anubis

mirror of https://github.com/TecharoHQ/anubis.git synced 2026-02-11 22:40:21 -06:00

Author	SHA1	Message	Date
Xe Iaso	b794fe00f3	Merge branch 'main' into Xe/proof-of-react Signed-off-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-29 15:32:52 -04:00
Xe Iaso	2c0382995f	fix(challenges/xeact): add default loading message Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 19:23:06 +00:00
Xe Iaso	ee662f2b56	fix(challenges/xeact): add noscript warning Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 19:22:34 +00:00
Xe Iaso	7905a1c6b6	docs: fix spelling Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 19:13:47 +00:00
Xe Iaso	f2a60fedcc	fix(challenge/preact): ensure that the client waits as long as it needs to Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 19:12:38 +00:00
Xe Iaso	9557442294	fix(challenge/preact): use JSX fragments Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 19:05:36 +00:00
Skyler Mäntysaari	01f55cf552	internal/log: Implement logging of HOST when using subrequest auth (#1027 ) * internal/log: Implement logging of HOST when using subrequest auth The host header wouldn't be set on subrequest auth, so we need to look for X-Forwarded-Host header when logging requests. * chore: add changelog entry --------- Signed-off-by: Xe Iaso <xe.iaso@techaro.lol> Co-authored-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-29 19:04:33 +00:00
OwN-3m-All	99bd06b8c3	Update nginx.mdx - needs port_in_redirect off setting (#1018 ) * Update nginx.mdx - needs port_in_redirect off setting Signed-off-by: OwN-3m-All <own3mall@gmail.com> * Update metadata check-spelling run (pull_request) for patch-1 Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> --------- Signed-off-by: OwN-3m-All <own3mall@gmail.com> Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-08-29 19:03:08 +00:00
TinyServal	d6f1f24e1b	docs: document client IP headers and interop with cloudflare (#1034 )	2025-08-29 14:54:03 -04:00
Eric Hameleers	6a5485fde9	Alienbob: add Slackware URLs that are now protected by Anubis (#1051 ) * Update known-instances.md with Slackware git servers Signed-off-by: Eric Hameleers <alien@slackware.com> * Update CHANGELOG.md with Slackware git servers being protected by Anubis Signed-off-by: Eric Hameleers <alien@slackware.com> --------- Signed-off-by: Eric Hameleers <alien@slackware.com> Signed-off-by: Xe Iaso <xe.iaso@techaro.lol> Co-authored-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-29 14:24:04 +00:00
Alex Samorukov	582181f9b9	Allow to disable keep-alive for the targets not supporting it properly (#1049 ) * Allow to disable keep-alive for the targets not supporting it properly * Add changelog entry	2025-08-29 10:17:03 -04:00
Chris	44264981b5	Fix broken docs link (#1059 ) Fixes a broken docs link Signed-off-by: Chris <398094+phuzion@users.noreply.github.com>	2025-08-28 11:28:25 -03:00
Xe Iaso	21c3e0c469	docs(blog): add post about the odd CPU core count bug (#1058 ) * docs(blog): add post about the odd CPU core count bug Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-28 09:32:04 -04:00
phoval	9ddc1eb840	fix: middleware traefik redirect url (#1040 )	2025-08-28 07:24:29 -04:00
Xe Iaso	c661bc37d1	fix(worker): constrain nonce value to be a whole integer (#1045 ) * fix(worker): constrain nonce value to be a whole integer Closes #1043 Sometimes the worker could get into a strange state where it has a decimal nonce, but the server assumes that the nonce can only be a whole number. This patch constrains the nonce to be a whole number on the worker end by detecting if the nonce is a decimal number and then truncating away the decimal portion. Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(algorithms/fast): truncate decimal place on number of threads Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-26 14:05:03 -04:00
Xe Iaso	e7755a352e	feat: add 'proof of React' challenge Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-25 23:55:29 +00:00
dependabot[bot]	fb8ce508ee	build(deps-dev): bump the npm group across 1 directory with 3 updates (#1032 ) Bumps the npm group with 3 updates in the / directory: [cssnano](https://github.com/cssnano/cssnano), [cssnano-preset-advanced](https://github.com/cssnano/cssnano) and [esbuild](https://github.com/evanw/esbuild). Updates `cssnano` from 7.1.0 to 7.1.1 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano@7.1.0...cssnano@7.1.1) Updates `cssnano-preset-advanced` from 7.0.8 to 7.0.9 - [Release notes](https://github.com/cssnano/cssnano/releases) - [Commits](https://github.com/cssnano/cssnano/compare/cssnano-preset-advanced@7.0.8...cssnano-preset-advanced@7.0.9) Updates `esbuild` from 0.25.8 to 0.25.9 - [Release notes](https://github.com/evanw/esbuild/releases) - [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md) - [Commits](https://github.com/evanw/esbuild/compare/v0.25.8...v0.25.9) --- updated-dependencies: - dependency-name: cssnano dependency-version: 7.1.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: cssnano-preset-advanced dependency-version: 7.0.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm - dependency-name: esbuild dependency-version: 0.25.9 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: npm ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-08-25 00:33:44 +00:00
Jason Cameron	573b0079fb	Update metadata (#1031 )	2025-08-24 21:40:12 +00:00
Skyler Mäntysaari	d1d631a18a	lib/checker: Implement X-Original-URI support (#1015 )	2025-08-23 23:14:37 -04:00
Timo Tijhof	f3cd6c9ca4	docs: fix "stored" typo in CHANGELOG.md (#1008 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-08-24 03:12:08 +00:00
Brad Parbs	23772fd3cb	s/Wordpress/WordPress in docs (#1020 ) Signed-off-by: Brad Parbs <brad@bradparbs.com>	2025-08-24 02:52:09 +00:00
Xe Iaso	a7a61690fc	chore: commit for v1.22.0-pre1 Signed-off-by: Xe Iaso <me@xeiaso.net> v1.22.0-pre1	2025-08-23 22:39:43 -04:00
Xe Iaso	f5afe8b6c8	chore: release v1.22.0-pre1 Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-24 02:38:54 +00:00
Julian Krieger	61682e4987	Update installation.mdx to include a link to the Caddy docs (#993 ) * Update installation.mdx to include a link to the Caddy docs Signed-off-by: Julian Krieger <julian.krieger@hm.edu> * Update CHANGELOG.md to include documentation changes Signed-off-by: Julian Krieger <julian.krieger@hm.edu> --------- Signed-off-by: Julian Krieger <julian.krieger@hm.edu>	2025-08-20 23:02:49 +00:00
Xe Iaso	b0fa256e3e	fix(default-config): also block alibaba cloud (#1005 ) * fix(default-config): also block alibaba cloud Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-20 23:01:49 +00:00
Xe Iaso	ee55d857eb	fix(default-config): block Huawei Cloud (#1004 ) * fix(default-config): block Huawei Cloud Closes #978 Huawei Cloud has been egregious about its scraping. All attempts to contact their abuse team have failed. If you work for Huawei Cloud, please raise this issue internally and get the scraping to just stop. * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-20 22:40:07 +00:00
Xe Iaso	993ea8da1b	chore: copy SECURITY.md from TecharoHQ/.github This hopefully makes the security policy harder to miss. Signed-off-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-20 12:42:02 -04:00
Xe Iaso	6e4e471792	fix(lib): ensure issued challenges don't get double-spent (#1003 ) * fix(lib): ensure issued challenges don't get double-spent Closes #1002 TL;DR: challenge IDs were not validated at time of token issuance. A dedicated attacker could solve a challenge once and reuse it across multiple sessons in order to mint additional tokens. With the advent of store based challenge issuance in #749, this means that these challenge IDs are only good for 30 minutes. Websites using the most recent version of Anubis have limited exposure to this problem. Websites using older versions of Anubis have a much more increased exposure to this problem and are encouraged to keep this software updated as often and as frequently as possible. * docs: update CHANGELOG Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-20 12:33:32 -04:00
Xe Iaso	e8dfff6350	feat(blog): add short funding update post (#994 ) * feat(blog): add short funding update post Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-18 08:42:27 -04:00
Dryusdan	237a6a98e2	Bump ai.robots.txt to v1.39 (#982 )	2025-08-18 06:52:23 -04:00
Xe Iaso	e43999f30c	chore: add libreapay Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-16 03:01:59 +00:00
Martin	29d038835f	feat(web): Add option for customizable explanation text (#747 ) * Add option for customizable explanation text * Add changes to CHANGELOG.md * Replace custom explanation text in favor of static simplified text Also includes translations for the simple_explanation using Google Translate as a placeholder so tests pass. --------- Signed-off-by: Xe Iaso <xe.iaso@techaro.lol> Co-authored-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-14 11:12:55 -04:00
Xe Iaso	39215457e4	fix(locales): remove the word "hack" from the description of Anubis (#973 ) This was causing confusion and less technical users were thinking that websites had been intruded upon, causing them to send me horrible things over email. All non-English strings were amended using Google Translate. Please fix the localization as appropriate.	2025-08-14 01:15:28 +00:00
Martin	ff691dfee8	feat(lib): Add optional restrictions for JWT based on a specific header value (#697 ) * Add JWTRestrictionHeader funktionality * Add JWTRestrictionHeader to docs * Move JWT_RESTRICTION_HEADER from advanced section to normal one * Add rull request URL to Changelog * Set default value of JWT_RESTRICTION_HEADER to X-Real-IP	2025-08-13 23:27:42 +00:00
Mathieu Lu	83503525f2	Update known-instances.md: add lab.civicrm.org (#971 ) Signed-off-by: Mathieu Lu <mathieu@civicrm.org>	2025-08-13 19:32:29 +00:00
phoval	a8b7b2ad7b	feat: support HTTP redirect for forward authentication middleware in Traefik (#368 ) * feat: support HTTP redirect for forward authentication middleware in Traefik * fix(docs): fix my terrible merge Signed-off-by: Jason Cameron <jasoncameron.all@gmail.com> * chore: fix typo in docs Signed-off-by: Jason Cameron <jasoncameron.all@gmail.com> * fix(ci): add forwardauth Signed-off-by: Jason Cameron <jasoncameron.all@gmail.com> * chore: improve doc, target must be a space * chore: changelog * fix: validate X-Forwarded headers and check redirect domain * chore: refactor error handling * fix(doc): cookie traefik * fix: tests merge * Update docs/docs/admin/environments/traefik.mdx Co-authored-by: Henri Vasserman <henv@hot.ee> Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Jason Cameron <git@jasoncameron.dev> Signed-off-by: Jason Cameron <jasoncameron.all@gmail.com> Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: Jason Cameron <git@jasoncameron.dev> Co-authored-by: Jason Cameron <jasoncameron.all@gmail.com> Co-authored-by: Xe Iaso <me@xeiaso.net> Co-authored-by: Henri Vasserman <henv@hot.ee>	2025-08-12 20:59:45 -04:00
Elliot Speck	87651f9506	default pattern fixes (#963 ) * feat(checker): allow png/gif/jpg/jpeg/svg favicons as well as ico * changelog: add updates to keep-internet-working.yaml * fix(checker): tighten default regex patterns for well-known files * changelog: add updates to regular expression patterns in keep-internet-working.yaml --------- Signed-off-by: Elliot Speck <11192354+arcayr@users.noreply.github.com>	2025-08-09 07:40:33 -04:00
Elliot Speck	100005ce70	feat(checker): allow png/gif/jpg/jpeg/svg favicons as well as ico (#961 ) * feat(checker): allow png/gif/jpg/jpeg/svg favicons as well as ico * changelog: add updates to keep-internet-working.yaml --------- Signed-off-by: Xe Iaso <xe.iaso@techaro.lol> Co-authored-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-08 16:53:23 +00:00
Medvidek77	0a68415c2e	fix(localization): Improve Czech language translation (#895 ) * fix(localization): Improve Czech language translation Improved naturalness and flow of several phrases. Corrected typos and punctuation. Completed one previously unfinished sentence. Signed-off-by: Medvidek77 <medvidek77@centrum.cz> * Update cs.json Signed-off-by: Medvidek77 <medvidek77@centrum.cz> --------- Signed-off-by: Medvidek77 <medvidek77@centrum.cz>	2025-08-08 12:50:23 -04:00
SecularSteve	b3886752a1	Added Dutch translation (#937 ) * Added Dutch translation Signed-off-by: SecularSteve <33793273+SecularSteve@users.noreply.github.com> * Added Dutch translation Signed-off-by: SecularSteve <33793273+SecularSteve@users.noreply.github.com> * Added Dutch translation Signed-off-by: SecularSteve <33793273+SecularSteve@users.noreply.github.com> * Update lib/localization/locales/nl.json Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: SecularSteve <33793273+SecularSteve@users.noreply.github.com> Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: Xe Iaso <me@xeiaso.net>	2025-08-08 12:49:49 -04:00
Sunniva Løvstad	0e9f831201	chore: fix capitalisation in bokmål and nynorsk (#959 )	2025-08-08 12:48:07 -04:00
Xe Iaso	22ee227f20	fix(anubis): use global cookie prefix variable Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-07 13:51:18 +00:00
Jason Cameron	adda60c163	Revert "build(deps): bump the github-actions group with 2 updates (#952 )" (#962 )	2025-08-06 03:01:25 +00:00
dependabot[bot]	e0a15bf4dc	build(deps): bump the github-actions group with 2 updates (#952 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-08-05 22:45:07 -04:00
Xe Iaso	f6481b81a2	fix(web): embed challenge ID in pass-challenge invocations (#944 ) * refactor: make challenge pages return the challenge component This means that challenge pages will return only the little bit that actually matters, not the entire component. Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(web): move Anubis version info to be implicitly in the footer Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(web): embed challenge ID into generated pages Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(lib): make tests pass Signed-off-by: Xe Iaso <me@xeiaso.net> * test(lib/policy/config): amend tests Signed-off-by: Xe Iaso <me@xeiaso.net> * test(lib): fix tests again Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-04 18:49:19 +00:00
Xe Iaso	790bcbe773	fix(internal): silence unsolicited response log lines (#950 ) Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-03 19:08:23 +00:00
Xe Iaso	7c80c23e90	docs: remove JSON examples from policy file docs (#945 ) * docs: remove JSON examples from policy file docs Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(lib): remove mentions of botPolicies.json in the tests Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update link to challenge methods Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: unbreak links to the challenges category Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-03 18:09:26 +00:00
axell	2d8e942377	Add swedish local (#913 ) * add swedish local * added to changelog * add to TestLocalizationService * build(deps): bump brace-expansion from 1.1.11 to 1.1.12 in /docs (#909) Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.11 to 1.1.12. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/1.1.11...v1.1.12) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.12 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * add local (signed this time hopefully) * Update sv.json Co-authored-by: David Marby <david@dmarby.se> Signed-off-by: axel <mail@axell.me> * Update sv.json Co-authored-by: David Marby <david@dmarby.se> Signed-off-by: axel <mail@axell.me> * Update localization_test.go Co-authored-by: Jonathan Herlin <Jonte@jherlin.se> Signed-off-by: axel <mail@axell.me> * Update sv.json Co-authored-by: Jonathan Herlin <Jonte@jherlin.se> Signed-off-by: axel <mail@axell.me> * Update sv.json Co-authored-by: Jonathan Herlin <Jonte@jherlin.se> Signed-off-by: axel <mail@axell.me> * Update sv.json Co-authored-by: Jonathan Herlin <Jonte@jherlin.se> Signed-off-by: axel <mail@axell.me> * Update sv.json Co-authored-by: Jonathan Herlin <Jonte@jherlin.se> Signed-off-by: axel <mail@axell.me> * Update sv.json --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: axel <mail@axell.me> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: David Marby <david@dmarby.se> Co-authored-by: Jonathan Herlin <Jonte@jherlin.se>	2025-08-02 22:17:31 -04:00
Xe Iaso	d5f01dbdb9	fix(web/sha256-browserjs): fix function name (#943 ) * fix(web/sha256-browserjs): fix function name Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update changelog Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-02 16:05:48 +00:00
lillian-b	70bf58cc63	Add HackLab.TO to known instances (#936 ) * Add HackLab.TO to known instances Signed-off-by: lillian-b <146143737+lillian-b@users.noreply.github.com> * fix? Signed-off-by: lillian-b <146143737+lillian-b@users.noreply.github.com> --------- Signed-off-by: lillian-b <146143737+lillian-b@users.noreply.github.com>	2025-08-02 15:30:34 +00:00

1 2 3 4 5 ...

557 Commits