Commit Graph

4813 Commits

Author SHA1 Message Date
Mikael Nordfeldth
ea6d8b8bde LRDD blacklisted URL test 2017-04-26 23:21:13 +02:00
Mikael Nordfeldth
bb76af4f65 Test URLs against blacklist also on PuSH subscriptions. 2017-04-26 22:41:59 +02:00
Mikael Nordfeldth
df7ff4ef1a Moving form to its own file as we do nowadays 2017-04-25 21:13:29 +02:00
Mikael Nordfeldth
c71600c144 Modernise some function calls etc, to newer GNU social standards 2017-04-25 21:03:43 +02:00
Mikael Nordfeldth
5f24fc0986 Blacklist plugin enabled by default (bug fixes will come) 2017-04-25 20:43:31 +02:00
Mikael Nordfeldth
a53284fe4f Use getByID nistead of getKV for Feedsub in PushInQueueHandler 2017-04-25 20:42:10 +02:00
Mikael Nordfeldth
956cfaf844 Try https first on URL mention lookup 2017-04-22 12:29:53 +02:00
Mikael Nordfeldth
95f991cff3 Somewhat simpler regex. Thanks acct:takeshitakenji@gs.kawa-kun.com 2017-04-22 12:12:27 +02:00
Mikael Nordfeldth
69e944e21a Fix URL mention regular expression FOR REALZ 2017-04-22 11:45:24 +02:00
Mikael Nordfeldth
51e5cc2ac8 Fix URL mention regular expression in OStatusPlugin 2017-04-22 11:15:55 +02:00
Mikael Nordfeldth
2fc4b174c1 Domain name regular expression into lib/framework.php 2017-04-22 11:07:38 +02:00
Mikael Nordfeldth
bd6c93a811 Split up OStatusPlugin preg functions so they can be reused 2017-04-22 11:02:41 +02:00
Mikael Nordfeldth
54971842f2 A bit more instructive debugging 2017-04-22 10:55:24 +02:00
Mikael Nordfeldth
0fd83f0028 New domain regexp for WebFinger matching. 2017-04-22 10:51:03 +02:00
Mikael Nordfeldth
e98bceec10 Import backlog on new subscription.
Danger is when importing a new feed that may be maliciously crafted
to contain a zillion entries.
2017-04-21 09:31:27 +02:00
Mikael Nordfeldth
f51cb6fca9 Split OStatusPlugin FeedSub receive into two parts
FeedSub::receive now only handles the PuSH verification
FeedSub::receiveFeed is protected and only parses+imports feed XML
2017-04-21 08:13:39 +02:00
Mikael Nordfeldth
e87115d462 Less frightening interface on remote subscription
Instead of an error message in a red box about being unable to find the
profile, you get the title "Remote subscription" and no error message.
2017-04-19 11:41:34 +02:00
Mikael Nordfeldth
548e59fc99 Empty resource would throw exception
The "+ Remote" link on your profile page broke because of exception.
2017-04-19 11:37:43 +02:00
Andrew Engelbrecht
6ca5bb4d41 Added CAS user whitelist feature
This feature filters users who may log in via CAS. This is useful when
both CAS and password authentication is enabled and there is a mismatch
between some GNU social account names and CAS user names. This prevents
CAS users from logging in as someone else on GNU social.
2017-04-17 12:41:49 -04:00
Mikael Nordfeldth
35b0a9e3ae Handle normalized acct: URIs in ostatussub
Mastodon sent the proper acct: URI and not just 'user@domain' when
using the remote subscribe functionality.
2017-04-16 11:01:16 +02:00
Andrew Engelbrecht
25b4996145 Fix 'from' address in the XMPP ping command
This commit corrects a syntax error that caused the XMPP daemon to
reatedly reconnect to the remote server.
2017-04-13 12:35:49 -04:00
mmn
24910f2363 Merge branch 'fix-twitterbridge' into 'nightly'
Fix TwitterBridge imported notices not displaying in timeline

See merge request !130
2017-04-06 10:20:41 +00:00
Mikael Nordfeldth
bc1f8b5db6 Merge branch 'master' of git.gnu.io:gnu/gnu-social into nightly
strk's OpenID fix
2017-04-06 11:15:37 +02:00
mmn
6679ecb9d7 Merge branch 'fix-openid-removal' into 'master'
Fix OpenID URI removal

See merge request !138
2017-04-06 09:12:35 +00:00
Sandro Santilli
1ef206467f Fix OpenID URI removal
See #252
2017-03-18 13:33:07 +01:00
Sandro Santilli
85a407e7b0 Normalize OpenID URI before checking it for validity
Fixes #251
2017-03-18 10:56:01 +01:00
Mikael Nordfeldth
9fead39f36 Merge branch 'master' of git.gnu.io:gnu/gnu-social 2017-03-18 01:36:35 +01:00
Mikael Nordfeldth
948744538c StoreRemoteMedia now checks remote filesize before downloading 2017-03-18 01:35:45 +01:00
Chimo
dc7c64592b Add var type to newListItem() parameter
Fixes some "Declaration of $child::method should be compatible with
$parent::method" warnings.
2017-03-16 22:57:16 -04:00
Thomas Karpiniec
47cd054976 Use the statusnet namespace for notice_id 2017-02-04 21:59:30 +11:00
Mikael Nordfeldth
8b8e2825e3 Merge branch 'master' of git.gnu.io:gnu/gnu-social into mmn_fixes 2017-01-15 21:25:06 +01:00
Bjoern Schiessle
f198d5d110
improve status length calculation, each link is exactly 23 characters long at Twitter 2016-12-14 15:54:02 +01:00
Mikael Nordfeldth
6bfc97c95d Less spammy logs 2016-10-22 23:24:13 +02:00
Mikael Nordfeldth
6ebc5f0bff some debugging calls and make sure $hints['feedurl'] gets set with $feeduri in case that variable is used. 2016-10-22 23:08:44 +02:00
vinzv
3e5ae79c5a Added chimo's plugins 2016-09-02 11:37:53 +02:00
vinzv
25e4b9a35e Add Qvitter and QvitterPlus 2016-09-02 11:34:50 +02:00
vinzv
a1c7c0ab01 Adding SensitiveContent Plugin for nsfw filtering 2016-09-02 11:34:29 +02:00
Mikael Nordfeldth
cb5bcf4937 bad log constant 2016-08-28 00:16:31 +02:00
Mikael Nordfeldth
a32bfe7d87 TagCloud turned into plugin (performance issues on large installs) 2016-08-27 15:24:25 +02:00
Mikael Nordfeldth
27022e7c39 Typing on WebFinger onRouterInitialized handler argument URLMapper $m 2016-08-27 15:00:29 +02:00
Mikael Nordfeldth
1d791f81fa Attachment styling 2016-08-21 09:31:26 +02:00
Nym Coy
1f5e306760 Set object_type to ActivityObject::NOTE on notices imported from Twitter. Previously was unset which caused ActivityHandler to throw an error during onStartOpenNoticeListItemElement() and the notices would not display in the timeline. 2016-08-09 21:02:57 +05:30
Mikael Nordfeldth
563b3b1328 Using File->setTitle in oEmbed 2016-07-23 21:01:28 +02:00
Mikael Nordfeldth
1b3d583418 file_quota for OembedPlugin too
Don't download huge files that might kill memory limits.
2016-07-21 03:19:05 +02:00
Mikael Nordfeldth
809e2f6d07 Use File->getID() 2016-07-21 01:38:48 +02:00
Mikael Nordfeldth
d230d332cf return false to exit event, imgPath holds the path 2016-07-21 00:27:22 +02:00
Mikael Nordfeldth
13e1f0a561 VideoThumbnails shouldn't have to recreate the thumbnail all the time 2016-07-21 00:24:05 +02:00
Mikael Nordfeldth
fc440ba7e7 Easier debugging of VideoThumbnails plugin 2016-07-20 22:51:38 +02:00
Mikael Nordfeldth
1d53e7060a Changed ShowfavoritesAction to use Action functions for profiles 2016-07-07 11:11:20 +02:00
Mikael Nordfeldth
4a3ed7d0ae I don't know why we would set the mimetype as title here 2016-07-07 00:43:51 +02:00
Mikael Nordfeldth
3987cad9b7 Use delivered content-type to parse XML_XRD
In issue #205 we saw data coming in with an additional line-break before
the JSON data which fuzzed the auto-detection in XML_XRD (which assumed
a { as the first character). If we use the Content-type header from HTTP
we can avoid that issue.
2016-07-02 13:44:25 +02:00
Mikael Nordfeldth
cfd9aee57b Better logging for issue #205 2016-07-02 13:32:23 +02:00
Mikael Nordfeldth
a833eaa651 Make all hash algorithms available (but whitelist by default)
sha1 is whitelisted only because StatusNet requires it.
2016-06-28 11:54:39 +02:00
Mikael Nordfeldth
3166a04cef actually respond with the error message in text on Salmon calls 2016-06-25 20:50:00 +02:00
Mikael Nordfeldth
bf4acc21be A bunch of GIFs were >5MiB! 2016-06-25 20:37:00 +02:00
Mikael Nordfeldth
ad7ebd1a8c Even more phpseclib update related stuff. 2016-06-25 20:34:28 +02:00
Mikael Nordfeldth
d10ce6ac7c Give Webfinger response to group queries 2016-06-25 20:13:19 +02:00
Mikael Nordfeldth
d0c26fb1a4 URIFIX in Ostatus_profile, handle missing feedsub 2016-06-25 11:59:31 +02:00
Mikael Nordfeldth
7978cd6d59 s/EmptyIdException/EmptyPkeyValueException/ 2016-06-25 11:50:59 +02:00
Mikael Nordfeldth
d7a4098b56 Use a separate max download limit for remote files than file_quota too 2016-06-24 16:07:57 +02:00
Mikael Nordfeldth
af23c9f7cd StoreRemoteMedia now checks remote filesize before downloading 2016-06-24 15:56:14 +02:00
Mikael Nordfeldth
f1e3314bb7 StoreRemoteMedia avoids too large files 2016-06-24 15:47:02 +02:00
Mikael Nordfeldth
c19f87f867 fixes issue #189 with a script lacking exception handling 2016-06-24 15:19:24 +02:00
Mikael Nordfeldth
39e8c13afb Properly parse incoming bookmarks 2016-06-24 13:51:40 +02:00
Mikael Nordfeldth
a4051945fd Handle exception from Magic Envelope toXML function 2016-06-23 23:27:18 +02:00
Mikael Nordfeldth
6dcb293ba0 Unnecessarily verbose code 2016-06-23 23:03:58 +02:00
Mikael Nordfeldth
16f4583498 throw ClientException instead of clientError 2016-06-19 03:38:00 +02:00
Mikael Nordfeldth
2726478467 Bump Diaspora plugin version because of phpseclib fix 2016-06-19 03:25:03 +02:00
Mikael Nordfeldth
bac95913e8 phpseclib defaults to OAEP but we want PKCS1 in D* 2016-06-19 03:23:26 +02:00
Mikael Nordfeldth
ed97b88b04 Err, don't need that comment. 2016-06-19 02:27:50 +02:00
Mikael Nordfeldth
76114e2748 Missed some phpseclib stuff in DiasporaPlugin 2016-06-19 02:26:44 +02:00
Mikael Nordfeldth
47aabf4fda Let's just put the namespaced phpseclib in extlib instead of plugins/OStatus/extlib 2016-06-18 00:00:32 +02:00
Mikael Nordfeldth
5bfd9dbaa7 repost_of -> repeat_of, also trying with isset() 2016-06-17 23:53:05 +02:00
Mikael Nordfeldth
3a8ce99a9d Magicsig call for phpseclib\Math\BigInteger fixed 2016-06-17 23:47:00 +02:00
Mikael Nordfeldth
1839082f95 OStatus Magicsig adaptations to new phpseclib
Some constants have changed and the way to call RSA->sign(...) too.
2016-06-17 23:43:24 +02:00
Mikael Nordfeldth
d8af92bda2 Diaspora phpseclib update 2016-06-17 23:42:50 +02:00
Mikael Nordfeldth
09ef0c1f33 bump Linkback plugin thanks to awesome singpolyma 2016-06-17 23:22:44 +02:00
Mikael Nordfeldth
a1d064129a Handle namespaces for new phpseclib 2016-06-17 23:21:34 +02:00
Mikael Nordfeldth
28ca5d90d9 phpseclib updated, some new features that we won't use 2016-06-17 22:44:12 +02:00
mmn
005b4c8dd1 Merge branch 'strict-warnings' into 'nightly'
Fix some strict warnings (Action::prepare, Action::handle)

I know MR with changes to a bunch of files aren't great practice, but I figured since all the changes are one-liners it might not be a huge deal.

Related to #190 

See merge request !123
2016-06-17 16:29:47 -04:00
Stephen Paul Weber
97243c8a91 Allow 201 as well, because spec says so 2016-06-10 21:13:10 +00:00
Stephen Paul Weber
274e394d8e Pass all but two webmention.rocks tests 2016-06-10 21:03:16 +00:00
Stephen Paul Weber
1e9077f529 Set avatar where available 2016-06-10 21:02:50 +00:00
Stephen Paul Weber
6861d2f3a1 Get avatar out of entry properly 2016-06-10 21:02:34 +00:00
Stephen Paul Weber
624584f9df Need to strtotime before we can format the date 2016-06-10 21:02:08 +00:00
Stephen Paul Weber
4f3a031786 Use strpos check properly 2016-06-10 21:01:53 +00:00
Stephen Paul Weber
e96d7d48f5 400 code needs ClientException 2016-06-10 21:01:23 +00:00
Chimo
9de79f0a36 Update prepare() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::prepare() should be compatible with
Action::prepare(array $args = Array)

Ref. #190
2016-06-01 02:26:44 +00:00
Chimo
ba2975aac8 Update handle() method on Action subclasses.
Fixes handle()-related strict warnings such as "Strict Standards:
Declaration of AdminPanelAction::handle() should be compatible with
Action::handle()"

Ref. #190
2016-06-01 02:26:44 +00:00
Mikael Nordfeldth
60130633f0 Linkback references to unset indexes + spelling error 2016-05-01 11:36:07 +02:00
Mikael Nordfeldth
e4f688fcfd naughty extlib fix (PHP7)
The explode function didn't return empty elements (which split did)
2016-04-26 02:57:14 +02:00
Mikael Nordfeldth
3e9b0d6018 split is gone, use explode. PHP7 extlib fix 2016-04-26 02:41:56 +02:00
Mikael Nordfeldth
af28160679 Naughty fix for extlib XMPPHP (PHP7)
I shouldn't fix extlibs, but here goes anyway. I will see if there's
an upstream library we can track which has fixed this themselves.
2016-04-26 02:41:04 +02:00
Mikael Nordfeldth
ce65fe96ad Oembed bugs with thumbnail generation. 2016-04-18 15:33:20 +02:00
Mikael Nordfeldth
b1de90fe08 Send thr:in-reply-to as well, for clarity... 2016-04-01 23:21:57 +02:00
Mikael Nordfeldth
922b65d231 More debugging in Salmon since we get situations which can't find inReplyToID 2016-04-01 23:10:34 +02:00
Mikael Nordfeldth
299949b156 fix/legacy_http for WebFinger + some minor fixes
Now won't match possibly maliciously named remote profile URLs
(where the profile URL could be a notice URL for example, which
would mean the response would be incorrect)

When looking up remote entities, we should _only_ use the stored URI,
but that's for the future to do...
2016-03-30 01:32:11 +02:00
Mikael Nordfeldth
df3bcbb6cb Possibly replace weirdly capitalized htTPs: too 2016-03-30 01:31:17 +02:00
Mikael Nordfeldth
cb212ba41c Gah, bad syntax 2016-03-29 12:55:50 +02:00
Mikael Nordfeldth
f8765c6166 Upgrade script for Bookmark uses joins instead of exists (performance++) 2016-03-29 12:48:00 +02:00