eliseuamaro
/
gnu-social
forked from GNUsocial/gnu-social
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
17,391 Commits 8 Branches 0 Tags 309 MiB
Commit Graph

17391 Commits

Author SHA1 Message Date
Bob Mottram 11c57e7aee Remove Google References 
This removes most references to Google, with some
remaining since they may point to things which are still
relevant. References to Google Code, Google Buzz and
Google Maps have been removed
 2016-03-20 13:06:58 +00:00
Mikael Nordfeldth b2cfbded2e Upgrading from 1.1.x would make uri fields have length=255 2016-03-15 16:54:10 +01:00
Mikael Nordfeldth 346a73c36f Fix a regression in 1f76c1e4 that stopped sending email confirmation on registration 2016-03-02 14:38:34 +01:00
Mikael Nordfeldth 6336248d71 Notice getRendered() can now be called on uninserted notices 2016-02-25 20:13:00 +01:00
Mikael Nordfeldth 67aff528f5 socialfy-your-domain made people think you needed manual interaction 
I don't know why, but people started following those instructions for no
apparent reason and it ended up causing a bunch of federation issues or
homegrown cron script messes.

Maybe changing the name to "another" instead of "your" domain will make
people stop doing stuff randomly.
 2016-02-25 20:12:56 +01:00
Mikael Nordfeldth 80f7a5f025 $metadata->thumbnail_url is not guaranteed to be set 
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
 2016-02-25 19:47:16 +01:00
Mikael Nordfeldth e6f07d8554 Use in_array instead. Now we get third party responses to contextually interesting threads 
I think this solves much of the "third party conversation" issues, assuming involved parties
are using modern GNU social instances.
 2016-02-24 00:19:27 +01:00
Mikael Nordfeldth 31c9b2c1d8 Check the notice context for users in UsersalmonAction 2016-02-23 23:56:43 +01:00
Mikael Nordfeldth 9319033ff0 Properly attach activityobjects 
For some reason they were written to ->object, which is incorrect as
we use the objects[] array (which usually just holds one entry though)
 2016-02-23 23:50:57 +01:00
Mikael Nordfeldth 0eb5122817 Check that the user is in the context of a salmon slap 2016-02-23 23:42:41 +01:00
Mikael Nordfeldth d672547112 getAliases should be only a list (numeric array) 2016-02-23 14:33:09 +01:00
Mikael Nordfeldth e16f7d04a8 Let OpenID match against aliases (fix fancyurl stuff etc.) 2016-02-23 14:15:08 +01:00
Mikael Nordfeldth b59dacb806 getAliases for Profile and Notice 
Also move fancyurlfix into site-wide $config['fix']['fancyurls']

TODO: getByUri should make use of this directly I guess?
 2016-02-23 14:00:59 +01:00
Mikael Nordfeldth 5f7032dfee Verify that authenticated API calls are made from our domain name. 
Evil forms on other websites could otherwise potentially be configured
to have action="https://gnusocial.example/api/statuses/update.json" or
whatever. XHR is already blocked with CORS stuff.

Really, why do browsers allow cross domain POSTs at all? Sigh. The web.
 2016-02-22 15:19:10 +01:00
Mikael Nordfeldth c67b89e56b Make WebFinger fancyurlfix configurable 2016-02-21 20:05:32 +01:00
Mikael Nordfeldth ce803f6d06 WebFinger aliases with 'index.php/' 2016-02-21 20:00:07 +01:00
Mikael Nordfeldth 1edb1bbc17 Claim that we are the URL without index.php/ in webfinger response 2016-02-21 19:09:39 +01:00
Mikael Nordfeldth 893d117309 throw new, not just throw 2016-02-21 19:01:37 +01:00
Mikael Nordfeldth 0c17c32267 Let the WebFingerPlugin lookup profile resources with index.php/ too 2016-02-21 18:48:48 +01:00
Mikael Nordfeldth 23e66bef64 common_fake_local_fancy_url to remove index.php/ from a local URL 2016-02-21 18:48:18 +01:00
Mikael Nordfeldth d16a883e17 Allow lookup of User->getByUri (throws NoResultException) 2016-02-21 18:47:47 +01:00
Mikael Nordfeldth b23cc7465f Keep a unique set of WebFingerResource aliases 2016-02-21 18:47:32 +01:00
Mikael Nordfeldth afbdcf8938 Don't publish mbox_sha1sum in FOAF by default. 
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
 2016-02-19 00:10:05 +01:00
Mikael Nordfeldth a838c90951 Only show "public:site" in ToSelector if notice/allowprivate is true 2016-02-18 00:33:16 +01:00
Mikael Nordfeldth f68d1ade3f Put "Everyone" and "Everyone at [local instance]" at the top of ToSelector 2016-02-18 00:32:09 +01:00
Mikael Nordfeldth 543d968b81 NoAcctUriException->profile not $e directly 2016-02-18 00:13:59 +01:00
Mikael Nordfeldth a361fdbd77 Sort ToSelector by AcctUri 2016-02-18 00:05:09 +01:00
Mikael Nordfeldth 73dbc5ca1b Use ToSelector choice again. 2016-02-17 23:44:15 +01:00
Mikael Nordfeldth d9b649642d Show notice feed URLs (and author) 2016-02-17 23:32:56 +01:00
Mikael Nordfeldth d2c11925bf To-selector padlock only shown if site config notice/allowprivate is true 2016-02-17 23:06:11 +01:00
Mikael Nordfeldth 5fbb01130a By default, disallow users to set private_stream 2016-02-17 22:58:31 +01:00
Mikael Nordfeldth 47dc15c9f6 Describe that we don't allow empty fullnames. 2016-02-17 22:48:32 +01:00
Mikael Nordfeldth d6bf90cfb7 If profile fullname is 0 chars use nickname 2016-02-17 22:43:45 +01:00
Mikael Nordfeldth ade4518ae4 Make the Link header give URI for WebFinger lookup 2016-02-17 22:36:33 +01:00
Mikael Nordfeldth 422d475e44 Differentiate two similar log warning messages 2016-02-17 21:57:52 +01:00
Mikael Nordfeldth d2507a6266 Gotta declare FullNoticeStream as abstract class 2016-02-16 02:24:38 +01:00
Mikael Nordfeldth 46829c6d3c FullNoticeStream selects all verbs. 2016-02-16 02:21:39 +01:00
Mikael Nordfeldth 2d1b70c94d created column was ambigououuuouuus 2016-02-15 09:59:34 +01:00
Mikael Nordfeldth 2301862ae6 We only want POST and SHARE in the inbox/home timeline right? 2016-02-15 09:59:18 +01:00
Mikael Nordfeldth dcb7ce36d8 Show shares in public timeline 
Also, the unselect rule for DELETE was useless anyway since it would
already have been filtered out by not having true.

(the => false stuff are for when you want ALL _except_ that)
 2016-02-14 20:53:26 +01:00
Mikael Nordfeldth e2a090c9cc Use NoticeStream::filterVerbs for filtering in noticestreams 2016-02-14 20:46:13 +01:00
Mikael Nordfeldth c23c3a4f53 Might as well put a FILTER_SANITIZE_EMAIL there 
Not that I think we could break out of the directory since
we use basename, but you never know... maybe there's a unicode
bug in PHP or something.
 2016-02-13 14:06:05 +01:00
Mikael Nordfeldth 4bf26eff4c socialfy-your-domain updated for webfinger (not tested) 2016-02-13 13:57:15 +01:00
Mikael Nordfeldth be14e15dac Hide attachments in notices by silenced profiles 2016-02-13 13:17:39 +01:00
Mikael Nordfeldth fbcca62ae1 listGet was not meant for that really 2016-02-13 01:19:47 +01:00
Mikael Nordfeldth 8ef2abf30b Render RegiserThrottle extra profile data properly 2016-02-13 01:16:34 +01:00
Mikael Nordfeldth 799c2e47fe Don't depend on ModLog 2016-02-13 01:10:01 +01:00
Mikael Nordfeldth be35975b12 RegisterThrottle list-profiles-by-ip 2016-02-13 01:02:18 +01:00
Mikael Nordfeldth 557ad2d1fd Show user registration IP to users who can see ModLog 2016-02-13 00:51:43 +01:00
Mikael Nordfeldth c7c34ec05a Only administrators can delete other privileged users. 2016-02-12 15:00:18 +01:00