wamo/gnu-social
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
11,785 Commits 8 Branches 0 Tags 330 MiB
3a7e8e9d88
Commit Graph

11785 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Evan Prodromou
60b66bdd6e Merge branch 'nofollowexternallink' into 0.9.x 
Conflicts:
	lib/default.php
 2010-10-27 13:53:39 -04:00
Evan Prodromou
9e15290963 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-27 13:47:54 -04:00
Craig Andrews
1851933c34 Enable Strict Transport Security plugin by default 2010-10-27 10:12:35 -04:00
Evan Prodromou
563b4f968a Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-27 07:12:20 -04:00
Craig Andrews
255ba42ef1 use library function to determine if https should be used for recaptcha 2010-10-27 00:11:55 -04:00
Craig Andrews
9f9126e524 Load MS Virtual Earth javascript over https when browsing in https 2010-10-27 00:09:43 -04:00
Craig Andrews
bc6a61dc89 Use https for gravatars 
No reason not to use https, and doing so prevents mixed content warnings when the avatars are used on https pages.
 2010-10-26 23:56:59 -04:00
Craig Andrews
5476ffa944 add StrictTransportSecurity plugin 2010-10-26 23:46:18 -04:00
Brion Vibber
8ff44a1fb9 Merge branch '0.9.x' into twitstream 2010-10-26 15:39:31 -07:00
Craig Andrews
22a0cf6251 Set cookies with "secure" flag on SSL sites. Improves security. 2010-10-26 17:55:09 -04:00
Zach Copley
b3cd558fe7 Fix OAuth verifier display page title and msgs for i18n 2010-10-26 13:19:23 -07:00
Evan Prodromou
5d56d9bb69 UI on profile settings page to opt out of following everyone 2010-10-26 15:33:35 -04:00
Evan Prodromou
7a80ebeb13 flag to let users opt out of following everyone 2010-10-26 15:21:30 -04:00
Evan Prodromou
e5a3b973b8 Plugin to follow all new users by default 2010-10-26 15:10:18 -04:00
Evan Prodromou
22633a5af6 can't subscribe to blacklisted domains/users 2010-10-26 11:48:27 -04:00
Evan Prodromou
bec00094a7 Blacklist plugin checks PuSH and Salmon notices 2010-10-26 11:20:43 -04:00
Evan Prodromou
511566a132 userrole.php will take a profile id for remote profiles 2010-10-26 11:19:47 -04:00
Evan Prodromou
93a8718f97 Merge remote branch 'gitorious/1.0.x' into 1.0.x 2010-10-26 09:22:21 -04:00
Brion Vibber
c09487f272 readme: release candidate 0.9.6 2010-10-25 14:49:29 -07:00
Zach Copley
307c819089 Merge commit 'refs/merge-requests/2223' of git://gitorious.org/statusnet/mainline into integration 2010-10-25 14:35:56 -07:00
Michele macno Azzolari
0243cea82b Updated mustard description and link 2010-10-25 23:08:29 +02:00
Zach Copley
1a1ca22aca Supress header, footer, sidebar on OAuth verifier pin page when in "desktop" mode 2010-10-25 13:30:38 -07:00
Brion Vibber
b483a0549f Merge branch '1.0.x' into schema-x 
Conflicts:
	plugins/CacheLog/locale/nb/LC_MESSAGES/CacheLog.po
 2010-10-25 13:14:33 -07:00
Brion Vibber
ca489631db Merge branch '0.9.x' into 1.0.x 
Conflicts:
	actions/subscriptions.php
	lib/router.php
	lib/xmppmanager.php
	lib/xmppoutqueuehandler.php
 2010-10-25 13:08:57 -07:00
Samantha Doherty
01637bcd32 Base theme styling for oauth pin and desktop mode. 2010-10-25 16:00:34 -04:00
Zach Copley
78396db28a Forgot to add the OAuth verifier pin page to sensitive array 2010-10-25 12:36:03 -07:00
Zach Copley
0dcc3f8d71 We don't need to have editapplication (only showapplication) in the 
sensitive array because it doesn't expose the consumer keypair
 2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if 
available
 2010-10-25 11:52:17 -07:00
Zach Copley
82c280979d Add special CSS classes to OAuth authorization and pin pages when 
in desktop mode
 2010-10-25 11:25:35 -07:00
Zach Copley
479096c8d7 Less scary OAuth authorization messages when using anonymous consumer 2010-10-25 10:38:40 -07:00
Evan Prodromou
b60b9b4fa2 Merge branch '0.9.x' into atompub 2010-10-25 11:18:56 -04:00
Evan Prodromou
aef88c7cee max_id is inclusive 2010-10-25 11:18:49 -04:00
Evan Prodromou
75fcf1e081 Merge branch '0.9.x' into atompub 2010-10-25 11:09:11 -04:00
Evan Prodromou
968f9b0513 change max_id from < to <= 2010-10-25 11:08:53 -04:00
Evan Prodromou
e6ba379c8b navigation links in user timeline (for AtomPub) 2010-10-25 11:08:10 -04:00
Evan Prodromou
e51ed96b89 add rel=self links to atom entries 2010-10-25 09:48:01 -04:00
Evan Prodromou
59a7d78acb Atom Service Document 2010-10-24 23:43:26 -04:00
Evan Prodromou
698818bd7e show rel=edit links in notices for authenticated users 2010-10-24 23:05:33 -04:00
Evan Prodromou
c0664599aa allow posting to user timeline using AtomPub 2010-10-24 22:50:13 -04:00
Evan Prodromou
292e789584 delete a notice using AtomPub 2010-10-24 21:24:23 -04:00
Evan Prodromou
43a67b150a show a single notice in atom entry format 2010-10-24 15:58:53 -04:00
Evan Prodromou
69a1ecec9b check for a post 2010-10-24 15:04:12 -04:00
Siebrand Mazeland
1545c1228b Localisation updates from http://translatewiki.net. 2010-10-23 20:50:55 +02:00
Siebrand Mazeland
3329685beb * onPluginVersion added. 
* i18n fix: use _m() in plugins, don't use _()
* some translator documentation added.
* superfluous whitespace removed.
 2010-10-23 19:23:25 +02:00
Siebrand Mazeland
0b6cc7c33d * translator documentation added. 
* superfluous whitespace removed.
 2010-10-23 19:20:51 +02:00
Brion Vibber
eb30c6651a Additional fixes found while looking at ticket #2532: when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames. 2010-10-22 13:53:10 -07:00
Brion Vibber
2d124e4aab Fix for ticket #2532: fixed API block create/destroy when specifying the target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx 
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
 2010-10-22 13:51:28 -07:00
Brion Vibber
783f28c8b1 Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x 2010-10-22 12:14:45 -07:00
Brion Vibber
e292d8fb65 Fix for 140-char replies being unexpectedly cropped when bridged to Twitter. 
This drops the '@' -> ' @' hack for CURL meta-chars in outgoing Twitter bridge, added in commit 04b95c25 back in the day.
The Twitter bridge has since been switched from using direct CURL calls to using HTTPClient, which even with the CURL backend enabled doesn't trigger this issue, as POST parameters are formatted directly.
Prepending the space before we did the message cropping was leading to 140-char messages getting cropped unnecessarily, which was confusing:

Examples of broken messages:
http://identi.ca/notice/57172587 vs http://twitter.com/marjoleink/status/28398050691
http://identi.ca/notice/57172878 vs http://twitter.com/marjoleink/status/28398492563
 2010-10-22 12:10:11 -07:00
Zach Copley
3969870cf3 Normalize HTML body ids to lowercase when the user is logged out as well. 2010-10-22 18:32:08 +00:00