Aevann
e50bbe0da0
remove cookie shit
2023-06-22 14:15:41 +03:00
Aevann
4deb6beca5
don't delete cf_clearance + make this work in WPD too
2023-06-08 02:34:12 +03:00
Aevann
d353f57f21
check for cookie anamolies in rdrama
2023-06-08 00:22:53 +03:00
Aevann
d0cc9a4822
revert a606d9ed67
2023-05-04 22:55:08 +03:00
Aevann
a606d9ed67
implement cloudflare caching instead of redis caching
2023-05-03 23:41:41 +03:00
Aevann
27510af932
same as last commit
2023-04-02 19:00:36 +02:00
Aevann
1e2c740a08
fix errors
2023-04-02 18:59:21 +02:00
Aevann
f074f465ec
fix prev commit
2023-04-02 08:57:47 +02:00
Aevann
5bc6597188
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 08:52:26 +02:00
Aevann
57765f0776
revert sqlalchemy changes
2023-03-16 08:27:58 +02:00
Aevann
c07a4f9860
revert last commit
2023-03-16 07:10:20 +02:00
Aevann
a9a2ba7038
expunge all instances when the request is done
2023-03-16 07:07:29 +02:00
Aevann
f768d81103
keep db sessions open
2023-03-15 05:58:00 +02:00
Aevann
83550c33bd
fix last commit
2023-03-11 09:36:41 +02:00
Aevann
8476ded483
fix last commit
2023-03-11 09:34:32 +02:00
Aevann
d9ecb5b884
minor fix to g.v
2023-03-11 09:31:02 +02:00
Aevann
ca1b25783f
redup redis url
2023-03-01 21:49:17 +02:00
Aevann
17bb6dad48
blackjack fix exploit
2023-02-27 07:33:45 +02:00
Aevann
fe0b8887bc
change 1/second ratelimit to 1/2 second
2023-02-26 12:26:26 +02:00
Aevann
7dd2879328
fix 500 error
2023-02-26 10:47:41 +02:00
Aevann
d500257729
better syntax for redis host
2023-02-26 10:02:07 +02:00
Aevann
b7f12dacda
fix again
2023-02-26 04:03:09 +02:00
Aevann
e43319b34d
fix
2023-02-26 04:01:37 +02:00
Aevann
a77be15791
delete the 1/second ratelimiter in after_request
2023-02-26 03:58:41 +02:00
Aevann
c09ca02a1e
remove unnecessary shit
2023-02-01 21:05:39 +02:00
Aevann
20cbd7da43
remove unneeded shit (testing on devrama)
2023-02-01 19:21:14 +02:00
Aevann
349fa17836
use exlamation marks instead of dots in responses to users
2023-01-27 13:57:29 +02:00
Aevann
921b9b1a2e
re-enable autocheck for ratelimiting
2023-01-23 04:38:39 +02:00
Aevann
a4562b615a
YOLO session_id
2023-01-01 16:27:12 +02:00
Aevann
044664a25e
get rid of useless tabs and spaces
2023-01-01 13:36:20 +02:00
Aevann
0c303b81a3
move CSP to nginx again
2022-12-31 08:38:59 +02:00
Aevann
f5211c19f9
fix chat annoyance
2022-12-30 20:09:55 +02:00
Aevann
f0b20cad55
the worst fucking code you'll ever see
2022-12-30 14:14:18 +02:00
Aevann
93e9a42fa3
stop using inline style/script elements
2022-12-29 16:20:27 +02:00
Aevann
9540e7c26e
same as last commit
2022-12-28 16:37:26 +02:00
Aevann
d932c07b3d
fix videos on wpd
2022-12-28 16:34:01 +02:00
Aevann
2bf85bb7ca
fix
2022-12-27 05:40:03 +02:00
Aevann
25e0291b1d
minor fix for 500 error
2022-12-27 03:37:41 +02:00
Aevann
6114111654
tighten CSP
2022-12-27 03:22:39 +02:00
Aevann
e3529d0495
use abort instead of return {"error":
2022-12-26 04:37:30 +02:00
justcool393
ab41db22b7
[DO NOT MERGE] multiple sub banners ( #59 )
...
allows multiple sub banners
Snakes note: By request of Carp, especially for WPD.
Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
justcool393
6dbad04f08
band-aid fix for frozen session issue on signup ( #50 )
...
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.
this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.
~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~
~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~
~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~
**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**
Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
Aevann1
ab7144d94a
Revert "only show "upload profile background" if user on desktop or uses transparent theme"
...
This reverts commit 7b0de3e79d
.
2022-12-05 16:25:39 +02:00
Aevann1
7b0de3e79d
only show "upload profile background" if user on desktop or uses transparent theme
2022-12-05 16:22:19 +02:00
Aevann
3eecec0a51
downloadable videos on apple devices ( #42 )
...
![image](/attachments/bd1b3e1e-c0a9-4eee-9b1c-a03e1e8a8cbd)
Co-authored-by: Aevann1 <randomname42029@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Co-authored-by: Snakes <snakes@noreply.fsdfsd.net>
Reviewed-on: rDrama/rDrama#42
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-04 19:02:22 +00:00
Aevann1
f5f660efa9
add logged-out chromium instructions for installing PWA
2022-12-01 01:14:29 +02:00
justcool393
69a44baea7
settings: convert all to snek_case
2022-11-30 12:26:07 -06:00
justcool393
c315a2a259
amend previous
2022-11-29 19:31:28 -06:00
justcool393
883be4019c
kofi: fix kofi 500
2022-11-29 19:30:33 -06:00
justcool393
db31fc17de
ratelimits: turn off autocheck so we can init
...
required app context globals
2022-11-29 19:29:06 -06:00