Brion Vibber
48492600a8
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-10-28 00:15:59 +00:00
Brion Vibber
e43553a3d9
Tweak for OAuth headers not seen in $_SERVER
2010-10-28 00:14:45 +00:00
Siebrand Mazeland
035b4949fd
Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x
2010-10-28 01:59:45 +02:00
Siebrand Mazeland
7a564276a9
Localisation updates from http://translatewiki.net .
2010-10-28 01:58:43 +02:00
Brion Vibber
9e9b7b972c
Merge branch 'instrument' into 0.9.x
2010-10-27 16:47:06 -07:00
Brion Vibber
ace655aecf
ApiLogger plugin: dumps some information about API hits to aid in researching future HTTP-level cachability improvements.
...
Data are sent to the 'info' level of logging, like so:
[lazarus.local:4812.86b23603 GET /mublog/api/statuses/friends_timeline.atom?since_id=1353]
STATLOG action:apitimelinefriends method:GET ssl:no query:since_id cookie:no auth:yes
ifmatch:no ifmod:no agent:Appcelerator Titanium/1.4.1 (iPhone/4.1; iPhone OS; en_US;)
Fields:
* action: case-normalized name of the action class we're acting on
* method: GET, POST, HEAD, etc
* ssl: Are we on HTTPS? 'yes' or 'no'
* query: Were we sent a query string? 'yes', 'no', or 'since_id' if the only parameter is a since_id
* cookie: Were we sent any cookies? 'yes' or 'no'
* auth: Were we sent an HTTP Authorization header? 'yes' or 'no'
* ifmatch: Were we sent an HTTP If-Match header for an ETag? 'yes' or 'no'
* ifmod: Were we sent an HTTP If-Modified-Since header? 'yes' or 'no'
* agent: User-agent string, to aid in figuring out what these things are
The most shared-cache-friendly requests will be non-SSL GET requests with no or very predictable
query parameters, no cookies, and no authorization headers. Private caching (eg within a supporting
user-agent) could still be friendly to SSL and auth'd GET requests.
We kind of expect that the most frequent hits from clients will be GETs for a few common timelines,
with auth headers, a since_id-only query, and no cookies. These should at least be amenable to
returning 304 matches for etags or last-modified headers with private caching, but it's very
possible that most clients won't actually think to save and send them. That would leave us expecting
to handle a lot of timeline since_id hits that return a valid API response with no notices.
At this point we don't expect to actually see if-match or if-modified-since a lot since most of our
API responses are marked as uncacheable; so even if we output them they're not getting sent back to
us.
Random subsampling can be enabled by setting the 'frequency' parameter smaller than 1.0:
addPlugin('ApiLogger', array(
'frequency' => 0.5 // Record 50% of API hits
));
2010-10-27 16:43:38 -07:00
Siebrand Mazeland
796d7b4939
Update translator documentation.
2010-10-28 01:42:09 +02:00
Siebrand Mazeland
d0bbd343f0
i18n/L10n updates and superfluous whitespace removed.
2010-10-28 01:35:40 +02:00
Siebrand Mazeland
04fcfeaf6f
* Superfluous whitespace removed.
...
* i18n review (no changes needed).
2010-10-28 01:23:57 +02:00
Siebrand Mazeland
04ae500749
* i18n/L10n fixes.
...
* translator documentation updated.
* superfluous whitespace removed.
2010-10-28 01:21:21 +02:00
Siebrand Mazeland
a12474a99d
* i18n/L10n fixes.
...
* translator documentation updated.
* superfluous whitespace removed.
2010-10-28 01:21:09 +02:00
Evan Prodromou
60b66bdd6e
Merge branch 'nofollowexternallink' into 0.9.x
...
Conflicts:
lib/default.php
2010-10-27 13:53:39 -04:00
Brion Vibber
8ff44a1fb9
Merge branch '0.9.x' into twitstream
2010-10-26 15:39:31 -07:00
Craig Andrews
22a0cf6251
Set cookies with "secure" flag on SSL sites. Improves security.
2010-10-26 17:55:09 -04:00
Zach Copley
b3cd558fe7
Fix OAuth verifier display page title and msgs for i18n
2010-10-26 13:19:23 -07:00
Evan Prodromou
5d56d9bb69
UI on profile settings page to opt out of following everyone
2010-10-26 15:33:35 -04:00
Evan Prodromou
7a80ebeb13
flag to let users opt out of following everyone
2010-10-26 15:21:30 -04:00
Evan Prodromou
e5a3b973b8
Plugin to follow all new users by default
2010-10-26 15:10:18 -04:00
Evan Prodromou
22633a5af6
can't subscribe to blacklisted domains/users
2010-10-26 11:48:27 -04:00
Evan Prodromou
bec00094a7
Blacklist plugin checks PuSH and Salmon notices
2010-10-26 11:20:43 -04:00
Evan Prodromou
511566a132
userrole.php will take a profile id for remote profiles
2010-10-26 11:19:47 -04:00
Brion Vibber
c09487f272
readme: release candidate 0.9.6
2010-10-25 14:49:29 -07:00
Zach Copley
307c819089
Merge commit 'refs/merge-requests/2223' of git://gitorious.org/statusnet/mainline into integration
2010-10-25 14:35:56 -07:00
Michele macno Azzolari
0243cea82b
Updated mustard description and link
2010-10-25 23:08:29 +02:00
Zach Copley
1a1ca22aca
Supress header, footer, sidebar on OAuth verifier pin page when in "desktop" mode
2010-10-25 13:30:38 -07:00
Samantha Doherty
01637bcd32
Base theme styling for oauth pin and desktop mode.
2010-10-25 16:00:34 -04:00
Zach Copley
78396db28a
Forgot to add the OAuth verifier pin page to sensitive array
2010-10-25 12:36:03 -07:00
Zach Copley
0dcc3f8d71
We don't need to have editapplication (only showapplication) in the
...
sensitive array because it doesn't expose the consumer keypair
2010-10-25 12:10:52 -07:00
Zach Copley
3954ab39ae
Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if
...
available
2010-10-25 11:52:17 -07:00
Zach Copley
82c280979d
Add special CSS classes to OAuth authorization and pin pages when
...
in desktop mode
2010-10-25 11:25:35 -07:00
Zach Copley
479096c8d7
Less scary OAuth authorization messages when using anonymous consumer
2010-10-25 10:38:40 -07:00
Evan Prodromou
b60b9b4fa2
Merge branch '0.9.x' into atompub
2010-10-25 11:18:56 -04:00
Evan Prodromou
aef88c7cee
max_id is inclusive
2010-10-25 11:18:49 -04:00
Evan Prodromou
75fcf1e081
Merge branch '0.9.x' into atompub
2010-10-25 11:09:11 -04:00
Evan Prodromou
968f9b0513
change max_id from < to <=
2010-10-25 11:08:53 -04:00
Evan Prodromou
e6ba379c8b
navigation links in user timeline (for AtomPub)
2010-10-25 11:08:10 -04:00
Evan Prodromou
e51ed96b89
add rel=self links to atom entries
2010-10-25 09:48:01 -04:00
Evan Prodromou
59a7d78acb
Atom Service Document
2010-10-24 23:43:26 -04:00
Evan Prodromou
698818bd7e
show rel=edit links in notices for authenticated users
2010-10-24 23:05:33 -04:00
Evan Prodromou
c0664599aa
allow posting to user timeline using AtomPub
2010-10-24 22:50:13 -04:00
Evan Prodromou
292e789584
delete a notice using AtomPub
2010-10-24 21:24:23 -04:00
Evan Prodromou
43a67b150a
show a single notice in atom entry format
2010-10-24 15:58:53 -04:00
Evan Prodromou
69a1ecec9b
check for a post
2010-10-24 15:04:12 -04:00
Siebrand Mazeland
1545c1228b
Localisation updates from http://translatewiki.net .
2010-10-23 20:50:55 +02:00
Siebrand Mazeland
3329685beb
* onPluginVersion added.
...
* i18n fix: use _m() in plugins, don't use _()
* some translator documentation added.
* superfluous whitespace removed.
2010-10-23 19:23:25 +02:00
Siebrand Mazeland
0b6cc7c33d
* translator documentation added.
...
* superfluous whitespace removed.
2010-10-23 19:20:51 +02:00
Brion Vibber
eb30c6651a
Additional fixes found while looking at ticket #2532 : when given a screen name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames.
2010-10-22 13:53:10 -07:00
Brion Vibber
2d124e4aab
Fix for ticket #2532 : fixed API block create/destroy when specifying the target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx
...
The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks.
2010-10-22 13:51:28 -07:00
Brion Vibber
783f28c8b1
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
2010-10-22 12:14:45 -07:00
Brion Vibber
e292d8fb65
Fix for 140-char replies being unexpectedly cropped when bridged to Twitter.
...
This drops the '@' -> ' @' hack for CURL meta-chars in outgoing Twitter bridge, added in commit 04b95c25
back in the day.
The Twitter bridge has since been switched from using direct CURL calls to using HTTPClient, which even with the CURL backend enabled doesn't trigger this issue, as POST parameters are formatted directly.
Prepending the space before we did the message cropping was leading to 140-char messages getting cropped unnecessarily, which was confusing:
Examples of broken messages:
http://identi.ca/notice/57172587 vs http://twitter.com/marjoleink/status/28398050691
http://identi.ca/notice/57172878 vs http://twitter.com/marjoleink/status/28398492563
2010-10-22 12:10:11 -07:00