Mikael Nordfeldth
|
ec257d940a
|
Either use or don't use HTTPS
The risk of injection attacks using HTTP is too great to allow a
site that allows both HTTP and HTTPS...
|
2016-02-10 00:57:39 +01:00 |
|
Mikael Nordfeldth
|
dcf29c2a07
|
s/isHTTPS/useHTTPS/ for HTTPS URL generation
|
2016-02-10 00:38:14 +01:00 |
|
Mikael Nordfeldth
|
eaa394ed7d
|
bitcoin schema for HTMLPurifier
|
2016-02-08 20:20:31 +01:00 |
|
Chimo
|
a614205663
|
Add plugin READMEs
|
2016-02-08 17:48:37 +00:00 |
|
Chimo
|
2c5cba28b6
|
Change status.net/wiki URLs to git.gnu.io
|
2016-02-08 17:48:10 +00:00 |
|
Mikael Nordfeldth
|
7c90d7022b
|
Require the license with HTML5
|
2016-02-08 17:56:35 +01:00 |
|
Mikael Nordfeldth
|
ef5ed10eb9
|
Log failed captcha entries
|
2016-02-08 17:51:21 +01:00 |
|
Mikael Nordfeldth
|
cd71188d3a
|
SimpleCaptcha plugin to stop basic bots
|
2016-02-08 17:47:09 +01:00 |
|
Mikael Nordfeldth
|
a30d34be7f
|
Returnto the previous page when deleting a notice.
|
2016-02-08 15:30:28 +01:00 |
|
Mikael Nordfeldth
|
d98784e059
|
Use functions instead of accessing properties in twitterUserArray
|
2016-02-08 12:21:58 +01:00 |
|
Mikael Nordfeldth
|
3dea259f52
|
Return intval from getID()
|
2016-02-08 12:21:46 +01:00 |
|
Mikael Nordfeldth
|
2938b3e960
|
Don't return true on requiresAuth if screen_name==='0'
|
2016-02-08 12:14:35 +01:00 |
|
Mikael Nordfeldth
|
13cf744fb3
|
Allow screennames that are === '0'
|
2016-02-08 11:40:46 +01:00 |
|
Mikael Nordfeldth
|
2686635f60
|
Keep the rel="tag" in HTML when purifying
|
2016-02-07 12:50:26 +01:00 |
|
Mikael Nordfeldth
|
1126f70786
|
Merge branch 'master' into mmn_fixes
|
2016-02-07 02:35:44 +01:00 |
|
Mikael Nordfeldth
|
7c7f2f890f
|
Hidespam by default
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
|
2016-02-07 02:35:21 +01:00 |
|
Mikael Nordfeldth
|
d6664f5735
|
Hidespam by default
...why would something described as "Whether to hide silenced users from timelines"
be set to false by default? :)
|
2016-02-07 02:33:53 +01:00 |
|
Mikael Nordfeldth
|
58e852f7f7
|
Use the -y parameter for ffmpeg/avconv to be non-interactive
|
2016-02-07 01:59:21 +01:00 |
|
Mikael Nordfeldth
|
6bec22ea4e
|
Write to the tmp file in VideoThumbnails
|
2016-02-07 01:57:56 +01:00 |
|
Mikael Nordfeldth
|
25f623565a
|
Catch http exception in StoreRemoteMedia
|
2016-02-07 01:54:37 +01:00 |
|
Mikael Nordfeldth
|
098c8b1df4
|
NoHttpResponseException extends HTTP_Request2_ConnectionException
|
2016-02-07 01:52:20 +01:00 |
|
Mikael Nordfeldth
|
55546a5aab
|
Support ffmpeg and avconv depending on which you have
|
2016-02-07 01:02:59 +01:00 |
|
Chimo
|
7aca4e7463
|
CONFIGURE: Replace short urls with their target
Transparency and resilience against shorteners going away.
|
2016-02-04 15:20:37 +00:00 |
|
Mikael Nordfeldth
|
41e36e1f28
|
Unknown functionality of a script
Something added 6-8 years ago which we don't use anymore...
|
2016-02-04 12:16:36 +01:00 |
|
Mikael Nordfeldth
|
1f01356076
|
Fix issue #127 by catching exceptions
update-profile-data.php threw exceptions on http connection issues
|
2016-02-04 12:06:35 +01:00 |
|
Mikael Nordfeldth
|
60804d1902
|
ES3 compatibility layer not necessary (noone uses IE8 etc.)
All browsers with javascript support also support ES5 nowadays. Anyone
using older software should upgrade for other reasons, such as security.
|
2016-02-04 11:37:24 +01:00 |
|
Mikael Nordfeldth
|
d5ecbd05a1
|
Forgot a break in a switch when rendering attachments.
|
2016-02-03 19:32:51 +01:00 |
|
Mikael Nordfeldth
|
9960714896
|
Disallow zero-length magnet URIs
magnet: would match, but now we have a zero-length lookahead which
requires the following character to be a question mark: magnet:?
|
2016-02-03 15:26:19 +01:00 |
|
Mikael Nordfeldth
|
90045d66ea
|
HTMLPurifierSchemes plugin to allow geo and magnet URIs
|
2016-02-03 14:36:51 +01:00 |
|
Mikael Nordfeldth
|
2c83614170
|
HTMLPurifier caches were included accidentally
|
2016-02-03 14:35:26 +01:00 |
|
Mikael Nordfeldth
|
349dba8be0
|
Only allow our specified URI schemes
|
2016-02-03 14:31:16 +01:00 |
|
Mikael Nordfeldth
|
e903bd0bc3
|
Hacky support for geo URI detection
Won't work with common_purify yet because there is no geo uri scheme for it
|
2016-02-03 14:19:08 +01:00 |
|
Mikael Nordfeldth
|
b1ed1f48ea
|
Configurable linkify for bare IPv4/IPv6
|
2016-02-03 12:55:00 +01:00 |
|
Mikael Nordfeldth
|
25c15119bc
|
Backupaccount is always readonly
|
2016-02-03 01:15:35 +01:00 |
|
Mikael Nordfeldth
|
84930f89f9
|
Don't allow account backups by default.
|
2016-02-03 01:08:36 +01:00 |
|
Mikael Nordfeldth
|
19b743a9f5
|
Set time limit to increase time backupaccount can take
Wills till run out of memory probably, we should fix that.
|
2016-02-03 01:04:14 +01:00 |
|
Mikael Nordfeldth
|
9fcfb7cb1d
|
Proper error message on too much POST data
|
2016-02-03 01:03:58 +01:00 |
|
Mikael Nordfeldth
|
6a4aa34b0c
|
Don't process further in redirection if HEAD gives 400 Bad request
|
2016-02-03 00:34:49 +01:00 |
|
Mikael Nordfeldth
|
40cffb9463
|
File::isProtected is static
|
2016-02-03 00:22:18 +01:00 |
|
Mikael Nordfeldth
|
a2b914ce60
|
Get URL schemes by URL type
|
2016-02-03 00:18:37 +01:00 |
|
Mikael Nordfeldth
|
43abfe659b
|
Bump beta number to 4
We have better webfinger @mention@capability.example at least and
OpportunisticQM is somewhat refined.
|
2016-01-30 00:04:18 +01:00 |
|
Mikael Nordfeldth
|
367fc054dc
|
Merge branch 'master' into mmn_fixes
|
2016-01-30 00:03:25 +01:00 |
|
Mikael Nordfeldth
|
771f08b3c7
|
Merge branch 'master' of git.gnu.io:gnu/gnu-social
|
2016-01-30 00:02:56 +01:00 |
|
Mikael Nordfeldth
|
5167b1fa40
|
Don't trust local HTML either
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
|
2016-01-30 00:02:03 +01:00 |
|
Mikael Nordfeldth
|
c6ae883ad2
|
Don't trust local HTML either
If we reallyreally want to include <img> or <script> or whatever then we
have to do that after Notice::saveActivity sets ->rendered.
|
2016-01-30 00:00:37 +01:00 |
|
Mikael Nordfeldth
|
a5c1b063fd
|
isPerson did not exist for Ostatus_profile
|
2016-01-29 16:15:06 +01:00 |
|
Mikael Nordfeldth
|
689e277c62
|
Allow @localuser@mysite.example to be looked up as a mention
|
2016-01-29 16:06:16 +01:00 |
|
Mikael Nordfeldth
|
36f099958c
|
Don't match @nickname on @nickname@server.com
|
2016-01-29 15:53:58 +01:00 |
|
Mikael Nordfeldth
|
cb40f72c7e
|
Use the profile URI when linking instead of URL
since we'll then get to /user/$id instead of /$nickname which is
good for future archives if someone changes their nickname...
|
2016-01-29 15:21:01 +01:00 |
|
hannes
|
f708a5b016
|
Never save our /attachment/{file_id} links as links in the file table, return the old file
|
2016-01-29 00:36:30 +00:00 |
|