Commit Graph

9238 Commits

Author SHA1 Message Date
Zach Copley
379df1ce3e Return an http auth error, when a client sends in an invalid auth user, even when http auth is not required. 2010-03-26 18:51:01 +00:00
Brion Vibber
c905d7e9a0 Drop debug statements on every regex match from Blacklist plugin; filling the logs a little faster than ops likes. :) 2010-03-26 10:46:36 -07:00
James Walker
c6c4510192 move base64_url_(encode|decode) to static functions in Magicsig 2010-03-26 13:37:46 -04:00
Evan Prodromou
9c63ae6e44 add whitelist and blacklist for openid URLs 2010-03-25 16:58:05 -04:00
Evan Prodromou
5b23b7e736 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-03-25 16:35:35 -04:00
Evan Prodromou
7f6fdb528c remove debugging calls 2010-03-25 16:35:22 -04:00
Brion Vibber
cd9017408e And clarify a little more 2010-03-25 12:48:31 -07:00
Brion Vibber
38fac1d463 Clarify RewriteBase comment in htaccess.sample 2010-03-25 12:21:02 -07:00
Brion Vibber
800b335906 Merge commit 'origin/master' into testing
Conflicts:
	classes/Notice.php
2010-03-25 11:43:26 -07:00
Evan Prodromou
697222575d Merge branch 'blacklisttable' into testing 2010-03-25 13:51:52 -04:00
Evan Prodromou
920acf8d96 Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing 2010-03-25 13:50:49 -04:00
Evan Prodromou
6e644f77a4 Store blacklist patterns in their own tables
We were bumping into limits on the config format in the Blacklist
plugin. So, added new tables for nickname and homepage blacklists, and
changed the plugin to use those instead of config file (actually,
still uses config file in addition, for compatibility).
2010-03-25 13:49:12 -04:00
Brion Vibber
fd608c0de0 Fix for API group methods, caused failure or output corruption when pulling up local groups by name in api/statusnet/groups/is_member.json/xml 2010-03-24 13:38:06 -07:00
Brion Vibber
a954fd65ba Fix for API group methods, caused failure or output corruption when pulling up local groups by name in api/statusnet/groups/is_member.json/xml 2010-03-24 13:36:57 -07:00
James Walker
9e0b9857f4 Make sure we're requiring the library 2010-03-24 15:26:03 -04:00
James Walker
cfca789b34 Updated Math_Biginteger from upstream - removing safe* workarounds 2010-03-24 15:18:41 -04:00
James Walker
c4273f0ef3 Check for 0.9.0 bad keys from old Crypt_RSA library 2010-03-24 15:15:20 -04:00
James Walker
10410907a0 A bit safer checking in the keypair parsing 2010-03-24 14:27:35 -04:00
Zach Copley
7b1b6045e6 Look for the first object in the Activity 2010-03-24 00:00:55 -07:00
Brion Vibber
fcf86b4fdf Improve legibility of OStatus remote tests output 2010-03-23 18:56:40 -07:00
Brion Vibber
9380eed794 add a general PuSHed post and an @-reply back to a subscribee by name to OStatus remote test cases 2010-03-23 18:44:54 -07:00
Brion Vibber
5e76e0c8ac fixup_deletions.php script to look for notices posted by now-deleted profiles and remove them. 2010-03-23 17:28:43 -07:00
Brion Vibber
13d59e0c76 fixup_deletions.php script to look for notices posted by now-deleted profiles and remove them. 2010-03-23 17:24:01 -07:00
Brion Vibber
df8c9090c0 Add basic subscribe/unsubscribe test to OStatus test cases 2010-03-23 14:19:12 -07:00
Brion Vibber
5f32cf32cd Don't spew XML parse warnings to output when checking a remote XRD page 2010-03-23 14:18:45 -07:00
Brion Vibber
7dc24b4ca7 FOAF was missing OStatus remote subscriptions, now fixed. 2010-03-23 13:10:23 -07:00
Brion Vibber
7277b59734 Merge branch 'master' of git@gitorious.org:statusnet/mainline into testing 2010-03-23 12:13:32 -07:00
Brion Vibber
44caa3a93f Consistently send Profiles into Fave::addNew() 2010-03-23 11:08:30 -07:00
Evan Prodromou
ad608ab9ad prevent password login actions in OpenID-only mode 2010-03-23 12:58:10 -04:00
Brion Vibber
80b16c8499 Don't add PHPSESSID parameter onto notice and conversation URIs if we save a notice during a session override.
This was being triggered by welcomebot messages created at account creation time, then propagated through replies.
2010-03-23 09:56:05 -07:00
Evan Prodromou
dd115fcb08 change router to allow hooking path connections 2010-03-23 12:33:41 -04:00
Evan Prodromou
ff60cb4e66 start making OpenID-only mode work 2010-03-23 12:10:26 -04:00
Evan Prodromou
fcdbf421ab reformat OpenIDPlugin for PHPCS 2010-03-23 11:36:02 -04:00
Zach Copley
5b0b6097e0 Fix reference. Look at the first ActivityObject in the list. 2010-03-22 21:48:21 -07:00
Zach Copley
b8e97ac709 Some initial media parsing
- Activity now returns a list of activity objects
- Processing of photo objects
2010-03-22 18:55:17 -07:00
Zach Copley
073e3a1572 Merge branch 'testing' of gitorious.org:statusnet/mainline into testing
* 'testing' of gitorious.org:statusnet/mainline:
  OStatus remote sending test cases. Doesn't actually run within PHPUnit right now, must be run from command line -- specify base URLs to two StatusNet sites that will be able to communicate with each other.
  Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached.
  Log backtraces for non-ClientException exceptions caught at the top-level handler.
  Confirm there's actually user and domain portions of acct string before assigning things from output of explode(); avoids notice message when invalid input passed to main/xrd
  Fixing HTTP Header LRDD parsing (sites in subdirectories need this)
  Replace the "give up and dump object" attachment view fallback with a client-side redirect to the target URL, which will at least be useful.
  ignore unrecognized object types
  Pull <atom:author> info as well as <activity:actor> when we have an old-style ActivityStreams feed. This fixes subscription setup for Cliqset feeds, which currently have a bogus activity:actor/atom:id but a good atom:author/atom:uri
  Accept 'tag' and other non-http id URIs in Ostatus_profile::getActivityObjectProfileURI().
2010-03-22 18:54:46 -07:00
Brion Vibber
3678e7b89b OStatus remote sending test cases. Doesn't actually run within PHPUnit right now, must be run from command line -- specify base URLs to two StatusNet sites that will be able to communicate with each other.
Current test run includes:
* register accounts (via web form)
* local post
* @-mention using path (@domain/path/to/user)

Subscriptions, webfinger mentions, various paths to subscription and unsubscription, etc to come.
2010-03-22 17:01:50 -07:00
Brion Vibber
27bfd1211d Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached.
Worked around this with a subclass that fixes the wakeup, used for the stored 0 value in the subclassed Crypt_RSA.
2010-03-22 12:17:45 -07:00
Brion Vibber
4168b9cec1 Log backtraces for non-ClientException exceptions caught at the top-level handler. 2010-03-22 11:33:56 -07:00
Brion Vibber
3bb639699c Confirm there's actually user and domain portions of acct string before assigning things from output of explode(); avoids notice message when invalid input passed to main/xrd 2010-03-22 11:27:39 -07:00
Brion Vibber
5697e4edb0 Replace the "give up and dump object" attachment view fallback with a client-side redirect to the target URL, which will at least be useful. 2010-03-22 10:51:01 -07:00
James Walker
a20880ee1e Fixing HTTP Header LRDD parsing (sites in subdirectories need this) 2010-03-22 13:45:13 -04:00
Brion Vibber
7aee7670c7 Replace the "give up and dump object" attachment view fallback with a client-side redirect to the target URL, which will at least be useful. 2010-03-22 10:35:54 -07:00
Evan Prodromou
edee1fc09e ignore unrecognized object types 2010-03-22 08:17:14 -04:00
Zach Copley
a0a9acb9a2 Fix broken assertion 2010-03-21 18:47:43 -07:00
Brion Vibber
fcb614d0eb Pull <atom:author> info as well as <activity:actor> when we have an old-style ActivityStreams feed. This fixes subscription setup for Cliqset feeds, which currently have a bogus activity:actor/atom:id but a good atom:author/atom:uri 2010-03-21 16:25:12 -07:00
Brion Vibber
b228da628d Accept 'tag' and other non-http id URIs in Ostatus_profile::getActivityObjectProfileURI().
(If there's not a valid ID we fall back to the link, which we do still validate as http/s.)
2010-03-21 15:46:28 -07:00
Brion Vibber
5d3bce49b8 OStatus profile setup cleanup
* drop OStatusPlugin::localProfileFromUrl(), we can just look up on user.uri
* clean up a few edge cases that returned null through Ostatus_profile::ensure* code paths, now throws clear exception when we can't find a feed from the given profile url
* add some doc comments on the ensure* methods
2010-03-21 15:18:37 -07:00
Evan Prodromou
0f1f7ab79b only use Posterous author data if it matches the profile URL 2010-03-21 07:37:58 -05:00
Evan Prodromou
c2afdfbbf5 use Posterous element if available for RssChannel discovery 2010-03-20 17:18:55 -05:00