Mikael Nordfeldth
aeb2e282db
Commented on the mime extension matching regexp
2016-02-25 22:32:54 +01:00
Mikael Nordfeldth
4d17d95335
Try to get mime data before hashing (cpu intensive)
2016-02-25 22:31:45 +01:00
Mikael Nordfeldth
bac37d1714
syntax error
2016-02-25 22:17:44 +01:00
Mikael Nordfeldth
e6e1705852
Make uploads work properly if we accept _all_ attachment types
...
Also introduced $config['attachments']['extblacklist'] that can disable
certain file extensions (or rewrite them, for example php => phps)
2016-02-25 22:15:54 +01:00
Mikael Nordfeldth
28d9f82ab1
Merge branch 'master' into mmn_fixes
2016-02-25 20:13:39 +01:00
Mikael Nordfeldth
6336248d71
Notice getRendered() can now be called on uninserted notices
2016-02-25 20:13:00 +01:00
Mikael Nordfeldth
67aff528f5
socialfy-your-domain made people think you needed manual interaction
...
I don't know why, but people started following those instructions for no
apparent reason and it ended up causing a bunch of federation issues or
homegrown cron script messes.
Maybe changing the name to "another" instead of "your" domain will make
people stop doing stuff randomly.
2016-02-25 20:12:56 +01:00
Mikael Nordfeldth
93f5043230
Merge branch 'master' into mmn_fixes
2016-02-25 19:47:51 +01:00
Mikael Nordfeldth
80f7a5f025
$metadata->thumbnail_url is not guaranteed to be set
...
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
2016-02-25 19:47:16 +01:00
Mikael Nordfeldth
4239c952d2
$metadata->thumbnail_url is not guaranteed to be set
...
We should probably have a separate class for this, so we can more
easily combine different technologies similar to oEmbed/OpenGraph.
2016-02-25 19:46:17 +01:00
Mikael Nordfeldth
e69f878241
Notice getRendered() can now be called on uninserted notices
2016-02-25 15:48:37 +01:00
Mikael Nordfeldth
6d3aa3276a
socialfy-your-domain made people think you needed manual interaction
...
I don't know why, but people started following those instructions for no
apparent reason and it ended up causing a bunch of federation issues or
homegrown cron script messes.
Maybe changing the name to "another" instead of "your" domain will make
people stop doing stuff randomly.
2016-02-25 12:33:28 +01:00
Mikael Nordfeldth
e3e3a91734
Correct comment on Notice->conversation in table schema
2016-02-24 19:34:44 +01:00
Mikael Nordfeldth
128a00c4ab
Include feeds in Link HTTP headers, for easier discovery
2016-02-24 16:48:44 +01:00
Mikael Nordfeldth
1d0a448e07
Publish rel="me" in Link HTTP headers
2016-02-24 16:43:09 +01:00
Mikael Nordfeldth
731fd01139
Allow easy fetching of rel="me" values
2016-02-24 16:42:54 +01:00
Mikael Nordfeldth
3ef573f67c
Default to profile size in Avatar::defaultAvatar
2016-02-24 16:42:35 +01:00
Mikael Nordfeldth
e6f07d8554
Use in_array instead. Now we get third party responses to contextually interesting threads
...
I think this solves much of the "third party conversation" issues, assuming involved parties
are using modern GNU social instances.
2016-02-24 00:19:27 +01:00
Mikael Nordfeldth
31c9b2c1d8
Check the notice context for users in UsersalmonAction
2016-02-23 23:56:43 +01:00
Mikael Nordfeldth
9319033ff0
Properly attach activityobjects
...
For some reason they were written to ->object, which is incorrect as
we use the objects[] array (which usually just holds one entry though)
2016-02-23 23:50:57 +01:00
Mikael Nordfeldth
0eb5122817
Check that the user is in the context of a salmon slap
2016-02-23 23:42:41 +01:00
Mikael Nordfeldth
d672547112
getAliases should be only a list (numeric array)
2016-02-23 14:33:09 +01:00
Mikael Nordfeldth
e16f7d04a8
Let OpenID match against aliases (fix fancyurl stuff etc.)
2016-02-23 14:15:08 +01:00
Mikael Nordfeldth
b59dacb806
getAliases for Profile and Notice
...
Also move fancyurlfix into site-wide $config['fix']['fancyurls']
TODO: getByUri should make use of this directly I guess?
2016-02-23 14:00:59 +01:00
Mikael Nordfeldth
5f7032dfee
Verify that authenticated API calls are made from our domain name.
...
Evil forms on other websites could otherwise potentially be configured
to have action="https://gnusocial.example/api/statuses/update.json " or
whatever. XHR is already blocked with CORS stuff.
Really, why do browsers allow cross domain POSTs at all? Sigh. The web.
2016-02-22 15:19:10 +01:00
Mikael Nordfeldth
c67b89e56b
Make WebFinger fancyurlfix configurable
2016-02-21 20:05:32 +01:00
Mikael Nordfeldth
ce803f6d06
WebFinger aliases with 'index.php/'
2016-02-21 20:00:07 +01:00
Mikael Nordfeldth
1edb1bbc17
Claim that we are the URL without index.php/ in webfinger response
2016-02-21 19:09:39 +01:00
Mikael Nordfeldth
893d117309
throw new, not just throw
2016-02-21 19:01:37 +01:00
Mikael Nordfeldth
0c17c32267
Let the WebFingerPlugin lookup profile resources with index.php/ too
2016-02-21 18:48:48 +01:00
Mikael Nordfeldth
23e66bef64
common_fake_local_fancy_url to remove index.php/ from a local URL
2016-02-21 18:48:18 +01:00
Mikael Nordfeldth
d16a883e17
Allow lookup of User->getByUri (throws NoResultException)
2016-02-21 18:47:47 +01:00
Mikael Nordfeldth
b23cc7465f
Keep a unique set of WebFingerResource aliases
2016-02-21 18:47:32 +01:00
Mikael Nordfeldth
afbdcf8938
Don't publish mbox_sha1sum in FOAF by default.
...
We say the email is private data, so reasonably we shouldn't reveal it
indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2016-02-19 00:10:05 +01:00
Mikael Nordfeldth
a838c90951
Only show "public:site" in ToSelector if notice/allowprivate is true
2016-02-18 00:33:16 +01:00
Mikael Nordfeldth
f68d1ade3f
Put "Everyone" and "Everyone at [local instance]" at the top of ToSelector
2016-02-18 00:32:09 +01:00
Mikael Nordfeldth
543d968b81
NoAcctUriException->profile not $e directly
2016-02-18 00:13:59 +01:00
Mikael Nordfeldth
a361fdbd77
Sort ToSelector by AcctUri
2016-02-18 00:05:09 +01:00
Mikael Nordfeldth
73dbc5ca1b
Use ToSelector choice again.
2016-02-17 23:44:15 +01:00
Mikael Nordfeldth
d9b649642d
Show notice feed URLs (and author)
2016-02-17 23:32:56 +01:00
Mikael Nordfeldth
d2c11925bf
To-selector padlock only shown if site config notice/allowprivate is true
2016-02-17 23:06:11 +01:00
Mikael Nordfeldth
5fbb01130a
By default, disallow users to set private_stream
2016-02-17 22:58:31 +01:00
Mikael Nordfeldth
47dc15c9f6
Describe that we don't allow empty fullnames.
2016-02-17 22:48:32 +01:00
Mikael Nordfeldth
d6bf90cfb7
If profile fullname is 0 chars use nickname
2016-02-17 22:43:45 +01:00
Mikael Nordfeldth
ade4518ae4
Make the Link header give URI for WebFinger lookup
2016-02-17 22:36:33 +01:00
Mikael Nordfeldth
422d475e44
Differentiate two similar log warning messages
2016-02-17 21:57:52 +01:00
Mikael Nordfeldth
d2507a6266
Gotta declare FullNoticeStream as abstract class
2016-02-16 02:24:38 +01:00
Mikael Nordfeldth
46829c6d3c
FullNoticeStream selects all verbs.
2016-02-16 02:21:39 +01:00
Mikael Nordfeldth
2d1b70c94d
created column was ambigououuuouuus
2016-02-15 09:59:34 +01:00
Mikael Nordfeldth
2301862ae6
We only want POST and SHARE in the inbox/home timeline right?
2016-02-15 09:59:18 +01:00