Mikael Nordfeldth
ec257d940a
Either use or don't use HTTPS
...
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
2016-02-10 00:57:39 +01:00
Mikael Nordfeldth
3dea259f52
Return intval from getID()
2016-02-08 12:21:46 +01:00
Mikael Nordfeldth
e903bd0bc3
Hacky support for geo URI detection
...
Won't work with common_purify yet because there is no geo uri scheme for it
2016-02-03 14:19:08 +01:00
Mikael Nordfeldth
6a4aa34b0c
Don't process further in redirection if HEAD gives 400 Bad request
2016-02-03 00:34:49 +01:00
Mikael Nordfeldth
40cffb9463
File::isProtected is static
2016-02-03 00:22:18 +01:00
Mikael Nordfeldth
c6ae883ad2
Don't trust local HTML either
...
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
2016-01-30 00:00:37 +01:00
Mikael Nordfeldth
efe23ed404
updateWithKeys now understands multi-column keys
...
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
hannes
a888294135
add our own protected urls
2016-01-25 19:00:46 +00:00
hannes
ca0c792ed3
File and File_redirection records are saved in File_redirection::where() now
2016-01-25 19:00:05 +00:00
hannes
48e1a2431b
save File and File_redirection records in File_redirection::where(), because then we will have to run where() over and over again
2016-01-25 18:55:48 +00:00
Mikael Nordfeldth
a9d18a077e
Harmonize, clarify, categorize URL schemes
...
Regular expression + avoid-redirection list now match each other.
2016-01-24 12:47:31 +01:00
Mikael Nordfeldth
1cec627d72
Allow bitcoin scheme to URLs
2016-01-24 12:44:28 +01:00
Mikael Nordfeldth
f74d2d555c
Working on some RSVP code stuff
2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
5999171c11
Throw NoObjectTypeException on Notice->getObjectType if no string
2016-01-20 21:37:14 +01:00
Mikael Nordfeldth
7715ea993b
getVerb function in Notice class
2016-01-18 22:02:05 +01:00
Mikael Nordfeldth
6c46a93a81
Minor improvements on Notice::saveActivity
2016-01-18 19:29:45 +01:00
Mikael Nordfeldth
11b925c4ca
Use a function to getCreated()
2016-01-18 17:03:37 +01:00
Mikael Nordfeldth
deda83fdef
Distinguish notice saving errors from others for Salmon
2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
a85a08ff35
Add a check in Notice->asActivityObject that we're actually returning such a thing!
2016-01-16 21:13:26 +01:00
Mikael Nordfeldth
fdfa71a033
Extremely verbose debugging is annoying
2016-01-16 18:04:04 +01:00
Mikael Nordfeldth
1f76c1e4a9
Initial user doesn't need as strict checking on email
2016-01-16 17:23:50 +01:00
Mikael Nordfeldth
0caf0612d0
Make Twitter Media upload API v1.1 reach us
...
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
45dd343126
Eventify Notice getAsTimestamp (for Deleted_notice)
2016-01-13 21:01:47 +01:00
Mikael Nordfeldth
961725205d
Try if Profile is a Person (in effect ActivityObject::PERSON)
2016-01-13 18:34:48 +01:00
Mikael Nordfeldth
e75472f460
Use the upstream function to get effectiveUrl
2016-01-13 14:00:05 +01:00
Mikael Nordfeldth
b696fb4eb1
Mimetypes like image/svg+xml were misinterpreted when guessing
...
We don't really need the mb_ in mb_strtolower but what the heck, why not. I love Unicode.
2016-01-12 13:46:25 +01:00
Mikael Nordfeldth
93c614c184
Do updateWithKeys properly if someone would like to update PRI
2016-01-11 19:52:33 +01:00
Mikael Nordfeldth
67801a5566
Not only local groups should be added to group inbox notificiation table
2016-01-09 15:14:38 +01:00
Mikael Nordfeldth
5ef10a14ef
Get group attentions too for outbound notices
2016-01-09 15:06:44 +01:00
Mikael Nordfeldth
c3c5a9974d
Do proper fromUri lookup on groups too
2016-01-09 14:36:47 +01:00
Mikael Nordfeldth
d1e609a886
Local user profile getUrl gives dynamically generated URL
2016-01-09 13:47:38 +01:00
Mikael Nordfeldth
f143925931
Actually return the group home URL
2016-01-09 13:33:30 +01:00
Mikael Nordfeldth
28cd5640c1
Save attentions to Reply table for backwards compatibility
...
local users only of course
2016-01-08 01:59:16 +01:00
Mikael Nordfeldth
c48871cf1b
Notice from web now saves context->attention too! ;)
2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
6255e1dca3
saveAttentions, trying to move away from saveReply
2016-01-07 23:23:51 +01:00
Mikael Nordfeldth
3eebf2a353
Don't store the notice object for distrib queue handler, just id
2016-01-07 20:24:59 +01:00
Mikael Nordfeldth
d4be5349b3
think I have managed to show oEmbed images better now
2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
9e5c71e701
Fixed group representation in Directory plugin, also some ->raw calls
2016-01-07 12:58:14 +01:00
Mikael Nordfeldth
839ae571d8
Define User_group::$profile_id among class variables
2016-01-07 12:12:27 +01:00
Mikael Nordfeldth
94392ab00c
Index the verb column since we do COUNT(*) based on it
2016-01-07 11:39:46 +01:00
Mikael Nordfeldth
05d3622939
Conversation entries where id==0 would screw up the "re-auto-increment" sequencing
2016-01-06 22:26:17 +01:00
Mikael Nordfeldth
f1c4c64cd9
Don't update stored URLs just because we have a filename
...
This would overwrite remote URLs with local verisons which removes source href...
The reason one might have filenames for remote URLs is that StoreRemoteMedia plugin
fetches them and uses the filename field.
2016-01-06 19:24:03 +01:00
Mikael Nordfeldth
346e34e543
Return dynamically generated URLs for thumbnails for all locally stored entries
2016-01-06 19:06:29 +01:00
Mikael Nordfeldth
4352d1739d
Always generate notice URLs on the fly for local notices
...
Related to issue #118
2016-01-06 16:24:33 +01:00
Mikael Nordfeldth
1a1e44cdfd
Issue #118 wanted better TOR support, now Avatar URLs are not stored
...
There was no reason to store the generated Avatar URLs because it's so
cheap to generate them on the fly.
2016-01-06 16:14:26 +01:00
Mikael Nordfeldth
7b2036a4b5
Note in the debug log if we render the HTML of a message
2016-01-06 15:37:30 +01:00
Mikael Nordfeldth
b596391fcd
Avoid having to check for notices without rendered copies in upgrade.php
...
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
0fd2ad649e
Conversation IDs (again) no longer based on Notice ID
2016-01-06 13:58:46 +01:00
Mikael Nordfeldth
59d3bbe037
Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes
2016-01-06 00:53:20 +01:00
mmn
d45457e4a9
Merge branch 'nightly' into 'nightly'
...
only count post-notices (i.e. don't include activity-notices in statuses_count in the API)
See merge request !73
2016-01-05 23:53:08 +00:00