79517725a6
refactor(isAllowed): Add `isAllowed` to allowedIPs.
...
This allows server.js to become more concise by
removing `isIPAllowed`, `isPhoneNumberAllowed` and `isEmailAllowed`
2017-11-15 17:12:57 +00:00
35c37d5927
feat(sms): Added tests for `change allowedPhoneNumbers` config
2017-11-15 15:50:01 +00:00
17a94591d5
chore(sms): Store allowed phone numbers in a Set
2017-11-15 14:56:57 +00:00
78226031d4
feat(sms): Add an allow list of non-rate limited phone numbers for testing.
...
fixes #217
2017-11-15 12:11:26 +00:00
a285a15e82
Release v1.100.0
2017-11-15 13:46:49 +11:00
e21820c8c7
fix(grunt): Commit new file CHANGELOG.md, not the old file CHANGELOG
2017-11-15 13:45:56 +11:00
19920cc1a5
fix(newrelic): newrelic native requires python, gyp, c++; update node@6.12.0 ( #216 ) r=@vladikoff
2017-11-13 17:13:41 -05:00
bf06c0ea21
fix(newrelic): Dockerpush fix newrelic must be first ( #215 ) r=@vladikoff
2017-11-12 13:15:23 -05:00
f228d27b71
chore(build): add changelog tag ( #213 ) r=@vbudhram
...
Fixes #177
2017-11-06 10:38:37 -05:00
d45d1ab4d8
chore(npm): update shrinkwrap command
2017-11-03 13:28:59 -04:00
47204ca076
Release v1.98.0
2017-10-26 13:17:27 -04:00
290e678602
chore(docker): Update to node v6.11.5 for security fix
2017-10-26 13:11:54 -04:00
01f74d3c1b
Release v1.92.0
2017-07-26 11:23:28 +10:00
32f908371f
fix(docs): document the dependency on memcached ( #211 ) r=vladikoff
2017-07-18 07:56:05 -04:00
a682ae4059
fix(server): remove mozdef integration ( #209 )
...
Fixes #204
2017-07-12 16:17:32 -04:00
4364c3a515
Release v1.91.0
2017-07-12 11:52:21 -07:00
8b93b6b236
Merge pull request #210 from mozilla/node-sec
...
fix(nodejs): upgrade to 6.11.1 for security fixes
2017-07-12 11:49:42 -07:00
ef20449cc8
fix(nodejs): upgrade to 6.11.1 for security fixes
2017-07-12 11:32:34 -07:00
7b20330fd2
feat(node): upgrade to Node 6 ( #208 )
2017-07-04 15:29:32 -04:00
eaf5c74ba5
Release v1.90.0
2017-06-29 08:59:28 +10:00
389432e209
Release v1.89.0
2017-06-29 08:56:43 +10:00
b39f993bb6
(iprecord): ignore prior rate-limiting for account access actions
...
Requests to /check with allow-listed email addresses cause the IP record
to to be marked as rate-limited, even though those requests aren't
actually blocked. Any subsequent requests to /checkIpOnly will fetch the
rate-limited IP record from memcached and block the request incorrectly.
This is a problem for the content server functional tests.
The change here ignores any previous rate-limiting for account access
actions, effectively putting them into a separate rate-limiting bucket.
https://github.com/mozilla/fxa-customs-server/pull/207
r=rfk
2017-06-28 05:21:01 -07:00
4de800f471
Release v1.88.0
2017-05-31 13:17:42 +10:00
08fca60761
feat(actions): add consumeSigninCode as an ACCOUNT_ACCESS_ACTION
...
https://github.com/mozilla/fxa-customs-server/pull/203
r=vbudhram
2017-05-23 13:34:40 +01:00
159d53bb94
feat(docker): add custom feature branch ( #202 ) r=jrgm
2017-05-16 14:44:51 -07:00
334eeb82a7
Release v1.86.0
2017-05-03 13:06:49 +10:00
da6765ade4
chore(deps): Update shrinkwrap
2017-05-03 13:05:27 +10:00
3f03e431f3
Merge pull request #200 from mozilla/pushonempty-rejection
...
fix(settings): pushOnMissing no longer updates on unexpected errors
2017-04-25 15:38:03 -07:00
a720749931
fix(settings): pushOnMissing no longer updates on unexpected errors
...
Closes #194
2017-04-25 15:08:58 -07:00
e2f206cda1
fix(sms): Add ability to rate-limit sms by email ( #198 ), r=@rfk
2017-04-21 09:26:43 -04:00
b412411ea6
feat(emails): Add `createEmail` to email sending endpoints ( #199 ) r=vladikoff
...
This PR adds rate-limiting to all endpoints that send emails for the add secondary email feature. It is a one liner because we reuse the verify code and resend code endpoints in add secondary emails. The only other endpoint that sends an email is the create email operation.
Fixes #180
2017-04-20 11:31:18 -04:00
a919f09d2c
Release v1.85.0
2017-04-19 10:10:26 +10:00
e7dd3c1a61
chore(docker): Use official node image & update to Node.js v4.8.2 ( #196 ) r=vladikoff
2017-04-18 18:35:42 -04:00
720e7dec11
fix(security): escape json output ( #193 ) r=vladikoff
...
refs: bmo secure bug 1320211
2017-04-11 11:17:08 -04:00
7acf589e52
Release v1.84.0
2017-04-04 10:48:01 -07:00
2a70689b0e
fix(tests): Correctly rate limit sms by ip address ( #191 ), r=@rfk
2017-03-28 11:16:50 -04:00
353f69c0f3
Release v1.83.0
2017-03-21 16:59:29 +11:00
8fef3d152d
fix(tests): Update config and testing for sms ( #189 ) r=vladikoff
2017-03-20 19:36:07 -04:00
1cd55b1d93
fix(docs): Add notes for sms ( #184 ), r=@shane-tomlinson
2017-03-09 16:31:26 -05:00
d84f289218
Release v1.82.0
2017-03-08 20:20:05 +11:00
c0434db14c
chore(changelog): Update the changelog
2017-03-08 20:14:50 +11:00
63f30f6fce
chore(docs): add circle ci badge to README
2017-03-05 13:09:20 -05:00
b0cb1fa1a7
feat(docker): add Docker support ( #176 ) r=vladikoff,jbuck
2017-03-05 13:02:18 -05:00
7c2b774d8a
chore(package): Use ip-rep service client with keepalive enabled ( #181 ) r=vladikoff
2017-02-27 16:46:21 -05:00
30be84518a
fix(shutdown): Fix deferred call of process.exit(code). ( #183 ); r=jrgm
2017-02-27 17:06:13 +11:00
2be2853414
Release v1.81.0
2017-02-24 15:14:40 -08:00
a521224641
fix(reputation): add more (positive) logging to reputation service requests ( #179 ), r=@vbudhram
2017-02-21 13:52:48 -05:00
14e37c3496
feat(blocklist): Add support to specify the block level for multiple blocklists ( #167 ), r=@rfk
...
Ability to specify log only lists for ip blocklist.
2017-02-20 09:51:21 -05:00
310fafb745
fix(config-set): Don't attempt to merge array-valued config items. ( #171 ); r=jrgm
2017-02-20 18:53:53 +11:00
ce084e75fb
Release v0.80.0
2017-02-16 11:35:34 +11:00
Shane Tomlinson
Ryan Kelly
John Morrison
Vlad Filippov
Jon Buckley
Phil Booth
Sean McArthur
Vijay Budhram
Jon Buckley
Greg Guthe
Ryan Kelly