Commit Graph

9518 Commits

Author SHA1 Message Date
Zach Copley
0dfef88cac HTML entity encode source link URLs in plain XML output and add rel="nofollow" to them 2010-05-18 15:15:52 -07:00
Zach Copley
68634f0496 Add source link attr to statusnet:notice_info element in Atom output for notices 2010-05-18 15:15:41 -07:00
Zach Copley
c78f67aa73 Refactor and centralize notice source link calculation 2010-05-18 15:15:27 -07:00
Zach Copley
d9fddff539 Add xmlns:statusnet and statusnet:notice_info element to Atom entries for notices 2010-05-18 15:15:14 -07:00
Brion Vibber
14a76926a2 Redirect non-SSL hits to login & register actions to SSL if 'always' or 'sometimes' SSL modes are kicked in.
The forms would already submit to SSL, but people are happier if they start on a secure page!

Note: this really should be done for sensitive/all URLs in index.php, but it seems a bit awkward to reconstruct the SSL version of the link atm. Cleanup todo!
2010-05-18 21:52:17 +00:00
Brion Vibber
813bbc912d typo fix in en_GB localization (also updated @ translatewiki) 2010-05-18 13:44:23 -07:00
Brion Vibber
d0ba34e0f3 Merge branch 'openid-teams' into testing 2010-05-18 13:37:46 -07:00
Brion Vibber
7c828ae5f8 OpenID access control options: trusted provider URL, Launchpad team restrictions. Added an admin panel for setting these and OpenID-only mode, off by default.
To enable the admin panel:
    $config['admin']['panels'][] = 'openid';

Or to set them manually:
    $config['openid']['trusted_provider'] = 'https://login.ubuntu.net/';
    $config['openid']['required_team'] = 'my-project-cabal';
    $config['site']['openidonly'] = true;

OpenID-only mode can still be set from addPlugin() parameters as well for backwards compatibility.
Note: if it's set there, that value will override the setting from the database or config.php.

Note that team restrictions are only really meaningful if a trusted provider is set; otherwise,
any OpenID server could report back that users are members of the given team.

Restrictions are checked only at OpenID authentication time and will not kick off people currently
with a session open; existing remembered logins may also survive these changes.

Using code for Launchpad team support provided by Canonical under AGPLv3, pulled from r27 of
WordPress teams integration plugin:
    https://code.edge.launchpad.net/~canonical-isd-hackers/wordpress-teams-integration/trunk
2010-05-18 13:28:41 -07:00
Brion Vibber
d5b4df4097 Merge branch 'master' of gitorious.org:statusnet/mainline into testing 2010-05-18 13:21:23 -07:00
James Walker
6da59fab58 invalid mbox_sha1sum in the case where users don't have an email address
(reported by pedantic-web.org)
2010-05-18 10:09:16 -04:00
Brion Vibber
b77878f467 Include notice fragment on 'in context' links in Realtime plugin family. 2010-05-17 19:47:44 +00:00
Brion Vibber
e36df29212 Patch from g0: fix for conversation links in Realtime updates
Previously was using the reply-to URL, which didn't match with other displays.
Now sends to the right conversation page.
2010-05-17 19:37:47 +00:00
James Walker
1999b836c0 accept either salmon endpoint (until they're unified in the spec) 2010-05-14 16:43:41 -04:00
James Walker
275002d88a allow hyphens in subdomains for webfinger addresses 2010-05-14 16:43:41 -04:00
Brion Vibber
2e808fdc82 More direct text for registration licensing/tos checkbox for private and all-rights-reserved sites. 2010-05-13 16:47:58 -07:00
Brion Vibber
5d0593ec34 Fix keys() / keyTypes() mixup in SamplePlugin 2010-05-12 11:09:37 -07:00
Brion Vibber
3d00cfd47f Windows server fix: Use platform EOL in debug log file 2010-05-11 12:22:14 -07:00
Brion Vibber
45392bef33 Installer tweak for Windows: normalize line endings to platform standard in generated config.php
Added a comment that the writable directory checks are insufficient to catch ACL problems on Windows; need a better check for that.
2010-05-11 12:16:13 -07:00
Zach Copley
fba140f4e0 Fix for repeats from the API having null source attribution 2010-05-08 00:07:42 +00:00
Brion Vibber
7915386950 Allow plugins to load their styles for mobile view; fixes bad realtime button layout 2010-05-07 01:28:37 +00:00
Brion Vibber
5996d80c09 Ticket #2184: recognize Palm Pre / WebOS browsers for MobileProfile
One-line addition of 'webos' to the keywords list.
2010-05-06 21:29:04 +00:00
Zach Copley
b50f300566 Implement since_id and max_id param handling for /api/favorites 2010-05-05 14:46:36 -07:00
Brion Vibber
c2bda7726c XMPP debugging: log the message source when discarding empty or unrecognized messages. 2010-05-05 13:11:36 -07:00
Brion Vibber
8260a88f41 Quick fix for DirectionDetector: only apply <span class="rtl"> once; if it's already there in an incoming message (eg via OStatus), don't reapply it.
Modified from patch from Everplays
2010-05-05 11:28:05 -07:00
Brion Vibber
60825ba535 Clean up reference usage warnings in DirectionDetector plugin 2010-05-05 10:51:05 -07:00
Brion Vibber
bb94b78e89 Handle timeout more gracefully in background pings
Added a 2-second default timeout for XMLRPC/extended pings, configurable as [ping,timeout].
No longer repeating the entire ping section if we had an HTTP error during a submission.
For now, dropping the bad item and continuing on with others. (Todo: individual retry and cleaner discards of blacklisted broken-for-now sites.)
2010-05-04 18:43:32 -07:00
Brion Vibber
5f5d9518bd Avoid spewing giant debug backtrace into exception in certain OStatus subscription failure cases.
The code pattern 'new XXXException($e)' to chain exceptions doesn't actually work as intended, as exceptions are actually expecting a string message here.
This caused an implicit string conversion from HTTP_Request2_Exception, which is a PEAR_Exception, which defines an absurdly detailed __toString() method including a giant HTML table with a backtrace if you happen to be on a web request.
Simply passing $e->getMessage() instead clears this up, as we'll get the nice short message like 'Couldn't connect to tcp://blahblah:80'
2010-05-04 17:11:43 -07:00
Zach Copley
9d2c3d45bc Add Emacs Identica-mode to notice sources 2010-05-04 12:31:55 -07:00
Brion Vibber
67eeaa9cf4 Pull localization updates from 0.9.x branch 2010-05-03 12:27:44 -07:00
Zach Copley
940a8c2c1e Updated README to include one-liner about fixed installer in the noteable changes section 2010-05-03 12:02:50 -07:00
Brion Vibber
c2f620ed67 Update release date 2010-05-03 11:46:01 -07:00
Brion Vibber
df4462611c Revert "Update PEAR::Mail to 1.2.0 release; fixes deprecation warnings running under PHP 5.3."
This reverts commit 9fd02a4f11.

Looks like there's some changes I missed in there and getting this in'll involve updating some other packages. Will poke it after 0.9.2.
2010-05-01 09:51:25 -07:00
Brion Vibber
9fd02a4f11 Update PEAR::Mail to 1.2.0 release; fixes deprecation warnings running under PHP 5.3. 2010-04-30 13:47:46 -07:00
Brion Vibber
a39efbd8d8 Update XMPPHP to last upstream release (r77), includes an XML quoting fix. 2010-04-30 13:37:40 -07:00
Brion Vibber
ecfe6b8944 Update codename in common.php 2010-04-29 16:08:20 -07:00
Zachary Copley
a5761dd814 Update release notes and version number for 0.9.2 2010-04-29 16:06:04 -07:00
Brion Vibber
ae2986527c Pull localization updates from 0.9.x 2010-04-29 15:52:10 -07:00
Brion Vibber
50d5f5e04c Merge branch 'master' into testing 2010-04-29 15:12:02 -07:00
Brion Vibber
cb5d6d5c30 Fix charset setting for plugin localizations; default setting was blanking out non-ASCII chars. Needed for eg Bulgarian translation of Facebook plugin, was previously showing all as ???s. Now works yay! 2010-04-28 23:06:08 +00:00
Brion Vibber
f5c82d9d60 add rsd to the list of login actions
Allows rsd.xml to be reached on private sites. Fixes http://status.net/trac/ticket/2309

Conflicts:

	index.php
2010-04-28 11:05:31 -07:00
Brion Vibber
8fd0059bf6 Test cases and fixes for Atom and RSS content decoding.
Fix extraction of Atom <content type="text"> and <content type="html">; we were failing to escape plaintext source data to HTML, and doing an extraneous double-deescape on HTML source resulting in breakage of notices containing text that looks like HTML. Only <content type="xhtml"> was working correctly previously.
Fixes for RSS2 content processing: we were failing to load <content:encoded> at all due to using wrong element name, and were applying an extraneous de-escape for <description> rather than the escaping that is required to turn plaintext into HTML. (Per spec, <description> must be plaintext.)
2010-04-23 15:40:48 -07:00
Brion Vibber
dd7b95c2cf Merge branch 'master' into testing 2010-04-23 14:26:57 -07:00
Brion Vibber
9c8052e755 Rerun feed discovery and update the feed, salmon, and hub for the given OStatus remote profile. Restarts subscription fresh as well.
update-profile.php -sexample.com http://example.com/path/to/profile/url
2010-04-23 12:54:31 -07:00
Brion Vibber
4beaba9fb0 Ticket #93: pretty up the auto-submit for OpenID logins a bit.
* throwing in our spinner
* cleanup of texts
* "If this doesn't go through click the button" instead of just a mystery button
* slightly faster submission: immediate at end of page rather than waiting for jQuery to confirm document setup completion
2010-04-23 11:28:50 -07:00
Brion Vibber
0f975f4215 Fix to regression in last commit; wrong field name for homepage blacklist 2010-04-23 08:24:53 -07:00
Brion Vibber
390a2a8624 Fix for Blacklist plugin: was saving an empty entry if blacklist was empty, which would match *all* possible nickname registrations, preventing all registration on mozilla.status.net.
Now saving only non-empty lines, and only matching non-empty lines so we don't fail if we still have a bogus entry.
2010-04-23 07:17:52 -07:00
Brion Vibber
67b8b1334f Fix keys / keyTypes for Blacklist plugin - was spewing notices for undefined array indexes when saving blacklist entries from admin panel 2010-04-23 07:10:36 -07:00
Brion Vibber
7bdea95ccb Fix to make blowing of replies stream cache more consistent when receiving replies. (Was being done at mail notify time instead of at save time for local replies; now moved to reply save time internally so it can't get forgotten) 2010-04-23 06:55:46 -07:00
Brion Vibber
fd9d520aeb OStatus: CLI script to force a renewal on the given PuSH subscription. May help when we get out of sync with the hub.
php plugins/OStatus/scripts/resub-feed.php -smysite http://example.com/some/atom/feed
2010-04-22 06:14:40 +02:00
Evan Prodromou
a129c455a2 Fix exceptions with bad gravatar URLs 2010-04-21 18:19:16 -07:00