Commit Graph

17235 Commits

Author SHA1 Message Date
hannes
ee305891c4 purify oembed html 2016-01-13 16:03:38 +00:00
hannes
3e7e3de554 don't allow cdata elements in purified html 2016-01-13 16:01:27 +00:00
Mikael Nordfeldth
5c262a788d Unused, unnecessary and intrusive cookie/storage removed! 2016-01-13 15:22:28 +01:00
Mikael Nordfeldth
3720e37f06 property attribute could be null in meta tags of course 2016-01-13 14:24:00 +01:00
Mikael Nordfeldth
99da1ebe41 Catch NoHttpResponseException when using HTTPClient 2016-01-13 14:17:49 +01:00
Mikael Nordfeldth
3ed632decf NoHttpResponseException needed instead of HTTP_Request2_Exception
HTTP_Request2_Exception assumed an HTTP response status code/line
2016-01-13 14:08:48 +01:00
Mikael Nordfeldth
e75472f460 Use the upstream function to get effectiveUrl 2016-01-13 14:00:05 +01:00
Akio Nishimura
eceafb84de lib/language.php: rewrited jp as ja. 2016-01-13 13:23:06 +01:00
Mikael Nordfeldth
14bd6daab1 Aspect ratio on elements in inline-attachment list 2016-01-12 23:12:41 +01:00
Mikael Nordfeldth
e49e113140 Ugly hack to show thumbnails of otherwise unrepresentable attachments
such as text/html, where the thumbnail has been retrieved via oEmbed/OpenGraph
2016-01-12 15:38:59 +01:00
Mikael Nordfeldth
3658774429 Super-basic OpenGraph image preview support, "works for me" 2016-01-12 15:29:03 +01:00
Mikael Nordfeldth
f4feef477b Don't follow redirects on PuSH POST. 2016-01-12 14:32:28 +01:00
Mikael Nordfeldth
b696fb4eb1 Mimetypes like image/svg+xml were misinterpreted when guessing
We don't really need the mb_ in mb_strtolower but what the heck, why not. I love Unicode.
2016-01-12 13:46:25 +01:00
Mikael Nordfeldth
8c28e54ccc same as previous, but for mime_to_ext 2016-01-12 13:14:17 +01:00
Mikael Nordfeldth
dbe5d72e4c If all file extensions are supported we have no list of comparisons 2016-01-12 13:08:54 +01:00
mmn
d07640caba Merge branch 'common_purify_branch' into 'nightly'
EndCommonPurify event

Because we have problems with htmLawed on quitter.se, we want to check its output and maybe use another HTML purifier... 

See merge request !78
2016-01-11 21:14:41 +00:00
mmn
e4a1dff98d Merge branch 'apiaccountregister_event_branch' into 'nightly'
APIStartRegistrationTry event



See merge request !77
2016-01-11 21:08:09 +00:00
mmn
e94017a552 Merge branch 'hidden-h2s' into 'nightly'
Show H2s in notice content

With notices coming from other sources (e.g. Diaspora) and rich-text plugins
such as Textile/Markdown/TinyMCE, it's possible notices include H2 we want
to display.

See merge request !76
2016-01-11 21:01:26 +00:00
hannes
a1b509bb0b forgot we need access to $html too 2016-01-11 20:58:34 +00:00
hannes
8d331b0f35 EndCommonPurify event 2016-01-11 20:54:19 +00:00
hannes
543a7e421e APIStartRegistrationTry event 2016-01-11 20:04:31 +00:00
Mikael Nordfeldth
c826fe0af4 $target was klantigtly copied from another debug message 2016-01-11 20:10:38 +01:00
Mikael Nordfeldth
bd6efa0e45 Update PuSH callback URL if remote side switched to HTTPS
See the comment in the source on why we're not following Location headers...
2016-01-11 19:55:02 +01:00
Mikael Nordfeldth
f24cdf4a80 Much more logging in PushHubAction (OStatus) 2016-01-11 19:54:05 +01:00
Mikael Nordfeldth
1a46d86ca6 lib/util.php quick function to do var_export($var,true)
Immensely useful when debugging and we want to put quotes around strings,
potentially stopping any "evil logging attacks" (where input data masks
as logging data).
2016-01-11 19:52:54 +01:00
Mikael Nordfeldth
93c614c184 Do updateWithKeys properly if someone would like to update PRI 2016-01-11 19:52:33 +01:00
Mikael Nordfeldth
c1f22f106b Might as well put a $limit on preg_replace here
Since there will (should) never be more than one ^http in that string anyway.
2016-01-11 18:27:26 +01:00
Mikael Nordfeldth
5b2b969a77 Tag notice streams should only show post verbs 2016-01-11 15:15:23 +01:00
Mikael Nordfeldth
8acf930c45 OpportunisticQM matches against _system_ max_execution_time
Probably never runs if max_execution_time is 0. I'll handle that later.
2016-01-11 13:35:29 +01:00
Mikael Nordfeldth
b13f8df79b HTTPClient would return null instead of exception
This caused $response->isOK() tests to call a function on a non-existing object, causing all hell to break loose.
2016-01-11 02:36:59 +01:00
Chimo
63fff7ef47 Show H2s in notice content
With notices coming from other sources (e.g. Diaspora) and rich-text plugins
such as Textile/Markdown/TinyMCE, it's possible notices include H2 we want
to display.
2016-01-10 15:37:30 +00:00
Mikael Nordfeldth
87ae5292b8 NSTALL/UPGRADE documentation edits
No more background folder for example. Also comments on chmod a+w
2016-01-10 10:44:16 +01:00
Mikael Nordfeldth
e498bc6b7b Control OpportunisticQM verbosity 2016-01-10 00:51:25 +01:00
Mikael Nordfeldth
7fbf72f9c1 Minor changes to OpportunisticQM for debugging 2016-01-10 00:48:04 +01:00
Mikael Nordfeldth
42dff2742a Put salmon slaps in queues before pushing user Atom feed 2016-01-10 00:29:32 +01:00
Mikael Nordfeldth
67801a5566 Not only local groups should be added to group inbox notificiation table 2016-01-09 15:14:38 +01:00
Mikael Nordfeldth
5ef10a14ef Get group attentions too for outbound notices 2016-01-09 15:06:44 +01:00
Mikael Nordfeldth
c3c5a9974d Do proper fromUri lookup on groups too 2016-01-09 14:36:47 +01:00
Mikael Nordfeldth
55aa68b941 CancelGroupForm gets same typing as Join and Leave 2016-01-09 14:13:19 +01:00
Mikael Nordfeldth
fbec7c4e75 Issue #121 - use correct Group ID and strict User_group typing 2016-01-09 14:06:50 +01:00
Mikael Nordfeldth
d1e609a886 Local user profile getUrl gives dynamically generated URL 2016-01-09 13:47:38 +01:00
Mikael Nordfeldth
f143925931 Actually return the group home URL 2016-01-09 13:33:30 +01:00
Mikael Nordfeldth
d13483ca20 Wups, $poster could be undefined 2016-01-09 13:15:09 +01:00
Mikael Nordfeldth
33194b3cff Attention goes to the parent notice author too 2016-01-08 02:58:31 +01:00
Mikael Nordfeldth
28cd5640c1 Save attentions to Reply table for backwards compatibility
local users only of course
2016-01-08 01:59:16 +01:00
Mikael Nordfeldth
0463d96392 Add more info in logging call
There shouldn't be *HandleSalmonTarget, only verification of actor and
then Notice::saveActivity()!
2016-01-08 01:52:10 +01:00
Mikael Nordfeldth
4e0ed61f7c OStatus queue handler uses Notice->getAttentionProfiles()
and lots more debugging for LOG_DEBUG
2016-01-08 01:31:47 +01:00
Mikael Nordfeldth
e6f2676c5c Default to not include delete verbs in notice streams 2016-01-07 23:33:47 +01:00
Mikael Nordfeldth
c48871cf1b Notice from web now saves context->attention too! ;) 2016-01-07 23:24:15 +01:00
Mikael Nordfeldth
6255e1dca3 saveAttentions, trying to move away from saveReply 2016-01-07 23:23:51 +01:00