Commit Graph

4624 Commits

Author SHA1 Message Date
Mikael Nordfeldth
985f3b44b7 LRDD blacklisted URL test 2017-04-26 23:24:42 +02:00
Mikael Nordfeldth
e1df763940 Test URLs against blacklist also on PuSH subscriptions. 2017-04-26 22:43:16 +02:00
Mikael Nordfeldth
ee29b23bd4 Fix URL mention regular expression FOR REALZ 2017-04-22 11:46:43 +02:00
Mikael Nordfeldth
4827655632 Fix URL mention regular expression in OStatusPlugin 2017-04-22 11:26:23 +02:00
Mikael Nordfeldth
5e7a7701b9 Domain name regular expression into lib/framework.php
cherry-pick-merge
2017-04-22 11:26:13 +02:00
Mikael Nordfeldth
eefbfe746f Split up OStatusPlugin preg functions so they can be reused
cherry-pick-merge
2017-04-22 11:24:55 +02:00
Mikael Nordfeldth
45dfa9f215 A bit more instructive debugging 2017-04-22 11:23:43 +02:00
Mikael Nordfeldth
64b72a3c9b New domain regexp for WebFinger matching. 2017-04-22 11:23:41 +02:00
Mikael Nordfeldth
3453521c9c Less frightening interface on remote subscription
Instead of an error message in a red box about being unable to find the
profile, you get the title "Remote subscription" and no error message.
2017-04-19 11:44:07 +02:00
Mikael Nordfeldth
2744bdcdb7 Empty resource would throw exception
The "+ Remote" link on your profile page broke because of exception.
2017-04-19 11:43:58 +02:00
Mikael Nordfeldth
57f78dc61c Merge branch 'master' of git.gnu.io:gnu/gnu-social 2017-04-16 11:04:17 +02:00
Mikael Nordfeldth
388655d19b Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:03:14 +02:00
mmn
6679ecb9d7 Merge branch 'fix-openid-removal' into 'master'
Fix OpenID URI removal

See merge request !138
2017-04-06 09:12:35 +00:00
Sandro Santilli
1ef206467f Fix OpenID URI removal
See #252
2017-03-18 13:33:07 +01:00
Sandro Santilli
85a407e7b0 Normalize OpenID URI before checking it for validity
Fixes #251
2017-03-18 10:56:01 +01:00
Mikael Nordfeldth
9fead39f36 Merge branch 'master' of git.gnu.io:gnu/gnu-social 2017-03-18 01:36:35 +01:00
Mikael Nordfeldth
948744538c StoreRemoteMedia now checks remote filesize before downloading 2017-03-18 01:35:45 +01:00
Bjoern Schiessle
f198d5d110
improve status length calculation, each link is exactly 23 characters long at Twitter 2016-12-14 15:54:02 +01:00
Mikael Nordfeldth
afdd6d39ec Some Google stuff that need to be there (or comments)
Note that these won't be shown to the enduser and will never be accessed automatically.

We should put the salmon-protocol stuff on ostatus.org
2016-03-21 12:25:04 +01:00
Mikael Nordfeldth
b4cbf620ab woops, accidentally deleted updates-from rel on mass Google-deletion 2016-03-21 12:13:01 +01:00
Bob Mottram
11c57e7aee Remove Google References
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
Mikael Nordfeldth
b2cfbded2e Upgrading from 1.1.x would make uri fields have length=255 2016-03-15 16:54:10 +01:00
Mikael Nordfeldth
80f7a5f025 $metadata->thumbnail_url is not guaranteed to be set
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
2016-02-25 19:47:16 +01:00
Mikael Nordfeldth
e6f07d8554 Use in_array instead. Now we get third party responses to contextually interesting threads
I think this solves much of the "third party conversation" issues, assuming involved parties
are using modern GNU social instances.
2016-02-24 00:19:27 +01:00
Mikael Nordfeldth
31c9b2c1d8 Check the notice context for users in UsersalmonAction 2016-02-23 23:56:43 +01:00
Mikael Nordfeldth
9319033ff0 Properly attach activityobjects
For some reason they were written to ->object, which is incorrect as
we use the objects[] array (which usually just holds one entry though)
2016-02-23 23:50:57 +01:00
Mikael Nordfeldth
0eb5122817 Check that the user is in the context of a salmon slap 2016-02-23 23:42:41 +01:00
Mikael Nordfeldth
d672547112 getAliases should be only a list (numeric array) 2016-02-23 14:33:09 +01:00
Mikael Nordfeldth
e16f7d04a8 Let OpenID match against aliases (fix fancyurl stuff etc.) 2016-02-23 14:15:08 +01:00
Mikael Nordfeldth
b59dacb806 getAliases for Profile and Notice
Also move fancyurlfix into site-wide $config['fix']['fancyurls']

TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
c67b89e56b Make WebFinger fancyurlfix configurable 2016-02-21 20:05:32 +01:00
Mikael Nordfeldth
ce803f6d06 WebFinger aliases with 'index.php/' 2016-02-21 20:00:07 +01:00
Mikael Nordfeldth
1edb1bbc17 Claim that we are the URL without index.php/ in webfinger response 2016-02-21 19:09:39 +01:00
Mikael Nordfeldth
0c17c32267 Let the WebFingerPlugin lookup profile resources with index.php/ too 2016-02-21 18:48:48 +01:00
Mikael Nordfeldth
b23cc7465f Keep a unique set of WebFingerResource aliases 2016-02-21 18:47:32 +01:00
Mikael Nordfeldth
ade4518ae4 Make the Link header give URI for WebFinger lookup 2016-02-17 22:36:33 +01:00
Mikael Nordfeldth
422d475e44 Differentiate two similar log warning messages 2016-02-17 21:57:52 +01:00
Mikael Nordfeldth
e2a090c9cc Use NoticeStream::filterVerbs for filtering in noticestreams 2016-02-14 20:46:13 +01:00
Mikael Nordfeldth
fbcca62ae1 listGet was not meant for that really 2016-02-13 01:19:47 +01:00
Mikael Nordfeldth
8ef2abf30b Render RegiserThrottle extra profile data properly 2016-02-13 01:16:34 +01:00
Mikael Nordfeldth
799c2e47fe Don't depend on ModLog 2016-02-13 01:10:01 +01:00
Mikael Nordfeldth
be35975b12 RegisterThrottle list-profiles-by-ip 2016-02-13 01:02:18 +01:00
Mikael Nordfeldth
557ad2d1fd Show user registration IP to users who can see ModLog 2016-02-13 00:51:43 +01:00
Mikael Nordfeldth
3cef75bcac Update the comment on silencing privileged users in ModHelper 2016-02-12 14:47:44 +01:00
Mikael Nordfeldth
7fdcbd56d5 XMPP URI scheme for HTMLPurifier 2016-02-11 21:31:50 +01:00
Mikael Nordfeldth
b9d35659c8 Stricter exception check 2016-02-10 04:43:30 +01:00
Mikael Nordfeldth
ec257d940a Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
eaa394ed7d bitcoin schema for HTMLPurifier 2016-02-08 20:20:31 +01:00
Mikael Nordfeldth
ef5ed10eb9 Log failed captcha entries 2016-02-08 17:51:21 +01:00
Mikael Nordfeldth
cd71188d3a SimpleCaptcha plugin to stop basic bots 2016-02-08 17:47:09 +01:00