Mikael Nordfeldth
f83b81b8c4
Change config webfinger/http_alias to fix/legacy_http
...
Set $config['fix']['legacy_http'] to perform some actions that are
needed if your site used to be served over http but now has upgraded
to https!
2016-03-23 15:21:02 +01:00
Mikael Nordfeldth
265fa12917
Relatively experimental change to store thumbnails in 'file/thumb/' (by default)
2016-03-07 22:33:34 +01:00
Mikael Nordfeldth
1db02d7f36
filename_base option isn't optimal
...
For different "download filenames" we should use some other method.
2016-03-05 11:59:46 +01:00
Mikael Nordfeldth
747c91210f
HTMLPurifier cache settings, put stuff in subdir of get_sys_temp_dir()
2016-02-28 13:30:47 +01:00
Mikael Nordfeldth
2669c51265
Allow sgf files if they're recognized in mime search
...
They are Go game files used on lamatriz.org. Note that my server
doesn't actually recognize these files and can identify the mime type,
but my browser did for some reason.
2016-02-26 00:05:07 +01:00
Mikael Nordfeldth
e6e1705852
Make uploads work properly if we accept _all_ attachment types
...
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
Mikael Nordfeldth
b59dacb806
getAliases for Profile and Notice
...
Also move fancyurlfix into site-wide $config['fix']['fancyurls']
TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
afbdcf8938
Don't publish mbox_sha1sum in FOAF by default.
...
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00
Mikael Nordfeldth
d2c11925bf
To-selector padlock only shown if site config notice/allowprivate is true
2016-02-17 23:06:11 +01:00
Mikael Nordfeldth
5fbb01130a
By default, disallow users to set private_stream
2016-02-17 22:58:31 +01:00
Mikael Nordfeldth
67dfc0a046
application/xml allowed in uploads
2016-02-11 00:04:14 +01:00
Mikael Nordfeldth
733debd9b3
Use thumbnail upscaling config value
2016-02-10 04:40:54 +01:00
Mikael Nordfeldth
a61235086b
Use config site/sslproxy to force HTTPS (i.e. using reverse proxy to enable it)
...
Usage in config.php: $config['site']['sslproxy'] = true;
Add this to documentation...
2016-02-10 01:05:02 +01:00
Mikael Nordfeldth
cd71188d3a
SimpleCaptcha plugin to stop basic bots
2016-02-08 17:47:09 +01:00
Mikael Nordfeldth
d6664f5735
Hidespam by default
...
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
2016-02-07 02:33:53 +01:00
Mikael Nordfeldth
90045d66ea
HTMLPurifierSchemes plugin to allow geo and magnet URIs
2016-02-03 14:36:51 +01:00
Mikael Nordfeldth
b1ed1f48ea
Configurable linkify for bare IPv4/IPv6
2016-02-03 12:55:00 +01:00
Mikael Nordfeldth
84930f89f9
Don't allow account backups by default.
2016-02-03 01:08:36 +01:00
Mikael Nordfeldth
7e6783bb8f
Replace htmLawed with HTMLPurifier
2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
f768de4b46
default connect_timeout to 5 instead of extlib 10
2016-01-18 22:01:45 +01:00
Mikael Nordfeldth
17a65ff873
background folder has never been used for GNU social
2015-12-28 00:00:51 +01:00
Mikael Nordfeldth
334a0d56e7
Oembed slimmed to only do discovery (soon we get og: discovery too)
2015-11-30 02:06:04 +01:00
Mikael Nordfeldth
3013b84e98
Don't enable StrictTransportSecurity by default
...
(but you should enable it if you use TLS, but there are many who do this
through their webserver and it's odd to have double headers etc...)
2015-10-09 10:55:12 +02:00
Mikael Nordfeldth
88f7bb1ed5
Some work on ActivityModeration with notice deletion
...
Let's now create an event called DeleteNotice and also make sure we
handle the onNoticeDeleteRelated properly in ActivityModeration to
avoid possible endless loops etc.
2015-10-03 02:02:37 +02:00
Mikael Nordfeldth
a09cf51b99
Move Ostatus_profile->processPost function into plugin
2015-09-29 15:19:13 +02:00
Mikael Nordfeldth
8d516d7f08
Don't allow imports by default until it works well on large instances.
2015-07-17 14:40:09 +02:00
aroquen
776b82e6e8
Drop QnA from default plugins
2015-06-07 14:05:51 +02:00
Mikael Nordfeldth
82f9b6908c
Fake recovery by email address, to hide registrants on the site
2015-05-30 23:29:58 +02:00
Mikael Nordfeldth
2b58d6b774
Merge branch 'quitagram' into nightly
...
Fixes that make quitagram work better amongst other things.
2015-04-22 22:17:50 +02:00
Mikael Nordfeldth
4526c3f712
If /var/run was unwritable stopdaemons did not find pid file
2015-04-13 21:51:35 +02:00
Mikael Nordfeldth
d7d96806a4
removed unused config setting
2015-04-10 13:15:12 +02:00
Mikael Nordfeldth
8439efe77d
Filter out img, video and audio tags in notice HTML
...
Because we don't want to auto-fetch items from a remote server. Such
items should be delivered as attachment metadata and portrayed in the
way the local instance chooses.
Choices for portrayal are either simply nullifying this and embedding
the data, linking the file remotely requiring a manual click or maybe
use remote oEmbed data etc. to download files locally so no remote
requests have to be made.
2015-03-15 14:35:29 +01:00
Mikael Nordfeldth
dcfcceb6f2
Share plugin now handles showing form in NoticeOptionItems
2015-03-12 16:33:34 +01:00
Mikael Nordfeldth
9ef224fceb
ActivityVerb is a core plugin
2015-03-10 17:24:23 +01:00
Mikael Nordfeldth
0da7512597
No separate placeholder input element for replyforms
...
Also we're moving the rendering of these out into a separate plugin. Not
done yet, some javascript should be moved out as well.
2015-03-06 20:22:01 +01:00
Mikael Nordfeldth
325e784ccd
Don't store duplicates of files.
...
If a new file is uploaded, it will be matched with a previously uploaded
file so we don't have to store duplicates. SHA256 is random enough and
also unlikely enough to cause collisions.
2015-02-24 21:11:25 +01:00
Mikael Nordfeldth
96099807e1
Default install to site profile community
2015-02-20 01:00:28 +01:00
Mikael Nordfeldth
7ba7f43199
Don't linkify bare domains by default
...
It's too farfetched to assume any text.com in a notice is an HTTP URL.
For example stuff like pasting from log entries, with domain.com:1234
where 1234 is a _PID_ or something, not a port number for http://...
2015-02-17 20:54:32 +01:00
Mikael Nordfeldth
a89e91da79
By default, don't allow nick changes for profiles
...
This goes for both users and groups, since they share nickname namespace.
If you want to enable nickname changes, just add this to your config:
$config['profile']['changenick'] = true;
This commit should cover all changes in our usual web forms as well as through
the API.
2015-02-04 21:25:14 +01:00
Mikael Nordfeldth
fdae6f0fb3
neo-gnu is now default-theme. perty.
2015-02-02 18:22:59 +01:00
Mikael Nordfeldth
d140e135c0
Default textlimit for notices is now 1000 chars
2015-01-26 23:32:08 +01:00
Mikael Nordfeldth
67d09532dd
Improved animated image thumbnail freedom of choice
...
Default is now to take still thumbnails of animated GIFs and then
show them as originals in an AttachmentListItem. The still frames
are mostly used with front-ends like qvitter.
2015-01-26 16:33:39 +01:00
Mikael Nordfeldth
a8e613e508
Animated GIF restructuring, ImageMagick only used for resizing animated sequences.
2015-01-25 23:00:00 +01:00
Mikael Nordfeldth
4dd6d7869e
Maybe we can detect animated files in core
2015-01-25 22:11:46 +01:00
Mikael Nordfeldth
2dd1f3fe67
Default value for max thumbnail size increased
...
Because people have high resolution screens nowadays ;)
2015-01-23 15:04:54 +01:00
Mikael Nordfeldth
964d13792b
ssl_verify_host option in config (default is true)
2015-01-22 12:21:57 +01:00
Mikael Nordfeldth
fac9f4e545
Merge branch 'nightly' of gitorious.org:social/mainline into nightly
2015-01-21 23:45:49 +01:00
Mikael Nordfeldth
9c5aa67a63
Enable AntiBrute by default.
2015-01-21 23:43:04 +01:00
Mikael Nordfeldth
5981b5c8d9
CC license fixes (no remote image, https for href)
2015-01-08 18:13:33 +01:00
Mikael Nordfeldth
769febf22e
DirectMessage added to default plugins
...
I think the migration from core to plugin is done now for DMs.
This is required since we support the Twitter-based API by default,
which is implemented in many of the mobile clients etc. But you can
disable the DirectMessage for your instance of you wish, of course.
2014-11-07 16:37:00 +01:00