Mikael Nordfeldth
bac37d1714
syntax error
2016-02-25 22:17:44 +01:00
Mikael Nordfeldth
e6e1705852
Make uploads work properly if we accept _all_ attachment types
...
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
Mikael Nordfeldth
28d9f82ab1
Merge branch 'master' into mmn_fixes
2016-02-25 20:13:39 +01:00
Mikael Nordfeldth
6336248d71
Notice getRendered() can now be called on uninserted notices
2016-02-25 20:13:00 +01:00
Mikael Nordfeldth
67aff528f5
socialfy-your-domain made people think you needed manual interaction
...
I don't know why, but people started following those instructions for no
apparent reason and it ended up causing a bunch of federation issues or
homegrown cron script messes.
Maybe changing the name to "another" instead of "your" domain will make
people stop doing stuff randomly.
2016-02-25 20:12:56 +01:00
Mikael Nordfeldth
93f5043230
Merge branch 'master' into mmn_fixes
2016-02-25 19:47:51 +01:00
Mikael Nordfeldth
80f7a5f025
$metadata->thumbnail_url is not guaranteed to be set
...
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
2016-02-25 19:47:16 +01:00
Mikael Nordfeldth
4239c952d2
$metadata->thumbnail_url is not guaranteed to be set
...
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
2016-02-25 19:46:17 +01:00
Mikael Nordfeldth
e69f878241
Notice getRendered() can now be called on uninserted notices
2016-02-25 15:48:37 +01:00
Mikael Nordfeldth
6d3aa3276a
socialfy-your-domain made people think you needed manual interaction
...
I don't know why, but people started following those instructions for no
apparent reason and it ended up causing a bunch of federation issues or
homegrown cron script messes.
Maybe changing the name to "another" instead of "your" domain will make
people stop doing stuff randomly.
2016-02-25 12:33:28 +01:00
Mikael Nordfeldth
e3e3a91734
Correct comment on Notice->conversation in table schema
2016-02-24 19:34:44 +01:00
Mikael Nordfeldth
128a00c4ab
Include feeds in Link HTTP headers, for easier discovery
2016-02-24 16:48:44 +01:00
Mikael Nordfeldth
1d0a448e07
Publish rel="me" in Link HTTP headers
2016-02-24 16:43:09 +01:00
Mikael Nordfeldth
731fd01139
Allow easy fetching of rel="me" values
2016-02-24 16:42:54 +01:00
Mikael Nordfeldth
3ef573f67c
Default to profile size in Avatar::defaultAvatar
2016-02-24 16:42:35 +01:00
Mikael Nordfeldth
e6f07d8554
Use in_array instead. Now we get third party responses to contextually interesting threads
...
I think this solves much of the "third party conversation" issues, assuming involved parties
are using modern GNU social instances.
2016-02-24 00:19:27 +01:00
Mikael Nordfeldth
31c9b2c1d8
Check the notice context for users in UsersalmonAction
2016-02-23 23:56:43 +01:00
Mikael Nordfeldth
9319033ff0
Properly attach activityobjects
...
For some reason they were written to ->object, which is incorrect as
we use the objects[] array (which usually just holds one entry though)
2016-02-23 23:50:57 +01:00
Mikael Nordfeldth
0eb5122817
Check that the user is in the context of a salmon slap
2016-02-23 23:42:41 +01:00
Mikael Nordfeldth
d672547112
getAliases should be only a list (numeric array)
2016-02-23 14:33:09 +01:00
Mikael Nordfeldth
e16f7d04a8
Let OpenID match against aliases (fix fancyurl stuff etc.)
2016-02-23 14:15:08 +01:00
Mikael Nordfeldth
b59dacb806
getAliases for Profile and Notice
...
Also move fancyurlfix into site-wide $config['fix']['fancyurls']
TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
5f7032dfee
Verify that authenticated API calls are made from our domain name.
...
Evil forms on other websites could otherwise potentially be configured
to have action="https://gnusocial.example/api/statuses/update.json " or
whatever. XHR is already blocked with CORS stuff.
Really, why do browsers allow cross domain POSTs at all? Sigh. The web.
2016-02-22 15:19:10 +01:00
Mikael Nordfeldth
c67b89e56b
Make WebFinger fancyurlfix configurable
2016-02-21 20:05:32 +01:00
Mikael Nordfeldth
ce803f6d06
WebFinger aliases with 'index.php/'
2016-02-21 20:00:07 +01:00
Mikael Nordfeldth
1edb1bbc17
Claim that we are the URL without index.php/ in webfinger response
2016-02-21 19:09:39 +01:00
Mikael Nordfeldth
893d117309
throw new, not just throw
2016-02-21 19:01:37 +01:00
Mikael Nordfeldth
0c17c32267
Let the WebFingerPlugin lookup profile resources with index.php/ too
2016-02-21 18:48:48 +01:00
Mikael Nordfeldth
23e66bef64
common_fake_local_fancy_url to remove index.php/ from a local URL
2016-02-21 18:48:18 +01:00
Mikael Nordfeldth
d16a883e17
Allow lookup of User->getByUri (throws NoResultException)
2016-02-21 18:47:47 +01:00
Mikael Nordfeldth
b23cc7465f
Keep a unique set of WebFingerResource aliases
2016-02-21 18:47:32 +01:00
Mikael Nordfeldth
afbdcf8938
Don't publish mbox_sha1sum in FOAF by default.
...
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00
Mikael Nordfeldth
a838c90951
Only show "public:site" in ToSelector if notice/allowprivate is true
2016-02-18 00:33:16 +01:00
Mikael Nordfeldth
f68d1ade3f
Put "Everyone" and "Everyone at [local instance]" at the top of ToSelector
2016-02-18 00:32:09 +01:00
Mikael Nordfeldth
543d968b81
NoAcctUriException->profile not $e directly
2016-02-18 00:13:59 +01:00
Mikael Nordfeldth
a361fdbd77
Sort ToSelector by AcctUri
2016-02-18 00:05:09 +01:00
Mikael Nordfeldth
73dbc5ca1b
Use ToSelector choice again.
2016-02-17 23:44:15 +01:00
Mikael Nordfeldth
d9b649642d
Show notice feed URLs (and author)
2016-02-17 23:32:56 +01:00
Mikael Nordfeldth
d2c11925bf
To-selector padlock only shown if site config notice/allowprivate is true
2016-02-17 23:06:11 +01:00
Mikael Nordfeldth
5fbb01130a
By default, disallow users to set private_stream
2016-02-17 22:58:31 +01:00
Mikael Nordfeldth
47dc15c9f6
Describe that we don't allow empty fullnames.
2016-02-17 22:48:32 +01:00
Mikael Nordfeldth
d6bf90cfb7
If profile fullname is 0 chars use nickname
2016-02-17 22:43:45 +01:00
Mikael Nordfeldth
ade4518ae4
Make the Link header give URI for WebFinger lookup
2016-02-17 22:36:33 +01:00
Mikael Nordfeldth
422d475e44
Differentiate two similar log warning messages
2016-02-17 21:57:52 +01:00
Mikael Nordfeldth
d2507a6266
Gotta declare FullNoticeStream as abstract class
2016-02-16 02:24:38 +01:00
Mikael Nordfeldth
46829c6d3c
FullNoticeStream selects all verbs.
2016-02-16 02:21:39 +01:00
Mikael Nordfeldth
2d1b70c94d
created column was ambigououuuouuus
2016-02-15 09:59:34 +01:00
Mikael Nordfeldth
2301862ae6
We only want POST and SHARE in the inbox/home timeline right?
2016-02-15 09:59:18 +01:00
Mikael Nordfeldth
dcb7ce36d8
Show shares in public timeline
...
Also, the unselect rule for DELETE was useless anyway since it would
already have been filtered out by not having true.
(the => false stuff are for when you want ALL _except_ that)
2016-02-14 20:53:26 +01:00
Mikael Nordfeldth
e2a090c9cc
Use NoticeStream::filterVerbs for filtering in noticestreams
2016-02-14 20:46:13 +01:00