Commit Graph

68 Commits (03d6be7627a1507bf9f383b5c712a06a7dcdd133)

Author SHA1 Message Date
Aevann c1d7b9acc2 fix duplicate cookie issue 2023-07-02 02:00:56 +03:00
Aevann f3f01bad96 make the "Enable push notifications" button link to /app on non-pwa iphone 2023-06-29 22:05:24 +03:00
Aevann 7493722457 redis cache frontpage 2023-06-27 23:03:14 +03:00
Aevann e50bbe0da0 remove cookie shit 2023-06-22 14:15:41 +03:00
Aevann 4deb6beca5 don't delete cf_clearance + make this work in WPD too 2023-06-08 02:34:12 +03:00
Aevann d353f57f21 check for cookie anamolies in rdrama 2023-06-08 00:22:53 +03:00
Aevann d0cc9a4822 revert a606d9ed67 2023-05-04 22:55:08 +03:00
Aevann a606d9ed67 implement cloudflare caching instead of redis caching 2023-05-03 23:41:41 +03:00
Aevann 27510af932 same as last commit 2023-04-02 19:00:36 +02:00
Aevann 1e2c740a08 fix errors 2023-04-02 18:59:21 +02:00
Aevann f074f465ec fix prev commit 2023-04-02 08:57:47 +02:00
Aevann 5bc6597188 add 1/1 second ratelimiter for user ids to fix blackjack exploit 2023-04-02 08:52:26 +02:00
Aevann 57765f0776 revert sqlalchemy changes 2023-03-16 08:27:58 +02:00
Aevann c07a4f9860 revert last commit 2023-03-16 07:10:20 +02:00
Aevann a9a2ba7038 expunge all instances when the request is done 2023-03-16 07:07:29 +02:00
Aevann f768d81103 keep db sessions open 2023-03-15 05:58:00 +02:00
Aevann 83550c33bd fix last commit 2023-03-11 09:36:41 +02:00
Aevann 8476ded483 fix last commit 2023-03-11 09:34:32 +02:00
Aevann d9ecb5b884 minor fix to g.v 2023-03-11 09:31:02 +02:00
Aevann ca1b25783f redup redis url 2023-03-01 21:49:17 +02:00
Aevann 17bb6dad48 blackjack fix exploit 2023-02-27 07:33:45 +02:00
Aevann fe0b8887bc change 1/second ratelimit to 1/2 second 2023-02-26 12:26:26 +02:00
Aevann 7dd2879328 fix 500 error 2023-02-26 10:47:41 +02:00
Aevann d500257729 better syntax for redis host 2023-02-26 10:02:07 +02:00
Aevann b7f12dacda fix again 2023-02-26 04:03:09 +02:00
Aevann e43319b34d fix 2023-02-26 04:01:37 +02:00
Aevann a77be15791 delete the 1/second ratelimiter in after_request 2023-02-26 03:58:41 +02:00
Aevann c09ca02a1e remove unnecessary shit 2023-02-01 21:05:39 +02:00
Aevann 20cbd7da43 remove unneeded shit (testing on devrama) 2023-02-01 19:21:14 +02:00
Aevann 349fa17836 use exlamation marks instead of dots in responses to users 2023-01-27 13:57:29 +02:00
Aevann 921b9b1a2e re-enable autocheck for ratelimiting 2023-01-23 04:38:39 +02:00
Aevann a4562b615a YOLO session_id 2023-01-01 16:27:12 +02:00
Aevann 044664a25e get rid of useless tabs and spaces 2023-01-01 13:36:20 +02:00
Aevann 0c303b81a3 move CSP to nginx again 2022-12-31 08:38:59 +02:00
Aevann f5211c19f9 fix chat annoyance 2022-12-30 20:09:55 +02:00
Aevann f0b20cad55 the worst fucking code you'll ever see 2022-12-30 14:14:18 +02:00
Aevann 93e9a42fa3 stop using inline style/script elements 2022-12-29 16:20:27 +02:00
Aevann 9540e7c26e same as last commit 2022-12-28 16:37:26 +02:00
Aevann d932c07b3d fix videos on wpd 2022-12-28 16:34:01 +02:00
Aevann 2bf85bb7ca fix 2022-12-27 05:40:03 +02:00
Aevann 25e0291b1d minor fix for 500 error 2022-12-27 03:37:41 +02:00
Aevann 6114111654 tighten CSP 2022-12-27 03:22:39 +02:00
Aevann e3529d0495 use abort instead of return {"error": 2022-12-26 04:37:30 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59)
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
justcool393 6dbad04f08 band-aid fix for frozen session issue on signup (#50)
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.

this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.

~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~

~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~

~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~

**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
Aevann1 ab7144d94a Revert "only show "upload profile background" if user on desktop or uses transparent theme"
This reverts commit 7b0de3e79d.
2022-12-05 16:25:39 +02:00
Aevann1 7b0de3e79d only show "upload profile background" if user on desktop or uses transparent theme 2022-12-05 16:22:19 +02:00
Aevann 3eecec0a51 downloadable videos on apple devices (#42)
![image](/attachments/bd1b3e1e-c0a9-4eee-9b1c-a03e1e8a8cbd)

Co-authored-by: Aevann1 <randomname42029@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Co-authored-by: Snakes <snakes@noreply.fsdfsd.net>
Reviewed-on: rDrama/rDrama#42
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-04 19:02:22 +00:00
Aevann1 f5f660efa9 add logged-out chromium instructions for installing PWA 2022-12-01 01:14:29 +02:00
justcool393 69a44baea7 settings: convert all to snek_case 2022-11-30 12:26:07 -06:00