Mikael Nordfeldth
b9d35659c8
Stricter exception check
2016-02-10 04:43:30 +01:00
Mikael Nordfeldth
fb7f572eed
Purify oembed html (again)
...
For a commit or two we didn't do this, because htmLawed failed to filter
out CDATA javascript properly, but now we use HTML Purifier which works.
2016-01-28 19:02:16 +01:00
Mikael Nordfeldth
7e6783bb8f
Replace htmLawed with HTMLPurifier
2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
daea5647b6
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
2016-01-28 17:27:08 +01:00
mmn
9b3cbb373e
Merge branch 'oembed_fb_wp_branch' into 'nightly'
...
Oembed: Fix UTF-8 bug and better wp&fb data (updated!)
See merge request !97
2016-01-28 16:26:33 +00:00
Mikael Nordfeldth
efe23ed404
updateWithKeys now understands multi-column keys
...
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
hannes
05439831e7
add comment that DOMDocument('1.0', 'UTF-8') does not work
2016-01-28 15:32:11 +00:00
hannes
06e325d61b
fixes two issues when the oembed thumbnail is blank
2016-01-28 15:19:29 +00:00
hannes
aa76e5863f
don't mess upp charsets in oembed/og! check for utf-8 in http header and meta tags, and add prolog when loading html with DOMDocument()
2016-01-26 13:37:52 +00:00
hannes
b8d1e1f4a6
silence errors on these xpath queries
2016-01-26 11:28:24 +00:00
hannes
884aeb4d2e
common_purify() doesn't remove wordpress' and facebook's javascript properly, maybe better to keep the data intact, and do strip_tags or something similar when using the data
2016-01-26 01:10:15 +00:00
hannes
473f893d04
detab
2016-01-26 01:07:44 +00:00
hannes
76c8139054
not pretty, but gives us better oembed data for wordpress and facebook
2016-01-26 01:05:53 +00:00
hannes
d0e2f8745d
add a thumbnail to oembed response
2016-01-21 18:48:30 +00:00
mmn
44c10bb2aa
Merge branch 'oembed_branch' into 'nightly'
...
purify oembed html and don't allow cdata
hopefully we never need stuff in cdata
reason for this is that this link serves javascript in its oembed data: https://www.maketecheasier.com/switch-windows-10-to-linux/
see:
https://www.maketecheasier.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.maketecheasier.com%2Fswitch-windows-10-to-linux%2F
i don't feel we want that in our database.
See merge request !79
2016-01-15 13:11:35 +00:00
Mikael Nordfeldth
0caf0612d0
Make Twitter Media upload API v1.1 reach us
...
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
53339ff463
Fake oEmbed version in OpenGraph return object
2016-01-14 02:09:12 +01:00
Mikael Nordfeldth
24d9d76644
OpenGraph image/thumbnail width and height
2016-01-13 22:07:39 +01:00
hannes
ee305891c4
purify oembed html
2016-01-13 16:03:38 +00:00
Mikael Nordfeldth
3720e37f06
property attribute could be null in meta tags of course
2016-01-13 14:24:00 +01:00
Mikael Nordfeldth
3658774429
Super-basic OpenGraph image preview support, "works for me"
2016-01-12 15:29:03 +01:00
Mikael Nordfeldth
d4be5349b3
think I have managed to show oEmbed images better now
2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
b596391fcd
Avoid having to check for notices without rendered copies in upgrade.php
...
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
6772d991ae
Only provide Notice oEmbed data for local notices
2015-12-31 01:55:18 +01:00
Mikael Nordfeldth
feb6b636f4
File_oembed varchar to text changes
...
No need to have text length limitations in the database for fields which
very well may be longer than what was previously set.
2015-12-27 12:11:29 +01:00
Mikael Nordfeldth
334a0d56e7
Oembed slimmed to only do discovery (soon we get og: discovery too)
2015-11-30 02:06:04 +01:00
Mikael Nordfeldth
b7edac2610
HTTPClient get $params array and oEmbedHelper uses it
2015-11-30 01:28:18 +01:00
Stephen Paul Weber
a9b1b60a97
Refactor on File::processNew
...
The code was so involved there was even a comment asking for a refactor.
Now, File_redirection::where always returns a nice File_redirection
object instead of an array or string or nothing. The object is
either one which already existed or else a new, unsaved object.
Instead of duplicating "does it exist" checks everywhere, do it in
File_redirection::where. You either get what exists or something to save.
An unsaved File_redirection may be paired with an unsaved File.
You will want to save the File first (using ->saveFile()) and put the
id in File_redirection#file_id before saving.
2015-11-02 05:15:08 +00:00
digital dreamer
d7fd6bac72
Snapshot of the Transifex translation project - October 2015
2015-10-04 18:23:01 +02:00
Mikael Nordfeldth
d52b7e3124
Oembed fiddling, nothing major
2015-10-01 22:18:33 +02:00
Mikael Nordfeldth
118a4f56ab
Script to test remote oEmbed endpoints
2015-09-28 12:25:40 +02:00
Mikael Nordfeldth
8a002e98bc
File-related functions not declared static
2015-06-07 10:01:28 +02:00
Mikael Nordfeldth
f094918cf6
Revert "Inverse logic error in OembedPlugin"
...
This reverts commit 9ab996d9e6
.
2015-04-05 15:44:04 +02:00
Mikael Nordfeldth
4fc4f91b9e
Allow oEmbed data from all sites by default
2015-04-03 21:00:19 +02:00
Mikael Nordfeldth
9ab996d9e6
Inverse logic error in OembedPlugin
2015-04-03 20:59:56 +02:00
Mikael Nordfeldth
3cf5fe8795
bad URL is a clientError
2015-04-03 20:58:12 +02:00
Mikael Nordfeldth
94d3f50aee
oEmbed Action logic simplified (early return)
2015-04-03 20:47:08 +02:00
Mikael Nordfeldth
3dc30b6b8f
oEmbed helper never finished because of "break 2;"
2015-04-03 20:11:55 +02:00
Mikael Nordfeldth
1e89540c3f
Merge branch 'nightly', beginning of 1.2.x
...
Conflicts:
plugins/APC/locale/APC.pot
plugins/APC/locale/ast/LC_MESSAGES/APC.po
plugins/APC/locale/be-tarask/LC_MESSAGES/APC.po
plugins/APC/locale/br/LC_MESSAGES/APC.po
plugins/APC/locale/de/LC_MESSAGES/APC.po
plugins/APC/locale/es/LC_MESSAGES/APC.po
plugins/APC/locale/eu/LC_MESSAGES/APC.po
plugins/APC/locale/fr/LC_MESSAGES/APC.po
plugins/APC/locale/gl/LC_MESSAGES/APC.po
plugins/APC/locale/he/LC_MESSAGES/APC.po
plugins/APC/locale/ia/LC_MESSAGES/APC.po
plugins/APC/locale/id/LC_MESSAGES/APC.po
plugins/APC/locale/it/LC_MESSAGES/APC.po
plugins/APC/locale/mk/LC_MESSAGES/APC.po
plugins/APC/locale/ms/LC_MESSAGES/APC.po
plugins/APC/locale/nb/LC_MESSAGES/APC.po
plugins/APC/locale/nl/LC_MESSAGES/APC.po
plugins/APC/locale/pl/LC_MESSAGES/APC.po
plugins/APC/locale/pt/LC_MESSAGES/APC.po
plugins/APC/locale/pt_BR/LC_MESSAGES/APC.po
plugins/APC/locale/ru/LC_MESSAGES/APC.po
plugins/APC/locale/tl/LC_MESSAGES/APC.po
plugins/APC/locale/uk/LC_MESSAGES/APC.po
plugins/APC/locale/zh_CN/LC_MESSAGES/APC.po
plugins/Adsense/locale/Adsense.pot
plugins/Adsense/locale/be-tarask/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/br/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ca/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/de/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/es/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/eu/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/fr/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/gl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/he/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ia/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/it/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ja/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ka/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/lb/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/lt/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/mk/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ms/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/nb/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/nl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/pl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/pt/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/pt_BR/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/ru/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/sv/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/tl/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/tr/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/uk/LC_MESSAGES/Adsense.po
plugins/Adsense/locale/zh_CN/LC_MESSAGES/Adsense.po
plugins/Aim/locale/Aim.pot
plugins/Aim/locale/af/LC_MESSAGES/Aim.po
plugins/Aim/locale/ca/LC_MESSAGES/Aim.po
plugins/Aim/locale/de/LC_MESSAGES/Aim.po
plugins/Aim/locale/es/LC_MESSAGES/Aim.po
plugins/Aim/locale/eu/LC_MESSAGES/Aim.po
plugins/Aim/locale/fi/LC_MESSAGES/Aim.po
plugins/Aim/locale/fr/LC_MESSAGES/Aim.po
plugins/Aim/locale/gl/LC_MESSAGES/Aim.po
plugins/Aim/locale/ia/LC_MESSAGES/Aim.po
plugins/Aim/locale/it/LC_MESSAGES/Aim.po
plugins/Aim/locale/mk/LC_MESSAGES/Aim.po
plugins/Aim/locale/ms/LC_MESSAGES/Aim.po
plugins/Aim/locale/nl/LC_MESSAGES/Aim.po
plugins/Aim/locale/pl/LC_MESSAGES/Aim.po
plugins/Aim/locale/pt/LC_MESSAGES/Aim.po
plugins/Aim/locale/sv/LC_MESSAGES/Aim.po
plugins/Aim/locale/tl/LC_MESSAGES/Aim.po
plugins/Aim/locale/uk/LC_MESSAGES/Aim.po
plugins/Blog/locale/Blog.pot
plugins/Blog/locale/ar/LC_MESSAGES/Blog.po
plugins/Blog/locale/br/LC_MESSAGES/Blog.po
plugins/Blog/locale/ca/LC_MESSAGES/Blog.po
plugins/Blog/locale/de/LC_MESSAGES/Blog.po
plugins/Blog/locale/es/LC_MESSAGES/Blog.po
plugins/Blog/locale/eu/LC_MESSAGES/Blog.po
plugins/Blog/locale/fr/LC_MESSAGES/Blog.po
plugins/Blog/locale/gl/LC_MESSAGES/Blog.po
plugins/Blog/locale/ia/LC_MESSAGES/Blog.po
plugins/Blog/locale/it/LC_MESSAGES/Blog.po
plugins/Blog/locale/lt/LC_MESSAGES/Blog.po
plugins/Blog/locale/mk/LC_MESSAGES/Blog.po
plugins/Blog/locale/nl/LC_MESSAGES/Blog.po
plugins/Blog/locale/tl/LC_MESSAGES/Blog.po
plugins/Blog/locale/tr/LC_MESSAGES/Blog.po
plugins/Irc/locale/Irc.pot
plugins/Irc/locale/ca/LC_MESSAGES/Irc.po
plugins/Irc/locale/de/LC_MESSAGES/Irc.po
plugins/Irc/locale/es/LC_MESSAGES/Irc.po
plugins/Irc/locale/eu/LC_MESSAGES/Irc.po
plugins/Irc/locale/fi/LC_MESSAGES/Irc.po
plugins/Irc/locale/fr/LC_MESSAGES/Irc.po
plugins/Irc/locale/gl/LC_MESSAGES/Irc.po
plugins/Irc/locale/ia/LC_MESSAGES/Irc.po
plugins/Irc/locale/it/LC_MESSAGES/Irc.po
plugins/Irc/locale/ja/LC_MESSAGES/Irc.po
plugins/Irc/locale/mk/LC_MESSAGES/Irc.po
plugins/Irc/locale/nl/LC_MESSAGES/Irc.po
plugins/Irc/locale/sv/LC_MESSAGES/Irc.po
plugins/Irc/locale/tl/LC_MESSAGES/Irc.po
plugins/Irc/locale/tr/LC_MESSAGES/Irc.po
plugins/Irc/locale/uk/LC_MESSAGES/Irc.po
plugins/Spotify/locale/Spotify.pot
plugins/Spotify/locale/de/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/es/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/fr/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/gl/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/he/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/ia/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/mk/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/nl/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/sv/LC_MESSAGES/Spotify.po
plugins/Spotify/locale/tl/LC_MESSAGES/Spotify.po
plugins/TinyMCE/locale/TinyMCE.pot
plugins/TinyMCE/locale/ca/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/de/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/eo/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/es/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/fr/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/gl/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/he/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ia/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/id/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ja/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/mk/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ms/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/nb/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/nl/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/pt/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/pt_BR/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/ru/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/tl/LC_MESSAGES/TinyMCE.po
plugins/TinyMCE/locale/uk/LC_MESSAGES/TinyMCE.po
plugins/XCache/locale/XCache.pot
plugins/XCache/locale/ast/LC_MESSAGES/XCache.po
plugins/XCache/locale/br/LC_MESSAGES/XCache.po
plugins/XCache/locale/de/LC_MESSAGES/XCache.po
plugins/XCache/locale/es/LC_MESSAGES/XCache.po
plugins/XCache/locale/eu/LC_MESSAGES/XCache.po
plugins/XCache/locale/fi/LC_MESSAGES/XCache.po
plugins/XCache/locale/fr/LC_MESSAGES/XCache.po
plugins/XCache/locale/gl/LC_MESSAGES/XCache.po
plugins/XCache/locale/he/LC_MESSAGES/XCache.po
plugins/XCache/locale/ia/LC_MESSAGES/XCache.po
plugins/XCache/locale/id/LC_MESSAGES/XCache.po
plugins/XCache/locale/mk/LC_MESSAGES/XCache.po
plugins/XCache/locale/ms/LC_MESSAGES/XCache.po
plugins/XCache/locale/nb/LC_MESSAGES/XCache.po
plugins/XCache/locale/nl/LC_MESSAGES/XCache.po
plugins/XCache/locale/pl/LC_MESSAGES/XCache.po
plugins/XCache/locale/pt/LC_MESSAGES/XCache.po
plugins/XCache/locale/pt_BR/LC_MESSAGES/XCache.po
plugins/XCache/locale/ru/LC_MESSAGES/XCache.po
plugins/XCache/locale/tl/LC_MESSAGES/XCache.po
plugins/XCache/locale/tr/LC_MESSAGES/XCache.po
plugins/XCache/locale/uk/LC_MESSAGES/XCache.po
plugins/YammerImport/locale/YammerImport.pot
plugins/YammerImport/locale/br/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/de/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/es/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/eu/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/fr/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/gl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/ia/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/mk/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/ms/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/nl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/pl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/ru/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/tl/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/tr/LC_MESSAGES/YammerImport.po
plugins/YammerImport/locale/uk/LC_MESSAGES/YammerImport.po
2015-03-09 11:01:17 +01:00
digital dreamer
a452a3b1a0
Snapshot of the Transifex translation project - February 2015
2015-03-08 09:34:38 +01:00
Mikael Nordfeldth
8fac7a9f6c
StatusNet class renamed GNUsocial
...
also added backward compatible StatusNet class for the two calls I know
third party plugins use, isHTTPS and getActivePlugins
2015-02-27 12:44:15 +01:00
Mikael Nordfeldth
2f86cd8602
utf8mb4 conversion on database with index adjusts
2015-02-12 18:18:55 +01:00
Mikael Nordfeldth
000b7675d8
Vimeo oEmbed thumbnail host added to whitelist
2015-02-02 11:14:13 +01:00
Mikael Nordfeldth
acd36698b4
A bunch of clientError that were called as serverError
...
Calling serverError with a clientError status code (4xx) means it will
automatically default to Internal Server Error (500) which is in the
server error status code range (5xx). That is undesirable.
2015-01-29 23:35:49 +01:00
Mikael Nordfeldth
470971cf47
File_thumbnail uses file_id as PRI
2015-01-25 13:13:01 +01:00
Mikael Nordfeldth
12058c30b4
Managed_DataObject->updateWithKeys throws its own exception
2015-01-25 12:54:08 +01:00
Mikael Nordfeldth
0e0783ee8c
Regexp for Oembed domain matching
2015-01-25 11:18:57 +01:00
Mikael Nordfeldth
85e644d647
Remote thumbnail fetching from trusted sources
...
So far we only trust i.ytimg.com for YouTube thumbnails, but you can
configure the Oembed plugin in config.php by setting the plugin's class vars:
addPlugin('Oembed', array('param'=>'value', ...));
Some might think this is a security risk or privacy invasive, but as the Oembed
script is already calling remote sites to get information _about_ linked media,
the way to stop it is to disable the Oembed plugin. However it is not certain
it has been migrated out into a plugin properly yet. But try it if you want to.
2015-01-25 02:34:40 +01:00
Mikael Nordfeldth
999175d741
File_oembed::byFile to avoid littering with getKV
2015-01-25 02:32:04 +01:00
Mikael Nordfeldth
f5efbd8037
twitPic no longer exists/is active
2015-01-17 12:07:57 +01:00