mmn
44c10bb2aa
Merge branch 'oembed_branch' into 'nightly'
...
purify oembed html and don't allow cdata
hopefully we never need stuff in cdata
reason for this is that this link serves javascript in its oembed data: https://www.maketecheasier.com/switch-windows-10-to-linux/
see:
https://www.maketecheasier.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.maketecheasier.com%2Fswitch-windows-10-to-linux%2F
i don't feel we want that in our database.
See merge request !79
2016-01-15 13:11:35 +00:00
Mikael Nordfeldth
16088d9439
ErrorAction and InfoAction fixes, are now ManagedAction
2016-01-14 21:28:47 +01:00
Mikael Nordfeldth
bc0a903bd4
ErrorAction to autodiscoverable file.
2016-01-14 21:21:34 +01:00
Mikael Nordfeldth
b530d385bc
Exception object was not supplied there
2016-01-14 18:51:46 +01:00
Mikael Nordfeldth
0caf0612d0
Make Twitter Media upload API v1.1 reach us
...
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
6e49281adb
Use the Action class itself as error handler
2016-01-14 18:21:11 +01:00
Mikael Nordfeldth
c173c4faa5
Actually throw NoQueueHandlerException too.
2016-01-14 13:48:33 +01:00
Mikael Nordfeldth
df00a88cb4
Forgot to add NoRouteMapException to 6834f355f2
2016-01-14 13:07:00 +01:00
Mikael Nordfeldth
6834f355f2
Making ClientExceptions turn into ClientErrorAction
...
Got some 404s which were presented as 500
2016-01-14 02:47:28 +01:00
Mikael Nordfeldth
99261e0781
Don't LOG_ERR missing paths (misspelling clients aren't errors)
2016-01-14 02:22:47 +01:00
Mikael Nordfeldth
331abf173b
Forgot semicolon
2016-01-14 02:05:33 +01:00
Mikael Nordfeldth
f699ffeb8a
Exception handling in queue handler logic
2016-01-14 02:04:15 +01:00
Mikael Nordfeldth
0ddaa6ff75
Handle exceptions in QueueHandler classes
2016-01-14 01:47:13 +01:00
Mikael Nordfeldth
29b45bb87a
Unnecessary call to User::getKV
2016-01-13 20:08:17 +01:00
Mikael Nordfeldth
818aaa0578
We didn't get profiles from the new-style attention system
2016-01-13 18:35:25 +01:00
hannes
3e7e3de554
don't allow cdata elements in purified html
2016-01-13 16:01:27 +00:00
Mikael Nordfeldth
99da1ebe41
Catch NoHttpResponseException when using HTTPClient
2016-01-13 14:17:49 +01:00
Mikael Nordfeldth
3ed632decf
NoHttpResponseException needed instead of HTTP_Request2_Exception
...
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
Mikael Nordfeldth
e75472f460
Use the upstream function to get effectiveUrl
2016-01-13 14:00:05 +01:00
Akio Nishimura
eceafb84de
lib/language.php: rewrited jp as ja.
2016-01-13 13:23:06 +01:00
Mikael Nordfeldth
e49e113140
Ugly hack to show thumbnails of otherwise unrepresentable attachments
...
such as text/html, where the thumbnail has been retrieved via oEmbed/OpenGraph
2016-01-12 15:38:59 +01:00
Mikael Nordfeldth
8c28e54ccc
same as previous, but for mime_to_ext
2016-01-12 13:14:17 +01:00
Mikael Nordfeldth
dbe5d72e4c
If all file extensions are supported we have no list of comparisons
2016-01-12 13:08:54 +01:00
hannes
a1b509bb0b
forgot we need access to $html too
2016-01-11 20:58:34 +00:00
hannes
8d331b0f35
EndCommonPurify event
2016-01-11 20:54:19 +00:00
Mikael Nordfeldth
1a46d86ca6
lib/util.php quick function to do var_export($var,true)
...
Immensely useful when debugging and we want to put quotes around strings,
potentially stopping any "evil logging attacks" (where input data masks
as logging data).
2016-01-11 19:52:54 +01:00
Mikael Nordfeldth
c1f22f106b
Might as well put a $limit on preg_replace here
...
Since there will (should) never be more than one ^http in that string anyway.
2016-01-11 18:27:26 +01:00
Mikael Nordfeldth
5b2b969a77
Tag notice streams should only show post verbs
2016-01-11 15:15:23 +01:00
Mikael Nordfeldth
b13f8df79b
HTTPClient would return null instead of exception
...
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
Mikael Nordfeldth
5ef10a14ef
Get group attentions too for outbound notices
2016-01-09 15:06:44 +01:00
Mikael Nordfeldth
55aa68b941
CancelGroupForm gets same typing as Join and Leave
2016-01-09 14:13:19 +01:00
Mikael Nordfeldth
fbec7c4e75
Issue #121 - use correct Group ID and strict User_group typing
2016-01-09 14:06:50 +01:00
Mikael Nordfeldth
d13483ca20
Wups, $poster could be undefined
2016-01-09 13:15:09 +01:00
Mikael Nordfeldth
33194b3cff
Attention goes to the parent notice author too
2016-01-08 02:58:31 +01:00
Mikael Nordfeldth
0463d96392
Add more info in logging call
...
There shouldn't be *HandleSalmonTarget, only verification of actor and
then Notice::saveActivity()!
2016-01-08 01:52:10 +01:00
Mikael Nordfeldth
e6f2676c5c
Default to not include delete verbs in notice streams
2016-01-07 23:33:47 +01:00
Mikael Nordfeldth
801ca3531b
common_find_attentions to populate activities from content text
2016-01-07 23:23:37 +01:00
Mikael Nordfeldth
1f02dc639e
shortenLinks _after_ media upload to be consistent with api
2016-01-07 18:14:45 +01:00
Mikael Nordfeldth
be58fd64f5
Use index for File url (urlhash)
2016-01-07 18:13:10 +01:00
Mikael Nordfeldth
d4be5349b3
think I have managed to show oEmbed images better now
2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
5d4b1d0b88
Appropriate exception message in GroupNoProfileException
2016-01-07 12:14:48 +01:00
Mikael Nordfeldth
47c7e1b875
Breaking class definitions out into separate files and fixing typing
2016-01-06 19:46:56 +01:00
Mikael Nordfeldth
f1c4c64cd9
Don't update stored URLs just because we have a filename
...
This would overwrite remote URLs with local verisons which removes source href...
The reason one might have filenames for remote URLs is that StoreRemoteMedia plugin
fetches them and uses the filename field.
2016-01-06 19:24:03 +01:00
Mikael Nordfeldth
b596391fcd
Avoid having to check for notices without rendered copies in upgrade.php
...
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
4a8e936e19
Somewhat more meaningful error message
2016-01-06 14:10:37 +01:00
Mikael Nordfeldth
4b22b0c42a
More listitems and lists into separate files + stronger typing
2016-01-06 01:36:46 +01:00
Mikael Nordfeldth
6d9f390ba8
Separating classes into files and stronger typing
2016-01-06 01:30:12 +01:00
Mikael Nordfeldth
da2f179ae9
Typing to Profile
2016-01-06 01:25:00 +01:00
Mikael Nordfeldth
e577e883f4
Subscriber lists to separate files and also Profile typing
2016-01-06 00:57:31 +01:00
Mikael Nordfeldth
1946197a1c
Merge request #10 by aroque but in a slightly different version
2016-01-06 00:48:03 +01:00