This repository has been archived by the owner on Oct 6, 2021. It is now read-only.
Version 0.3.0
Pre-release
Pre-release
·
671 commits
to master
since this release
- Implemented a secure account recovery implementation, wherein users can
opt out of account recovery entirely, or supply a GPG public key. We send a
random, short-lived token to the email address on file (since Airship
doesn't store plaintext passwords). If a GPG public key is available, their
account recovery email will be encrypted by GnuPG. - Turned all of the Cabin classes into Gears, so that Gadgets can extend
their functionality. - Gadgets can also override the selected Lens, transparently.
- Added the option to cache blog posts and blog listings. If cached, comments
will be loaded from AJAX instead of in the page itself. This should allow a
single blog post to handle over 10,000 requests per second without a sweat. - Updated jQuery to 3.0.0.
- Regenerate session IDs on login. Thanks @kelunik
for bringing this oversight to our attention. - Implemented progressive rate-limiting based on two factors: IP subnet and
username. This covers both the login form and the account recovery form. - You can now specify HPKP headers
on a per-Cabin basis, via the Cabin Management screen. - You can now add/remove Cabins, Gadgets, and Motifs from the Bridge.
- Sysadmins can "lock" installs to prevent an admin account compromise from
leading to a vulnerable extension from being installed and subsequently
used by an attacker to compromise the server. Locks come in two varieties:- Password-based locks, where you must enter a separate password to
install a new extension. - Absolute locks, which can only be removed by the sysadmin.
- Password-based locks, where you must enter a separate password to
- In Landings,
$this->lens()
will now terminate script execution. If you
need to fetch the output (e.g. for caching), use$this->lensRender()
instead. - Implemented input filters which work on multidimensional arrays (e.g
$_POST
). We provide a few examples (one for each cabin's custom config
and one for the universal config). - Implemented optional Two-Factor Authentication support via TOTP
(e.g. Google Authenticator). - Airship now supports in-memory caching via APCu instead of the filesystem.
- Comments are now loaded with AJAX when you elect to cache a blog post.
- When you delete a custom directory, you can elect to create redirects
automatically to guide your passengers to the correct destination.