_controller.rb
fixed poll icon issue, improved code, poll in bookmarklets now available
2014-03-31 18:14:07 +02:00
posts_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
profiles_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
publics_controller.rb
updated before_filters to before_actions as recommended for rails 4
2014-08-23 16:34:01 +02:00
registrations_controller.rb
Remove blueprint code
2015-03-02 00:04:57 +01:00
report_controller.rb
Remove blueprint code
2015-03-02 00:04:57 +01:00
reshares_controller.rb
Reshare the absolute root of a post
2014-10-10 03:12:07 +02:00
search_controller.rb
Strip search query of leading & trailing whitespace
2014-10-09 23:34:11 +13:00
services_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
sessions_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
share_visibilities_controller.rb
updated before_filters to before_actions as recommended for rails 4
2014-08-23 16:34:01 +02:00
statistics_controller.rb
Remove layout 'centered_with_header_with_footer'
2015-03-18 21:59:56 +01:00
status_messages_controller.rb
fix too long tag name #5737
2015-03-15 16:15:33 +02:00
streams_controller.rb
Remove footer from stream and profile pages
2015-03-26 16:28:01 +01:00
tag_followings_controller.rb
updated before_filters to before_actions as recommended for rails 4
2014-08-23 16:34:01 +02:00
tags_controller.rb
Remove footer from stream and profile pages
2015-03-26 16:28:01 +01:00
terms_controller.rb
Remove blueprint code
2015-03-02 00:04:57 +01:00
users_controller.rb
Add a token the filename for exported user data
2015-04-22 20:19:17 +02:00