Mikael Nordfeldth
557e430c7d
Reference local URLs in addressee list on notices.
2016-08-06 18:32:14 +02:00
Mikael Nordfeldth
e52275e37f
Some comparisons were incorrect (text/html;charset=utf-8 etc.)
2016-07-21 01:38:31 +02:00
Mikael Nordfeldth
d5c733919b
Because the other part of the code works now, this is unnecessary
2016-07-21 00:34:40 +02:00
Mikael Nordfeldth
e8e996182f
Delete file on class destruction or we do it too quickly
...
Source image was removed when trying to use it for resizeTo
2016-07-21 00:23:27 +02:00
Mikael Nordfeldth
46c227bf3a
FileNotFoundException is more proper here
2016-07-15 13:19:16 +02:00
Mikael Nordfeldth
36cfe9f857
Delete successfully generated thumbnail (temporary sources) too.
2016-07-15 12:52:20 +02:00
Mikael Nordfeldth
6332a4d800
Handle FileNotStoredLocallyException in attachmentlistitem
2016-07-07 00:45:31 +02:00
Mikael Nordfeldth
f02d32b718
Reworked File->getUrl to throw exception
...
In case you require a local URL and one can't be generated, throw
FileNotStoredLocallyException(File $file)
2016-07-07 00:44:50 +02:00
Mikael Nordfeldth
71afb5be75
If the file is text/plain, see if we accept the extension
2016-07-06 09:34:09 +02:00
Mikael Nordfeldth
4117118e23
More specific exceptions for mimetype/extension issues.
2016-07-06 09:14:59 +02:00
Mikael Nordfeldth
b4a0bff740
Some mimetype madness!
2016-07-06 08:59:16 +02:00
Mikael Nordfeldth
a833eaa651
Make all hash algorithms available (but whitelist by default)
...
sha1 is whitelisted only because StatusNet requires it.
2016-06-28 11:54:39 +02:00
Mikael Nordfeldth
7978cd6d59
s/EmptyIdException/EmptyPkeyValueException/
2016-06-25 11:50:59 +02:00
Mikael Nordfeldth
0adb7af9a0
Allow a quickHead request, will only return headers
2016-06-24 15:43:20 +02:00
Mikael Nordfeldth
39e8c13afb
Properly parse incoming bookmarks
2016-06-24 13:51:40 +02:00
Mikael Nordfeldth
d00f19663b
bump to beta5 since phpseclib update (which might cause some issues still)
2016-06-18 00:05:54 +02:00
mmn
2e8a5aeb23
Merge branch 'tom/noreferrer' into 'nightly'
...
Use noreferrer when linkifying attachments and allow this value in purifier
If you click on a link in your main timeline this effectively identifies you to the site that you visited via the Referer header. (Who goes around reading other people's /user/all, honestly?)
Annoyingly our notice content is already HTML. Rather than attempt to parse and modify the tags in flight, this modification takes the simpler approach of adding the noreferrer tag to inline links by default when notices are composed.
See merge request !127
2016-06-17 16:32:39 -04:00
mmn
005b4c8dd1
Merge branch 'strict-warnings' into 'nightly'
...
Fix some strict warnings (Action::prepare, Action::handle)
I know MR with changes to a bunch of files aren't great practice, but I figured since all the changes are one-liners it might not be a huge deal.
Related to #190
See merge request !123
2016-06-17 16:29:47 -04:00
mmn
d66b495ba8
Merge branch 'notice-location' into 'nightly'
...
Re-enable notice locations
Removed a stray 'return' statement.
See merge request !125
2016-06-17 16:28:56 -04:00
mmn
d4295cfb25
Merge branch 'webmention-rocks' into 'nightly'
...
webmention.rocks
I have improved the webmention handling so that all but two of the webmention.rocks compliance tests pass now. Also improved parsing of time/authors on incoming webmentions.
See merge request !128
2016-06-17 16:26:21 -04:00
Mikael Nordfeldth
5e131aed80
Apparently medium.com uses @ frequently i URLs
...
and we skipped them because we assumed they were urlencoded when copied.
2016-06-17 11:20:36 +02:00
Stephen Paul Weber
83e7ade714
When there is no useful title, class="p-name e-content"
2016-06-10 21:00:48 +00:00
Thomas Karpiniec
c1537a1e82
Use noreferrer when linkifying attachments and allow this value in purifier
2016-06-09 19:56:36 +10:00
Chimo
d02c75d019
Re-enable notice locations
...
Removed a stray 'return' statement.
2016-06-01 21:56:42 -04:00
Chimo
9de79f0a36
Update prepare() method on Action subclasses.
...
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)
Ref. #190
2016-06-01 02:26:44 +00:00
Chimo
ba2975aac8
Update handle() method on Action subclasses.
...
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::handle() should be compatible with
Action::handle()"
Ref. #190
2016-06-01 02:26:44 +00:00
Sandro Santilli
3138fa0b40
Check DB connection before any possible use
2016-05-24 16:49:50 +02:00
Mikael Nordfeldth
bd306bdb9f
Add /download action for attachments
2016-05-09 22:08:36 +02:00
Mikael Nordfeldth
3a6733dc98
2-frame GIF animations weren't recognised as animated
2016-05-04 11:57:55 +02:00
Mikael Nordfeldth
a5a96dd857
Misplaced break/continue statements.
2016-05-04 11:44:00 +02:00
Mikael Nordfeldth
87dd0fbdb6
UseFileAsThumbnailException uses direct File object now
2016-05-04 11:34:50 +02:00
Mikael Nordfeldth
7aa9a69c2f
Link to attachment page instead of big-ass image
2016-05-01 11:35:51 +02:00
Mikael Nordfeldth
9b613029e6
Merge branch 'master' into mmn_fixes
2016-04-18 16:10:50 +02:00
Mikael Nordfeldth
844fe3924e
put local id, href and such in ostatus:conversation element
2016-04-18 16:09:36 +02:00
Mikael Nordfeldth
107f612384
strict type comparison
2016-04-18 15:04:03 +02:00
Mikael Nordfeldth
4645033b98
"In conversation" text in noticelistitem
2016-04-08 13:44:22 +02:00
Mikael Nordfeldth
547f92de07
Don't fail deleteRelated on NoProfileException
2016-04-01 06:51:19 +02:00
Mikael Nordfeldth
44ea8aa681
Make sure $_SERVER['HTTP_REFERER'] isset when testing value
2016-03-31 20:51:50 +02:00
Mikael Nordfeldth
4ea79bc396
I was too quick to save that file (File::getByUrl takes 1 arg)
2016-03-29 14:33:40 +02:00
Mikael Nordfeldth
2f91cb0df7
We should assume all verbs and such are their full URIs in our db
2016-03-29 12:57:52 +02:00
Mikael Nordfeldth
dcffe5d992
Forgotten File::getByUrl conversations (performance++)
2016-03-29 12:13:53 +02:00
Mikael Nordfeldth
88e2f739a9
DOMElement not DOMDocument
2016-03-28 16:23:15 +02:00
Mikael Nordfeldth
7bef2ad4cc
Update Profile Data script fixes, might work for groups too now
2016-03-28 16:19:47 +02:00
Mikael Nordfeldth
f134a423f6
rename config option site/logdebug to log/debugtrace
2016-03-27 16:36:58 +02:00
Mikael Nordfeldth
9fa18fa366
HTTPClient::quickGet now supports headers as argument
...
They should be in a numeric array, already formatted as headers,
ready to go. (Header-Name: Content of the header)
2016-03-24 02:44:11 +01:00
Mikael Nordfeldth
f83b81b8c4
Change config webfinger/http_alias to fix/legacy_http
...
Set $config['fix']['legacy_http'] to perform some actions that are
needed if your site used to be served over http but now has upgraded
to https!
2016-03-23 15:21:02 +01:00
Mikael Nordfeldth
8933022edc
Forgot a microsummary route in the latest commit
2016-03-22 22:37:59 +01:00
Mikael Nordfeldth
dafe775ffa
Microsummaries had issues and were removed in Firefox 6.0 anyway
...
It is argued there are many better ways to get a "micro summary" of
a profile or site.
2016-03-22 22:31:01 +01:00
Neil E. Hodges
39ebb64b85
Added proper enabling and disabling of sending RTs to Twitter.
2016-03-21 07:12:52 -07:00
Mikael Nordfeldth
38f7deca78
Avoid "property of non-object" PHP notice.
2016-03-21 11:17:25 +01:00
Mikael Nordfeldth
1e89369ef8
geometa.js doesn't exist anymore
2016-03-21 03:23:39 +01:00
Mikael Nordfeldth
ae681b10e7
geometa.js doesn't exist anymore
2016-03-21 03:11:22 +01:00
Mikael Nordfeldth
980085a8a3
Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes
...
Conflicts:
plugins/Minify/extlib/minify/README.txt
plugins/Minify/extlib/minify/UPGRADING.txt
plugins/Minify/extlib/minify/min/README.txt
plugins/Minify/extlib/minify/min/builder/index.php
plugins/Minify/extlib/minify/min/lib/JSMin.php
plugins/Minify/extlib/minify/min/lib/Minify.php
plugins/Minify/extlib/minify/min/lib/Minify/CSS.php
plugins/Minify/extlib/minify/min/lib/Minify/CSS/Compressor.php
plugins/Minify/extlib/minify/min/lib/Minify/Controller/Page.php
plugins/Minify/extlib/minify/min/lib/Minify/Packer.php
plugins/Recaptcha/RecaptchaPlugin.php
2016-03-21 03:10:19 +01:00
Mikael Nordfeldth
cd24f7d30a
Issue #166 - we test exif data below, no need for error output
2016-03-21 02:56:47 +01:00
Mikael Nordfeldth
cdcf6cdb25
Hacky method to avoid cutting conversation "more" link out
2016-03-21 02:42:28 +01:00
Mikael Nordfeldth
aa3865c303
Split threaded notice list classes into own files.
2016-03-21 02:33:57 +01:00
Bob Mottram
11c57e7aee
Remove Google References
...
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
2016-03-20 13:06:58 +00:00
Mikael Nordfeldth
349e842078
UPDATE ActivityVerb
2016-03-14 15:26:03 +01:00
Mikael Nordfeldth
ca8f0f84c4
Woops, forgot to include this file!
2016-03-14 15:25:05 +01:00
Mikael Nordfeldth
5ca2a28246
Make oEmbed handle our http/https setting better.
2016-03-10 14:20:21 +01:00
Mikael Nordfeldth
bd75305560
Define-ify excluded end-characters of URL autolinking
2016-03-09 15:16:47 +01:00
Mikael Nordfeldth
c769924505
Reduce the number of allowed characters in auto-linking URLs.
2016-03-09 15:05:36 +01:00
Mikael Nordfeldth
d179afa303
Save allowed path/qstring/fragment characters in constants
2016-03-09 14:51:52 +01:00
Mikael Nordfeldth
e2c6f2f96f
Let's be consistent with URL verbs
2016-03-08 20:01:06 +01:00
Mikael Nordfeldth
cfc82591da
chmod 0775 directories we create
...
Security for the 'g+rx' should be handle by having the parent directory
inaccessible for global users, which is usually the case.
2016-03-07 23:23:32 +01:00
Mikael Nordfeldth
4e5c0e70a6
fillConfigVoids to set default value of empty config options
2016-03-07 22:55:52 +01:00
Mikael Nordfeldth
265fa12917
Relatively experimental change to store thumbnails in 'file/thumb/' (by default)
2016-03-07 22:33:34 +01:00
Mikael Nordfeldth
158b323767
Declare AdminpanelAction::canAdmin as static, since that's how it's used.
2016-03-06 17:31:40 +01:00
Mikael Nordfeldth
6ec72b2978
Move mail_confirm_address out of mail.php
2016-03-06 17:27:40 +01:00
mmn
0785e2910f
Merge branch 'no_sandboxed_repeats_branch' into 'nightly'
...
Don't include repeated notices from sandboxed users in the public timeline
See merge request !115
2016-03-05 08:08:42 -05:00
Mikael Nordfeldth
97ac722b24
Accessibility navigation improvement
2016-03-05 12:42:53 +01:00
Mikael Nordfeldth
7ca0ff9a19
MediaFile::fromUpload handles missing local file better
2016-03-05 12:05:12 +01:00
Mikael Nordfeldth
1db02d7f36
filename_base option isn't optimal
...
For different "download filenames" we should use some other method.
2016-03-05 11:59:46 +01:00
Mikael Nordfeldth
57d57b8d8f
Handle reuploads via filehandle better if original is missing
2016-03-05 01:26:34 +01:00
Mikael Nordfeldth
952f68fed5
File upload logging for dummies
2016-03-05 00:59:39 +01:00
hannes
7d4658643d
the repeated notice can be from a sandboxed user too
2016-03-04 16:53:57 -05:00
Mikael Nordfeldth
dc1ceca86e
Some more Microformats2 data for notices and rendering
2016-03-02 13:29:54 +01:00
Mikael Nordfeldth
6529fdd28d
Proper Microformats2 h-entry p-name + u-uid markup
2016-03-02 13:10:02 +01:00
Mikael Nordfeldth
d6598e790c
Introduce a ConfigException
2016-03-02 12:33:06 +01:00
Mikael Nordfeldth
9534969c05
Don't set is_local=LOCAL_NONPUBLIC on sandboxed user notices
...
Let's decide whether they are nonpublic by testing them when the notice
is shown instead.
2016-03-02 12:26:23 +01:00
Mikael Nordfeldth
a3b2118906
Make the public streams ModeratedNoticeStream (hide sandboxed users etc.)
...
Which streams should be put under ModeratedNoticeStream is probably open
to debate. But at least the public ones should hide the posts from users
that are sandboxed.
2016-03-02 11:50:50 +01:00
Mikael Nordfeldth
b4271a3533
Stricted typing + protected on FilteringNoticeStream->filter
2016-03-02 11:40:43 +01:00
Mikael Nordfeldth
99fbb181c1
Translation changes, use FancyName in email subject
2016-03-01 23:53:36 +01:00
Mikael Nordfeldth
47f408ca7c
Strict typing for mail_notify_attn
2016-03-01 23:37:11 +01:00
Mikael Nordfeldth
63c087a255
Consistent behaviour for ScopingNoticeStream $scoped
...
We don't guess the current profile anymore if the value of the profile === -1
Also sets $this->scoped for all ScopingNoticeStream inheritors, which just
like in an Action can be null if we're not scoped in any way (logged in).
2016-03-01 14:51:47 +01:00
Mikael Nordfeldth
7862b853bf
Make javascript XHR timeout a variable.
...
SN.V.xhrTimeout = [time in milliseconds];
2016-03-01 13:10:18 +01:00
Mikael Nordfeldth
6c43e9c2e0
Verify loaded config function, must be completed further.
2016-02-28 13:31:21 +01:00
Mikael Nordfeldth
747c91210f
HTMLPurifier cache settings, put stuff in subdir of get_sys_temp_dir()
2016-02-28 13:30:47 +01:00
Mikael Nordfeldth
cd978fa153
Edited the list of allowed rel values
2016-02-28 13:16:52 +01:00
Mikael Nordfeldth
52a3764ae4
Resolve relative URLs (assuming URI.Base==notice URL)
...
The real way to do this would be to get the xml:base property from
the Atom feed but it's probably not there in any posts we see today.
2016-02-26 14:46:26 +01:00
Mikael Nordfeldth
29662eef5e
Mentioning matches (@this too) now.
2016-02-26 00:08:51 +01:00
Mikael Nordfeldth
2669c51265
Allow sgf files if they're recognized in mime search
...
They are Go game files used on lamatriz.org. Note that my server
doesn't actually recognize these files and can identify the mime type,
but my browser did for some reason.
2016-02-26 00:05:07 +01:00
Mikael Nordfeldth
e6e1705852
Make uploads work properly if we accept _all_ attachment types
...
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
Mikael Nordfeldth
128a00c4ab
Include feeds in Link HTTP headers, for easier discovery
2016-02-24 16:48:44 +01:00
Mikael Nordfeldth
b59dacb806
getAliases for Profile and Notice
...
Also move fancyurlfix into site-wide $config['fix']['fancyurls']
TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
5f7032dfee
Verify that authenticated API calls are made from our domain name.
...
Evil forms on other websites could otherwise potentially be configured
to have action="https://gnusocial.example/api/statuses/update.json " or
whatever. XHR is already blocked with CORS stuff.
Really, why do browsers allow cross domain POSTs at all? Sigh. The web.
2016-02-22 15:19:10 +01:00
Mikael Nordfeldth
ce803f6d06
WebFinger aliases with 'index.php/'
2016-02-21 20:00:07 +01:00
Mikael Nordfeldth
893d117309
throw new, not just throw
2016-02-21 19:01:37 +01:00
Mikael Nordfeldth
23e66bef64
common_fake_local_fancy_url to remove index.php/ from a local URL
2016-02-21 18:48:18 +01:00
Mikael Nordfeldth
afbdcf8938
Don't publish mbox_sha1sum in FOAF by default.
...
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00