Commit Graph

55 Commits (f05dbd1ce7e31bf6dae95df25444179644889a03)

Author SHA1 Message Date
Aevann c07a4f9860 revert last commit 2023-03-16 07:10:20 +02:00
Aevann a9a2ba7038 expunge all instances when the request is done 2023-03-16 07:07:29 +02:00
Aevann f768d81103 keep db sessions open 2023-03-15 05:58:00 +02:00
Aevann 83550c33bd fix last commit 2023-03-11 09:36:41 +02:00
Aevann 8476ded483 fix last commit 2023-03-11 09:34:32 +02:00
Aevann d9ecb5b884 minor fix to g.v 2023-03-11 09:31:02 +02:00
Aevann ca1b25783f redup redis url 2023-03-01 21:49:17 +02:00
Aevann 17bb6dad48 blackjack fix exploit 2023-02-27 07:33:45 +02:00
Aevann fe0b8887bc change 1/second ratelimit to 1/2 second 2023-02-26 12:26:26 +02:00
Aevann 7dd2879328 fix 500 error 2023-02-26 10:47:41 +02:00
Aevann d500257729 better syntax for redis host 2023-02-26 10:02:07 +02:00
Aevann b7f12dacda fix again 2023-02-26 04:03:09 +02:00
Aevann e43319b34d fix 2023-02-26 04:01:37 +02:00
Aevann a77be15791 delete the 1/second ratelimiter in after_request 2023-02-26 03:58:41 +02:00
Aevann c09ca02a1e remove unnecessary shit 2023-02-01 21:05:39 +02:00
Aevann 20cbd7da43 remove unneeded shit (testing on devrama) 2023-02-01 19:21:14 +02:00
Aevann 349fa17836 use exlamation marks instead of dots in responses to users 2023-01-27 13:57:29 +02:00
Aevann 921b9b1a2e re-enable autocheck for ratelimiting 2023-01-23 04:38:39 +02:00
Aevann a4562b615a YOLO session_id 2023-01-01 16:27:12 +02:00
Aevann 044664a25e get rid of useless tabs and spaces 2023-01-01 13:36:20 +02:00
Aevann 0c303b81a3 move CSP to nginx again 2022-12-31 08:38:59 +02:00
Aevann f5211c19f9 fix chat annoyance 2022-12-30 20:09:55 +02:00
Aevann f0b20cad55 the worst fucking code you'll ever see 2022-12-30 14:14:18 +02:00
Aevann 93e9a42fa3 stop using inline style/script elements 2022-12-29 16:20:27 +02:00
Aevann 9540e7c26e same as last commit 2022-12-28 16:37:26 +02:00
Aevann d932c07b3d fix videos on wpd 2022-12-28 16:34:01 +02:00
Aevann 2bf85bb7ca fix 2022-12-27 05:40:03 +02:00
Aevann 25e0291b1d minor fix for 500 error 2022-12-27 03:37:41 +02:00
Aevann 6114111654 tighten CSP 2022-12-27 03:22:39 +02:00
Aevann e3529d0495 use abort instead of return {"error": 2022-12-26 04:37:30 +02:00
justcool393 ab41db22b7 [DO NOT MERGE] multiple sub banners (#59)
allows multiple sub banners

Snakes note: By request of Carp, especially for WPD.

Co-authored-by: justcool393 <justcool393@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Reviewed-on: rDrama/rDrama#59
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
justcool393 6dbad04f08 band-aid fix for frozen session issue on signup (#50)
through some reason or another, people are somehow getting cookies that aren't prepended with a dot.

this is a problem because both sessions at, as best as I can tell, mix so it tries to read from a different cookie than we write to. this essentially "freezes" the session in place. users are unable to login, logout, signup, toggle poor mode, toggle NSFW, etc.

~~this attempts to delete bad session cookies (i.e. cookies with a domain that don't start with a dot).~~

~~we don't do this on "dotless" domains (and by extension localhost) because browser support for setting cookies on FQDNs that only have one dot has tenuous support among browsers anyway).~~

~~this *may* log some people out, but... their days of being able to do stuff on the site were numbered anyway.~~

**edit: as amazing as this thought was, browsers just wipe the entire cookies completely and there's no way to specifically target dotless cookies. for an issue that affects a few users, better to just tell them to clear their cookies. if *this* doesn't work, delete service-worker.js and be done with the whole service worker crap. forever. permanently. this PR also includes some QOL improvements.**

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#50
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-06 22:07:12 +00:00
Aevann1 ab7144d94a Revert "only show "upload profile background" if user on desktop or uses transparent theme"
This reverts commit 7b0de3e79d.
2022-12-05 16:25:39 +02:00
Aevann1 7b0de3e79d only show "upload profile background" if user on desktop or uses transparent theme 2022-12-05 16:22:19 +02:00
Aevann 3eecec0a51 downloadable videos on apple devices (#42)
![image](/attachments/bd1b3e1e-c0a9-4eee-9b1c-a03e1e8a8cbd)

Co-authored-by: Aevann1 <randomname42029@gmail.com>
Co-authored-by: Snakes <duolsm@outlook.com>
Co-authored-by: Snakes <snakes@noreply.fsdfsd.net>
Reviewed-on: rDrama/rDrama#42
Co-authored-by: Aevann <aevann@noreply.fsdfsd.net>
Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-04 19:02:22 +00:00
Aevann1 f5f660efa9 add logged-out chromium instructions for installing PWA 2022-12-01 01:14:29 +02:00
justcool393 69a44baea7 settings: convert all to snek_case 2022-11-30 12:26:07 -06:00
justcool393 c315a2a259 amend previous 2022-11-29 19:31:28 -06:00
justcool393 883be4019c kofi: fix kofi 500 2022-11-29 19:30:33 -06:00
justcool393 db31fc17de ratelimits: turn off autocheck so we can init
required app context globals
2022-11-29 19:29:06 -06:00
justcool393 11059d1665 move calc users to context processor (#31)
jinja more like i can't think of anything witty

Co-authored-by: justcool393 <justcool393@gmail.com>
Reviewed-on: rDrama/rDrama#31
Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net>
Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-11-29 23:50:32 +00:00
justcool393 c47dae86ec remove unused g attribute 2022-11-28 21:51:36 -06:00
Aevann1 c42a0e6a20 Revert "Revert "Revert "fix session bug" - pls for the love of god visit localhost after making a commit""
This reverts commit e6a328fc3a.
2022-11-27 03:01:02 +02:00
justcool393 e6a328fc3a Revert "Revert "fix session bug" - pls for the love of god visit localhost after making a commit"
This reverts commit b7efa6ddd3.
2022-11-26 18:45:12 -06:00
Aevann1 b7efa6ddd3 Revert "fix session bug" - pls for the love of god visit localhost after making a commit
This reverts commit fcdad601fb.
2022-11-27 02:43:10 +02:00
justcool393 fcdad601fb fix session bug 2022-11-26 18:33:04 -06:00
Snakes af7df7f62d
Ensure all entry points get sessions.
Somewhat speculative, but the change in f62a9769fd, while fixing
certain errors where logged-out users sometimes didn't have sessions
come calc_users, also opened the possibility of certain request
sequences that wouldn't give a user a session.

In the interest of conservatism, we create a session if not exists
in both the new location in calc_users and the previous spot in
before_request.
2022-11-22 18:37:55 -05:00
Aevann1 9e89166e2f restore reload icon for legacy app users 2022-11-22 23:34:33 +02:00
justcool393 79b2b5cff8 cookies: set SameSite Lax to get rid of annoying console warning 2022-11-21 09:36:34 -06:00
Aevann1 0c9d19c7eb add safari and firefox screenshots to /app 2022-11-21 01:31:26 +02:00