Commit Graph

18127 Commits

Author SHA1 Message Date
Mikael Nordfeldth
45203a4992 Makes the attachment button stay within the form area... 2017-04-30 20:32:10 +02:00
Mikael Nordfeldth
bb72229d6a Show what you're replying to in the web interface 2017-04-30 10:37:21 +02:00
Mikael Nordfeldth
16880de8f6 ensureHub on 422 status code (Superfeedr error on non-existing topic) 2017-04-30 10:29:16 +02:00
Mikael Nordfeldth
b20b9727cf More debugging info for FeedSub PuSH self-healing 2017-04-30 09:46:15 +02:00
Mikael Nordfeldth
e21043e81c syntax fix (throw _new_ *Exception) 2017-04-30 09:33:06 +02:00
Mikael Nordfeldth
1ecf709918 Make sure we don't receiveFeed() in the case of that exception 2017-04-30 09:31:16 +02:00
Mikael Nordfeldth
5288a6f9e2 Update huburi for FeedSub if PuSH signature is invalid
This because some remote server might have used third party PuSH hubs
but switch and we don't know about it.

Possible risks here are of course MITM that could force us to rediscover
PuSH hubs from a feed they control, but that currently feels ... meh.
2017-04-30 09:20:08 +02:00
Mikael Nordfeldth
c505652c15 Confirm_address::getByAddress not getAddress
Also fixed the error handling to match the function call.
2017-04-29 14:48:46 +02:00
Takuma YOSHIOKA
2ebdac70da
Ignore whole directory, not only inner contents
`dir/*` style let git ignore files and directories in `dir/`, but not
`dir/` itself.
This cause `git clean -df` to remove `dir/` **with its contents**!

To prevent `git clean -df` to remove data directories (`avatar/`, `file/`,
etc), use `dir/` (or `dir`) style in gitignore.
2017-04-29 14:22:36 +09:00
Mikael Nordfeldth
853b016a42 Separate ensureHub into function in FeedSub 2017-04-27 09:24:12 +02:00
Mikael Nordfeldth
598b51eb7a Escaping a URI in common_debug call 2017-04-27 09:23:45 +02:00
Mikael Nordfeldth
985f3b44b7 LRDD blacklisted URL test 2017-04-26 23:24:42 +02:00
Mikael Nordfeldth
ea6d8b8bde LRDD blacklisted URL test 2017-04-26 23:21:13 +02:00
Mikael Nordfeldth
e1df763940 Test URLs against blacklist also on PuSH subscriptions. 2017-04-26 22:43:16 +02:00
Mikael Nordfeldth
bb76af4f65 Test URLs against blacklist also on PuSH subscriptions. 2017-04-26 22:41:59 +02:00
Mikael Nordfeldth
839b3e7392 allowed_schemes was misspelled 2017-04-26 22:12:06 +02:00
Mikael Nordfeldth
adfd76f44b allowed_schemes was misspelled 2017-04-26 22:11:28 +02:00
Mikael Nordfeldth
df7ff4ef1a Moving form to its own file as we do nowadays 2017-04-25 21:13:29 +02:00
Mikael Nordfeldth
c71600c144 Modernise some function calls etc, to newer GNU social standards 2017-04-25 21:03:43 +02:00
Mikael Nordfeldth
5f24fc0986 Blacklist plugin enabled by default (bug fixes will come) 2017-04-25 20:43:31 +02:00
Mikael Nordfeldth
a53284fe4f Use getByID nistead of getKV for Feedsub in PushInQueueHandler 2017-04-25 20:42:10 +02:00
Chimo
4ef05e35b8 backupaccount: Don't print page HTML in XML export
The current Atom/XML account backup contains the backupaccount HTML at the end
of the downloaded file. This change makes it so that only the XML is downloaded
by terminating the script before the HTML is served.
2017-04-23 19:03:40 +00:00
Mikael Nordfeldth
956cfaf844 Try https first on URL mention lookup 2017-04-22 12:29:53 +02:00
Mikael Nordfeldth
95f991cff3 Somewhat simpler regex. Thanks acct:takeshitakenji@gs.kawa-kun.com 2017-04-22 12:12:27 +02:00
Mikael Nordfeldth
c4541d8f5b Merge branch 'master' into nightly
No change should be made, just making sure...
2017-04-22 11:47:29 +02:00
Mikael Nordfeldth
ee29b23bd4 Fix URL mention regular expression FOR REALZ 2017-04-22 11:46:43 +02:00
Mikael Nordfeldth
69e944e21a Fix URL mention regular expression FOR REALZ 2017-04-22 11:45:24 +02:00
Mikael Nordfeldth
4827655632 Fix URL mention regular expression in OStatusPlugin 2017-04-22 11:26:23 +02:00
Mikael Nordfeldth
5e7a7701b9 Domain name regular expression into lib/framework.php
cherry-pick-merge
2017-04-22 11:26:13 +02:00
Mikael Nordfeldth
eefbfe746f Split up OStatusPlugin preg functions so they can be reused
cherry-pick-merge
2017-04-22 11:24:55 +02:00
Mikael Nordfeldth
45dfa9f215 A bit more instructive debugging 2017-04-22 11:23:43 +02:00
Mikael Nordfeldth
64b72a3c9b New domain regexp for WebFinger matching. 2017-04-22 11:23:41 +02:00
Mikael Nordfeldth
51e5cc2ac8 Fix URL mention regular expression in OStatusPlugin 2017-04-22 11:15:55 +02:00
Mikael Nordfeldth
2fc4b174c1 Domain name regular expression into lib/framework.php 2017-04-22 11:07:38 +02:00
Mikael Nordfeldth
bd6c93a811 Split up OStatusPlugin preg functions so they can be reused 2017-04-22 11:02:41 +02:00
Mikael Nordfeldth
54971842f2 A bit more instructive debugging 2017-04-22 10:55:24 +02:00
Mikael Nordfeldth
0fd83f0028 New domain regexp for WebFinger matching. 2017-04-22 10:51:03 +02:00
Mikael Nordfeldth
e98bceec10 Import backlog on new subscription.
Danger is when importing a new feed that may be maliciously crafted
to contain a zillion entries.
2017-04-21 09:31:27 +02:00
Mikael Nordfeldth
f51cb6fca9 Split OStatusPlugin FeedSub receive into two parts
FeedSub::receive now only handles the PuSH verification
FeedSub::receiveFeed is protected and only parses+imports feed XML
2017-04-21 08:13:39 +02:00
Chimo
63f9af307d doc: Update 'backup', 'restore' default values 2017-04-19 22:56:45 -04:00
Mikael Nordfeldth
3453521c9c Less frightening interface on remote subscription
Instead of an error message in a red box about being unable to find the
profile, you get the title "Remote subscription" and no error message.
2017-04-19 11:44:07 +02:00
Mikael Nordfeldth
2744bdcdb7 Empty resource would throw exception
The "+ Remote" link on your profile page broke because of exception.
2017-04-19 11:43:58 +02:00
Mikael Nordfeldth
e87115d462 Less frightening interface on remote subscription
Instead of an error message in a red box about being unable to find the
profile, you get the title "Remote subscription" and no error message.
2017-04-19 11:41:34 +02:00
Mikael Nordfeldth
548e59fc99 Empty resource would throw exception
The "+ Remote" link on your profile page broke because of exception.
2017-04-19 11:37:43 +02:00
Andrew Engelbrecht
6ca5bb4d41 Added CAS user whitelist feature
This feature filters users who may log in via CAS. This is useful when
both CAS and password authentication is enabled and there is a mismatch
between some GNU social account names and CAS user names. This prevents
CAS users from logging in as someone else on GNU social.
2017-04-17 12:41:49 -04:00
Mikael Nordfeldth
2a8ab1c6ca Merge branch 'master' into nightly 2017-04-16 11:04:58 +02:00
Mikael Nordfeldth
57f78dc61c Merge branch 'master' of git.gnu.io:gnu/gnu-social 2017-04-16 11:04:17 +02:00
Mikael Nordfeldth
388655d19b Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:03:14 +02:00
Mikael Nordfeldth
35b0a9e3ae Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:01:16 +02:00
Andrew Engelbrecht
25b4996145 Fix 'from' address in the XMPP ping command
This commit corrects a syntax error that caused the XMPP daemon to
reatedly reconnect to the remote server.
2017-04-13 12:35:49 -04:00