Commit Graph

643 Commits

Author SHA1 Message Date
Zach Copley
9fb08ec45e CSRF protection in remotesubscribe
darcs-hash:20080829054038-7b5ce-d0503a8eb7f89a9d2de4aadd4550f4342b943b09.gz
2008-08-29 01:40:38 -04:00
Zach Copley
a034e13bf0 CSRF protection in emailsettings
darcs-hash:20080829053337-7b5ce-6d94638c57d185e5d44e02ad458593a3f4de36d9.gz
2008-08-29 01:33:37 -04:00
Evan Prodromou
2dc50d7e37 CSRF protection in user registration
darcs-hash:20080829054017-84dde-c9268e5c815934dcbca2451dd6c9016f2ac4a03a.gz
2008-08-29 01:40:17 -04:00
Zach Copley
47726844a0 CSRF protection in recoverpassword
darcs-hash:20080829052824-7b5ce-39a8fd299b7a85793ad7a19fe00c93813ca882b6.gz
2008-08-29 01:28:24 -04:00
Evan Prodromou
98e941753b session token in userauthorization form
darcs-hash:20080829052847-84dde-a64918a75f8300ec8fb230202881691066147652.gz
2008-08-29 01:28:47 -04:00
Evan Prodromou
63438008e0 csrf protection in userauthorization
darcs-hash:20080829052732-84dde-0ebb7e32236b480cc3aa2eb7a4bb2b41ff6177d6.gz
2008-08-29 01:27:32 -04:00
Evan Prodromou
9b741c4f9a better client error on CSRF problem with subscribe/unsubscribe
darcs-hash:20080829051628-84dde-2a339a35c422afb9ec04f757771764ed43b2c28b.gz
2008-08-29 01:16:28 -04:00
Evan Prodromou
4272da4e9e CSRF protection for subscription/unsubscription
darcs-hash:20080829051104-84dde-9bd23c28c2c8a720046060a33ff3e5f246c47116.gz
2008-08-29 01:11:04 -04:00
Zach Copley
2e239e3fbb CSRF protection in imsettings.php
darcs-hash:20080829035707-7b5ce-69a9ff98390ff8b9671ede948d78fdb37371aac6.gz
2008-08-28 23:57:07 -04:00
Zach Copley
6be7cbc5cd CSRF protection in smssettings.php
darcs-hash:20080829035118-7b5ce-57613e88b29617ea422c7f7003e81ef885e3debb.gz
2008-08-28 23:51:18 -04:00
Evan Prodromou
6afb7f576e add csrf protection to profile settings
darcs-hash:20080829043909-84dde-c70a633c93ab89560bc300817bda66eebf6176cf.gz
2008-08-29 00:39:09 -04:00
Evan Prodromou
9a65f45c45 CSRF protection in openidsettings
darcs-hash:20080829042908-84dde-1d1a22dfd3d89c5521aeb9069dc64c5f6dad3a27.gz
2008-08-29 00:29:08 -04:00
Evan Prodromou
d0a466bdb7 swap around some stuff to show the form correctly on a CSRF error in openidlogin
darcs-hash:20080829040925-84dde-7195734eeb3df6439c099c1139caf77e2c2ea3c1.gz
2008-08-29 00:09:25 -04:00
Evan Prodromou
42a6492152 CSRF protection for OpenID form
darcs-hash:20080829035934-84dde-cf36fd802bed76fdf15ac39b838494a414d5cc1e.gz
2008-08-28 23:59:34 -04:00
Evan Prodromou
d6dd35a66a add a token for CSRF avoidance
darcs-hash:20080829034854-84dde-a636b446dc254aaa77ac65f63be01e49c192bf32.gz
2008-08-28 23:48:54 -04:00
Evan Prodromou
93e67c7133 show error in delete notice
darcs-hash:20080829025559-84dde-bd29b5e6750a1ff72bd39e8e76bde325b0313fb8.gz
2008-08-28 22:55:59 -04:00
Evan Prodromou
dd55916d56 CSRF protection in deletenotice
darcs-hash:20080829025127-84dde-b3e2eb64b7dd8302037f471f6dba6949e2e15ecc.gz
2008-08-28 22:51:27 -04:00
Evan Prodromou
d3c86d0016 add CSRF protection to avatar
darcs-hash:20080829023919-84dde-38e4bf6bddc120a221af5f856d9f88b7a532096b.gz
2008-08-28 22:39:19 -04:00
Evan Prodromou
d146355875 return after failed token
darcs-hash:20080829023731-84dde-8920bbaf1e1f171829d0acff3f89ec987deb6368.gz
2008-08-28 22:37:31 -04:00
Evan Prodromou
ff566a149d add session token check to password change
darcs-hash:20080829014515-84dde-bce51f66ba0b3b4347a55a70b2b266b72c242304.gz
2008-08-28 21:45:15 -04:00
Evan Prodromou
b1ff7d7a2b fix error storing uris of remote notices
darcs-hash:20080826211108-84dde-b277bdb1476b9cec0c0d93fa8d565c4642ba16c8.gz
2008-08-26 17:11:08 -04:00
Evan Prodromou
3fda5a684f notify user of remote subscriptions
darcs-hash:20080824200517-84dde-9662d89dbcd948e3ef7b7f8d4e82d90b4891c684.gz
2008-08-24 16:05:17 -04:00
Evan Prodromou
a20a038542 be a little more liberal for sites that accidentally put whitespace before the xml decl
darcs-hash:20080824013803-84dde-9c5d9ce9c588cfb9baddae64366e3417f0a5fee9.gz
2008-08-23 21:38:03 -04:00
Evan Prodromou
7d6e1bb47f request token is not readonly
darcs-hash:20080824011706-84dde-bf35373c3bfc631f8285f8630155195c3c5cc304.gz
2008-08-23 21:17:06 -04:00
CiaranG
92645bbc57 XMPP sub/unsub and help commands
darcs-hash:20080822191032-f6e2c-a3a7efbbaad1ec7c48ef132a8ba34fc8b8651969.gz
2008-08-22 15:10:32 -04:00
Evan Prodromou
ea40dabb39 better error reporting in user authorization action
darcs-hash:20080822212111-84dde-2770093fcfaa6fe03abb1143d3828f0622382b45.gz
2008-08-22 17:21:11 -04:00
Evan Prodromou
a91cd75c17 local-only is optional on public timeline
darcs-hash:20080822210307-84dde-c90f6e7953d11c5b12c7a084ac23e5578412932c.gz
2008-08-22 17:03:07 -04:00
zach
0b87bf6c54 Twitter-compatible API - RESTfulness checks as per Twitter
darcs-hash:20080819214923-462f3-83ab492cb93c1ba643beb70853578cbd7ac35d61.gz
2008-08-19 17:49:23 -04:00
zach
9c29b9ad62 Twitter-compatible API - /statuses/show - better err msg if notice doesn't exist
darcs-hash:20080819202318-462f3-bc08a105c6b41b6a89a2358962440f68a9a79c7f.gz
2008-08-19 16:23:18 -04:00
zach
e980ebc714 Twitter-compatible API - Added /statuses/followers to methods that
require bareauth only if no nickname/id is supplied.

darcs-hash:20080819195431-462f3-93d27cf980fd09aeb30ea741639c1650baecad60.gz
2008-08-19 15:54:31 -04:00
zach
55f5bea21e Twitter-compatible API - /statuses/destroy method implemented
darcs-hash:20080819194610-462f3-eb736e4cfc817b479e1e8e52db03b5f44cdb3d2a.gz
2008-08-19 15:46:10 -04:00
zach
e440b9cea0 Twitter-compatible API - moved show() to the right file
darcs-hash:20080819003931-462f3-4b5b838a2fc5f872391581a189d33abdd8eeb744.gz
2008-08-18 20:39:31 -04:00
zach
d57bc1b8e9 Twitter-compatible API - running all strings through gettext() now
darcs-hash:20080819002903-462f3-94e62891db9b9de049a918034742e545f663e840.gz
2008-08-18 20:29:03 -04:00
Evan Prodromou
d1277820f8 add remote flag to broadcast of notices
darcs-hash:20080819182824-84dde-84d93fae2c4b0d6acee646999bad8e8bb9752c7b.gz
2008-08-19 14:28:24 -04:00
Evan Prodromou
0dce3d959b broadcast remote notices
darcs-hash:20080819182724-84dde-d2cece72dfb7f4f9f5b5cb4574812fdd32daa601.gz
2008-08-19 14:27:24 -04:00
Evan Prodromou
ee858bc880 accept 140 chars in API, too
darcs-hash:20080817192710-84dde-47e8da809c930c7c4528e3cb920d9a448e56d4c0.gz
2008-08-17 15:27:10 -04:00
Evan Prodromou
1c021edad5 typo in forgotten password string
darcs-hash:20080817163324-84dde-0b7f3449b7f6e96704518340351ada9ec0e56bbb.gz
2008-08-17 12:33:24 -04:00
Evan Prodromou
bee7caaafc debug for content too long
darcs-hash:20080817152419-84dde-5df1554695bd8560e5affa0ff74f7d0ab7c7c3ff.gz
2008-08-17 11:24:19 -04:00
Evan Prodromou
164a15d253 accept 140-character UTF-8 strings to content
darcs-hash:20080817151751-84dde-b3fc3ee57872f53a465fd9b45f4255e5e3be3450.gz
2008-08-17 11:17:51 -04:00
Evan Prodromou
5b01880685 name omb_listener param so we can refer to it in error msg
darcs-hash:20080816151057-84dde-e9df2c91a2711b235aa936a28e250715fc7c6d50.gz
2008-08-16 11:10:57 -04:00
zach
35d1714621 Twitter-compatible API: support for new in_reply_to_status_id in statuses/update
darcs-hash:20080815185317-ca946-11c3f9f7255180d5d6ea7b115b3e33b2abb7fe93.gz
2008-08-15 14:53:17 -04:00
zach
a95242bd1d Twitter-compatible API: removed redundant decoding step; already taken care of by util.php's common_render_content()
darcs-hash:20080813193327-ca946-c0160fbcc04771e39e303470d3418e84973a8189.gz
2008-08-13 15:33:27 -04:00
Evan Prodromou
7554f2561c move user registration to a single static method
darcs-hash:20080814002038-84dde-8505d4e083056b770db128129a95be639d8e7f0a.gz
2008-08-13 20:20:38 -04:00
Evan Prodromou
0bba990e2f fix problem with new notices
darcs-hash:20080811181158-84dde-338f926bd4c161ea55ef8600fac254f216413ad4.gz
2008-08-11 14:11:58 -04:00
zach
3a124c5f53 Twitter-compatible API - /statuses/update.format now decodes HTML chars, such as &
darcs-hash:20080731224911-ca946-1cb52c7592d48174437c1896c41a4dd853a9e5c7.gz
2008-07-31 18:49:11 -04:00
Evan Prodromou
37c5e8ca3c make tag dropoff configurable
darcs-hash:20080811175820-84dde-f3d934495fa90fadde5f7d5d0c37c5f2a575a9d8.gz
2008-08-11 13:58:20 -04:00
Evan Prodromou
12aba8ba32 emergency fixup for bad notices in notice search
darcs-hash:20080811175318-84dde-080db6e81589e794761daab868706704d39e2f1b.gz
2008-08-11 13:53:18 -04:00
Evan Prodromou
4c8dfadf2d make init of lang environment happen earlier, or when user language may have changed
darcs-hash:20080806034515-84dde-e32cbfec2890f50b610d0441659180038b060473.gz
2008-08-05 23:45:15 -04:00
Evan Prodromou
f2203d1df6 better handling of unconfirmed email addresses
darcs-hash:20080804133253-84dde-4b1ceb6feabaaad503f8777d6f21545b2bb87e85.gz
2008-08-04 09:32:53 -04:00
Evan Prodromou
506843e55d use an outstanding unconfirmed email address for password recovery if available
darcs-hash:20080804130914-84dde-77e1683ec76b26e9a3838d82cbe7827246db22dd.gz
2008-08-04 09:09:14 -04:00