aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* owa - first commitzotlabs2017-09-077-3/+186
|
* markdown code blocks not preserving line breaks, removed a bootstrap ↵zotlabs2017-09-072-4/+10
| | | | over-ride which fixes this, but also changed the style to pre-wrap to wrap the text rather than the default horizontal scroll
* use array_key_exists() instead of x() in this case as the latter fails on an ↵zotlabs2017-09-061-3/+3
| | | | array that's empty and we unconditionally need to encode the array even if empty
* Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_mergezotlabs2017-09-062-10/+5
|\
| * cards: remove double generic-content-wrapper and section titleMario Vavti2017-09-061-9/+4
| |
| * make cards likeableMario Vavti2017-09-061-1/+1
| |
* | mastodon wraps oembed in an iframe - which we immediately purify our of ↵zotlabs2017-09-061-0/+11
| | | | | | | | existence and what we really want to purify is the content. So strip away the iframe, fetch the content and purify that instead.
* | ignore diaspora_meta column on item import.zotlabs2017-09-061-0/+5
|/
* check code rights on cloud fileszotlabs2017-09-053-4/+4
|
* typozotlabs2017-09-051-1/+1
|
* provide sharing of cardszotlabs2017-09-056-14/+62
|
* Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_mergezotlabs2017-09-053-5/+6
|\
| * 32 characters are often not enough to distinguish gnu-social mids - use the ↵Mario Vavti2017-09-053-5/+6
| | | | | | | | entire mid. in /display if we are not dealing with posts (eg likes) provide the thr_parent mid as bParam_mid so we can still adress the right post in javascript
* | avoid a security patch and resultant compatibility issues; instead restrict ↵zotlabs2017-09-052-3/+1
| | | | | | | | the input characters we accept in token verification strings to hex digits. This will all be changing in the coming weeks/months anyway.
* | remove period from characters allowed in username, as this will mess up URL ↵zotlabs2017-09-052-6/+6
| | | | | | | | based content-type negotiation. It was previously disallowed but permitted a month or two ago after seeing Diaspora started allowing it. It's OK if they have it, but we can't; as many of our urls are based on username and theirs are primarily based on uid.
* | some more prep work for Zot VI - some of this will need to be undone or at ↵zotlabs2017-09-042-5/+13
| | | | | | | | least re-arranged later but we need to bootstrap a test environment.
* | some preliminary work on Zot VIzotlabs2017-09-042-6/+19
| |
* | Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_mergezotlabs2017-09-045-33/+17
|\|
| * Default Access Control List (ACL) -> Default Privacy Group and minor ↵Mario Vavti2017-09-042-3/+2
| | | | | | | | template fix
| * remove loggingMario Vavti2017-09-041-2/+0
| |
| * whitespaceMario Vavti2017-09-041-25/+13
| |
| * fix the error reporting query in /display. we need item_deleted instead of ↵Mario Vavti2017-09-041-2/+1
| | | | | | | | item_flags and remove id = $item_hash from the query since we always provide the mid and never the id iirc
| * remove hubzilla.nl from fallback directory serversMario Vavti2017-09-041-1/+1
| |
* | card embed improvedzotlabs2017-09-042-3/+8
|/
* also error if no security contextzotlabs2017-09-031-0/+8
|
* validate the security contextzotlabs2017-09-033-3/+11
|
* paths in xchan_addr no longer means RSS specifically but could be activitypubzotlabs2017-09-032-4/+1
|
* sign zot-info packets with httpsignatureszotlabs2017-09-031-1/+28
|
* Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_mergezotlabs2017-09-0315-20/+58
|\
| * Merge remote-tracking branch 'mike/master' into devMario Vavti2017-09-033-6/+1
| |\
| * | this fixes an issue where in /channel/membername?mid=some_mid updates did ↵Mario Vavti2017-09-031-1/+1
| | | | | | | | | | | | not work when static updates were enabled. since in the current situation we always get a top-level-post mid, item_thread_top = 0 in the query will never return a result. change it to item_thread_top = 1
| * | introduce item_normal_update(). the differnce to item_normal() is that we do ↵Mario Vavti2017-09-035-7/+17
| | | | | | | | | | | | not query for item_deleted = 0 and therefor can find deleted likes which allows us to update our unlikes on the fly if static page update is enabled
| * | Merge remote-tracking branch 'mike/master' into devMario Vavti2017-09-023-1/+6
| |\ \
| * | | add combined index for item.uid and item.item_unseen. this speeds up ↵Mario Vavti2017-09-017-11/+27
| | | | | | | | | | | | | | | | notifications by a magnitude.
| * | | Merge branch 'dev' of https://github.com/redmatrix/hubzilla into devMario Vavti2017-09-012-1/+9
| |\ \ \
| | * \ \ Merge pull request #850 from anaqreon/docogit-marijus2017-09-012-1/+9
| | |\ \ \ | | | | | | | | | | | | Fix the multiple table of content bug
| | | * \ \ Merge remote-tracking branch 'upstream/dev' into docoAndrew Manning2017-08-2712-118/+7142
| | | |\ \ \
| | | * \ \ \ Merge remote-tracking branch 'upstream/dev' into docoAndrew Manning2017-08-254-39/+8
| | | |\ \ \ \
| | | * | | | | Removed duplicated table of contents (TOC) in Help pages by breaking ↵Andrew Manning2017-08-252-1/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | hierarchical TOC loading.
| * | | | | | | Merge remote-tracking branch 'mike/master' into devMario Vavti2017-09-017-49/+210
| |\ \ \ \ \ \ \ | | |/ / / / / / | |/| | | | | |
| * | | | | | | changeloggit-marijus2017-08-311-0/+4
| | | | | | | |
* | | | | | | | only validate headers that aren't "spoofable", which will be somewhat ↵zotlabs2017-09-031-3/+8
| |_|_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | implementation dependent.
* | | | | | | Reviewed. This is OK.zotlabs2017-09-033-6/+1
| |_|_|_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Revert "may be exploitable in current form - awaiting review" This reverts commit 7bff60edacd68ef3dccf6f956e9c57092919950a.
* | | | | | may be exploitable in current form - awaiting reviewzotlabs2017-09-023-1/+6
| |/ / / / |/| | | |
* | | | | cut down on a few extraneous gprobe processeszotlabs2017-08-312-2/+4
| | | | |
* | | | | some changes after testing server-to-server magic authzotlabs2017-08-314-22/+36
| | | | |
* | | | | add server-to-server magic auth to dav and cdav controllerszotlabs2017-08-313-29/+120
| | | | |
* | | | | server to server magic authzotlabs2017-08-311-2/+50
| | | | |
* | | | | simplify api_authzotlabs2017-08-311-15/+9
| | | | |
* | | | | now letsencrypt is creating a .htaccess file with re-write rules which kills ↵zotlabs2017-08-311-0/+12
|/ / / / | | | | | | | | | | | | most of our .well-known routes