Commit Graph

4612 Commits

Author SHA1 Message Date
Mikael Nordfeldth
7e6783bb8f Replace htmLawed with HTMLPurifier 2016-01-28 19:01:13 +01:00
Mikael Nordfeldth
daea5647b6 Merge branch 'nightly' of git.gnu.io:gnu/gnu-social into mmn_fixes 2016-01-28 17:27:08 +01:00
mmn
9b3cbb373e Merge branch 'oembed_fb_wp_branch' into 'nightly'
Oembed: Fix UTF-8 bug and better wp&fb data (updated!)



See merge request !97
2016-01-28 16:26:33 +00:00
Mikael Nordfeldth
efe23ed404 updateWithKeys now understands multi-column keys
and automatically identifies _which_ columns are the right ones,
so for example 'uri' primary keys don't need to be explicitly set
2016-01-28 16:42:59 +01:00
hannes
05439831e7 add comment that DOMDocument('1.0', 'UTF-8') does not work 2016-01-28 15:32:11 +00:00
hannes
06e325d61b fixes two issues when the oembed thumbnail is blank 2016-01-28 15:19:29 +00:00
Mikael Nordfeldth
7c80c9a1f9 Meh, let's just remove FirePHP, I don't think anyone uses it 2016-01-28 13:48:44 +01:00
mmn
dfc11f99ad Merge branch 'update-extlib-firephp' into 'nightly'
Update FirefPHP Core to v0.4.0 released on 23 Apr 2013



See merge request !92
2016-01-28 12:41:34 +00:00
Mikael Nordfeldth
bb0cb9b3f6 Manual merge of !87 Update LDAP2 extlib to 2.2.0 (stable) released on 2015-10-30
Thanks postblue
2016-01-28 13:35:23 +01:00
mmn
c01982c917 Merge branch 'oembed_thumbnail_branch' into 'nightly'
add a thumbnail to oembed response

just something i added to quitim

See merge request !85
2016-01-26 21:09:07 +00:00
hannes
aa76e5863f don't mess upp charsets in oembed/og! check for utf-8 in http header and meta tags, and add prolog when loading html with DOMDocument() 2016-01-26 13:37:52 +00:00
hannes
b8d1e1f4a6 silence errors on these xpath queries 2016-01-26 11:28:24 +00:00
hannes
884aeb4d2e common_purify() doesn't remove wordpress' and facebook's javascript properly, maybe better to keep the data intact, and do strip_tags or something similar when using the data 2016-01-26 01:10:15 +00:00
hannes
473f893d04 detab 2016-01-26 01:07:44 +00:00
hannes
76c8139054 not pretty, but gives us better oembed data for wordpress and facebook 2016-01-26 01:05:53 +00:00
Roland Haeder
9614aba0e1
Removed plugin Google-Analytics as this is free/libre and decentralized
software and should not promote centralized proprietary software. Please see
the included Piwik plugin for a more decentralized alternative!

Signed-off-by: Roland Haeder <roland@mxchange.org>
2016-01-25 13:19:43 +01:00
postblue
fef52d7b51 Update FirefPHP Core to v0.4.0 released on 23 Apr 2013 2016-01-24 21:11:38 +01:00
Mikael Nordfeldth
ef005987a1 Did the OpportunisticQM fixes in the wrong order 2016-01-22 12:26:53 +01:00
Mikael Nordfeldth
1121b38eb1 use connect_timeout value for execution margin 2016-01-22 12:21:06 +01:00
Mikael Nordfeldth
81f9a59f25 use connect_timeout value for execution margin 2016-01-22 12:19:17 +01:00
hannes
d0e2f8745d add a thumbnail to oembed response 2016-01-21 18:48:30 +00:00
Mikael Nordfeldth
3f9c1c142a Removing unnecessary debug messages etc. 2016-01-21 02:49:34 +01:00
Mikael Nordfeldth
be1759f112 i18n 2016-01-21 02:37:07 +01:00
Mikael Nordfeldth
81bf0fd261 Various last fixes to RSVP I think 2016-01-21 02:20:57 +01:00
Mikael Nordfeldth
f74d2d555c Working on some RSVP code stuff 2016-01-21 02:10:34 +01:00
Mikael Nordfeldth
45b523bada Add xcal namespaces to location and url in event
Also, for fun, add stuff for RSS event module, see:
   http://web.resource.org/rss/1.0/modules/event/
2016-01-20 21:07:55 +01:00
Mikael Nordfeldth
21cc737f5c Cancelling RSVPs now seems to work. 2016-01-20 16:10:10 +01:00
Mikael Nordfeldth
64e74d527f Handle exceptions when salmon slapping
Make it so notifyDeferred actually _always_ throws exceptions and handle
them in the places it is called.
2016-01-20 15:32:39 +01:00
Mikael Nordfeldth
c393bc9563 In very specific circumstances we can bulkDistribute 0 notices
Seems to be what caused an infinite loop on quitter.es, or I guess so anyway.
2016-01-20 15:32:29 +01:00
Mikael Nordfeldth
912d65c767 bulkDistribute won't add empty lists to database 2016-01-20 15:32:24 +01:00
Mikael Nordfeldth
fa8e02b832 Handle exceptions when salmon slapping
Make it so notifyDeferred actually _always_ throws exceptions and handle
them in the places it is called.
2016-01-20 14:56:24 +01:00
Mikael Nordfeldth
80dc2788dd Started fiddling with CancelRSVP but more must be done
Remember to make event_uri be the selector for CancelRSVPForm and
preferrably even merge it into RSVPForm!
2016-01-19 01:41:06 +01:00
Mikael Nordfeldth
477d71c0bf RSVP stuff, mostly forms.
Now fix CancelRSVP stuff so it gets by event_uri and can cancel existing RSVP.
2016-01-19 01:33:09 +01:00
Mikael Nordfeldth
84dda697d6 RSVPs seem to be created now, just gotta fix CancelrsvpAction 2016-01-19 01:10:06 +01:00
Mikael Nordfeldth
73992a1ed8 Use "newer" terminology and throw exceptions 2016-01-19 00:21:16 +01:00
Mikael Nordfeldth
9eea255c79 Save with options so we get source=web 2016-01-19 00:08:31 +01:00
Mikael Nordfeldth
358684a5ed end_str, not start_str 2016-01-19 00:01:30 +01:00
Mikael Nordfeldth
385705c65b Events get rendered. 2016-01-18 23:58:32 +01:00
Mikael Nordfeldth
cae344b67b Events are now saved but not displayed properly again 2016-01-18 20:57:44 +01:00
Mikael Nordfeldth
486a02d60d First steps on making NeweventAction a FormAction
Also saving new Happening objects via Notice::saveActivity
2016-01-18 18:42:42 +01:00
Mikael Nordfeldth
6dc0477c00 Let the remote side know the Salmon was accepted (sorta) 2016-01-16 22:39:59 +01:00
Mikael Nordfeldth
deda83fdef Distinguish notice saving errors from others for Salmon 2016-01-16 22:39:04 +01:00
Mikael Nordfeldth
0797ee0871 EmptyIdException doesn't carry ->obj 2016-01-16 21:12:53 +01:00
Mikael Nordfeldth
c559b8ce2a bulkDistribute won't add empty lists to database 2016-01-16 17:34:27 +01:00
Mikael Nordfeldth
f53ebdeadb Start handling salmon entries directly with Notice::saveActivity
More to come...
2016-01-16 17:25:29 +01:00
Mikael Nordfeldth
2b67b53112 In very specific circumstances we can bulkDistribute 0 notices
Seems to be what caused an infinite loop on quitter.es, or I guess so anyway.
2016-01-16 17:18:14 +01:00
mmn
44c10bb2aa Merge branch 'oembed_branch' into 'nightly'
purify oembed html and don't allow cdata

hopefully we never need stuff in cdata

reason for this is that this link serves javascript in its oembed data: https://www.maketecheasier.com/switch-windows-10-to-linux/

see:
https://www.maketecheasier.com/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.maketecheasier.com%2Fswitch-windows-10-to-linux%2F

i don't feel we want that in our database.  

See merge request !79
2016-01-15 13:11:35 +00:00
Mikael Nordfeldth
2af9de4f23 Minor fixes in Linkback plugin 2016-01-14 19:14:24 +01:00
Mikael Nordfeldth
0caf0612d0 Make Twitter Media upload API v1.1 reach us
Now we just have to accept the 'media' or 'media_data' (base64 encoded)
POST arguments instead of $_FILES uploads.
2016-01-14 18:29:21 +01:00
Mikael Nordfeldth
2f1bfe126b Debug message formatting gone wrong 2016-01-14 13:52:11 +01:00
Mikael Nordfeldth
59e75ef966 Incorrect use of getByHashKey in HubSub 2016-01-14 13:15:31 +01:00
Mikael Nordfeldth
f092026541 Documentation fix from master 2016-01-14 13:11:27 +01:00
Mikael Nordfeldth
bacd49a6a8 Don't try to replace http with https if https already exists 2016-01-14 13:06:37 +01:00
Björn Schießle
b7c849b5b0 array need to contain key/value pairs 2016-01-14 12:39:39 +01:00
Mikael Nordfeldth
83cb1dfa68 Salmon debugging 2016-01-14 03:48:41 +01:00
Mikael Nordfeldth
53339ff463 Fake oEmbed version in OpenGraph return object 2016-01-14 02:09:12 +01:00
Mikael Nordfeldth
cf7d2f4d0f Salmon queue handler getByID for exception throwing 2016-01-14 01:51:00 +01:00
Mikael Nordfeldth
0482b7de8e Debugging by indexing callback column in HubSub 2016-01-13 22:57:42 +01:00
Mikael Nordfeldth
24d9d76644 OpenGraph image/thumbnail width and height 2016-01-13 22:07:39 +01:00
Mikael Nordfeldth
adba38ce20 Deleted_notice is pluginified, don't call directly from core 2016-01-13 21:29:23 +01:00
Mikael Nordfeldth
45dd343126 Eventify Notice getAsTimestamp (for Deleted_notice) 2016-01-13 21:01:47 +01:00
Mikael Nordfeldth
8ab98b72ac getLeaseRemaining for FeedSub too 2016-01-13 20:01:00 +01:00
Mikael Nordfeldth
377947c57f s/getLease/getLeaseTime/ just to be a bit more clear 2016-01-13 19:55:17 +01:00
Mikael Nordfeldth
1d26fedf12 Don't store lease seconds, just sub start and end
The seconds can always be calculated from the dates!
2016-01-13 19:45:20 +01:00
Mikael Nordfeldth
494746e665 Minor PuSH comment and debug stuff 2016-01-13 19:25:39 +01:00
Mikael Nordfeldth
a5fd4fde25 Request a month long sub lease by default 2016-01-13 19:24:07 +01:00
Mikael Nordfeldth
b38a789005 HubSub didn't save sub start and end datetimes 2016-01-13 19:23:34 +01:00
hannes
ee305891c4 purify oembed html 2016-01-13 16:03:38 +00:00
Mikael Nordfeldth
5c262a788d Unused, unnecessary and intrusive cookie/storage removed! 2016-01-13 15:22:28 +01:00
Mikael Nordfeldth
3720e37f06 property attribute could be null in meta tags of course 2016-01-13 14:24:00 +01:00
Mikael Nordfeldth
99da1ebe41 Catch NoHttpResponseException when using HTTPClient 2016-01-13 14:17:49 +01:00
Mikael Nordfeldth
3ed632decf NoHttpResponseException needed instead of HTTP_Request2_Exception
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
Mikael Nordfeldth
e75472f460 Use the upstream function to get effectiveUrl 2016-01-13 14:00:05 +01:00
Mikael Nordfeldth
3658774429 Super-basic OpenGraph image preview support, "works for me" 2016-01-12 15:29:03 +01:00
Mikael Nordfeldth
f4feef477b Don't follow redirects on PuSH POST. 2016-01-12 14:32:28 +01:00
Mikael Nordfeldth
c826fe0af4 $target was klantigtly copied from another debug message 2016-01-11 20:10:38 +01:00
Mikael Nordfeldth
bd6efa0e45 Update PuSH callback URL if remote side switched to HTTPS
See the comment in the source on why we're not following Location headers...
2016-01-11 19:55:02 +01:00
Mikael Nordfeldth
f24cdf4a80 Much more logging in PushHubAction (OStatus) 2016-01-11 19:54:05 +01:00
Mikael Nordfeldth
8acf930c45 OpportunisticQM matches against _system_ max_execution_time
Probably never runs if max_execution_time is 0. I'll handle that later.
2016-01-11 13:35:29 +01:00
Mikael Nordfeldth
b13f8df79b HTTPClient would return null instead of exception
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
Mikael Nordfeldth
e498bc6b7b Control OpportunisticQM verbosity 2016-01-10 00:51:25 +01:00
Mikael Nordfeldth
7fbf72f9c1 Minor changes to OpportunisticQM for debugging 2016-01-10 00:48:04 +01:00
Mikael Nordfeldth
42dff2742a Put salmon slaps in queues before pushing user Atom feed 2016-01-10 00:29:32 +01:00
Mikael Nordfeldth
c3c5a9974d Do proper fromUri lookup on groups too 2016-01-09 14:36:47 +01:00
Mikael Nordfeldth
fbec7c4e75 Issue #121 - use correct Group ID and strict User_group typing 2016-01-09 14:06:50 +01:00
Mikael Nordfeldth
4e0ed61f7c OStatus queue handler uses Notice->getAttentionProfiles()
and lots more debugging for LOG_DEBUG
2016-01-08 01:31:47 +01:00
Mikael Nordfeldth
c48871cf1b Notice from web now saves context->attention too! ;) 2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
d4be5349b3 think I have managed to show oEmbed images better now 2016-01-07 17:35:37 +01:00
Mikael Nordfeldth
9e5c71e701 Fixed group representation in Directory plugin, also some ->raw calls 2016-01-07 12:58:14 +01:00
Mikael Nordfeldth
c02f23e63f Return Profile objects from getGroups in GroupdirectoryAction 2016-01-07 12:35:52 +01:00
Mikael Nordfeldth
e7308b0ecb Max execution time margin for OpportunisticQM
I guess it could continue a bit too long in case it got a really long
(failing, timeouting) HTTP request just before max_execution_time hit.
2016-01-07 11:58:09 +01:00
Mikael Nordfeldth
1a1e44cdfd Issue #118 wanted better TOR support, now Avatar URLs are not stored
There was no reason to store the generated Avatar URLs because it's so
cheap to generate them on the fly.
2016-01-06 16:14:26 +01:00
Mikael Nordfeldth
b596391fcd Avoid having to check for notices without rendered copies in upgrade.php
Always call the Notice->getRendered() function to get a rendered copy.
We could perhaps put some sanitation there too in the future
2016-01-06 15:32:27 +01:00
Mikael Nordfeldth
0fd2ad649e Conversation IDs (again) no longer based on Notice ID 2016-01-06 13:58:46 +01:00
mmn
2c5460eb0e Merge branch 'openid-plugin' into 'nightly'
OpenID plugin: 'openid_only' should be 'openidonly'

To match everywhere else.

See merge request !72
2016-01-05 23:28:28 +00:00
Mikael Nordfeldth
9a75778b29 If there's no Happening, we can't use the RSVP. 2016-01-05 15:00:34 +01:00
Mikael Nordfeldth
3471213d1c processFeed would abort on certain errors where findLocalObject failed 2016-01-05 15:00:07 +01:00
Mikael Nordfeldth
ab93bb009c XSS vulnerability when remote-subscribing
->raw was used on non-filtered strings for some reasons, changed
to ->text.
2016-01-05 12:15:50 +01:00
Chimo
bf0df016e5 OpenID plugin: 'openid_only' should be 'openidonly'
To match everywhere else.
2016-01-04 10:36:05 -05:00
Mikael Nordfeldth
f7a1c8a94c The $options array isn't used here 2016-01-04 01:48:54 +01:00