aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
Commit message (Collapse)AuthorAgeFilesLines
* streamline inbound attachment handling and fix regression from issue #1679Mario2022-05-231-22/+74
|
* update to remove core apps (wiki, cards, articles) which have been moved to ↵Mario2022-05-191-0/+23
| | | | addons
* add a hidden config for the hs2019 http sig algoMario2022-05-191-2/+5
|
* rendering fixesMario2022-05-191-12/+12
|
* implement starring of pubstream itemsMario2022-05-182-12/+27
|
* make sure we use source.content when rendering events to correctly render ↵Mario2022-05-161-1/+1
| | | | observer related content. fix wrong media types.
* fix php errorsMario2022-05-141-3/+3
|
* do not set allowed to true if verb is ACTIVITY_SHARE and slightly changed ↵Mario2022-05-131-3/+7
| | | | logic for conv fetches
* do not stringify integer valueMario2022-05-111-1/+1
|
* update queries in mod search - fixes #1677Mario2022-05-112-27/+24
|
* deal with pleroma reactionsMario2022-05-101-0/+8
|
* use rev instead of _updated and the unix timestamp is less likely to cause ↵Mario2022-05-091-1/+1
| | | | issues in the future
* add the update date to the icon url. some platforms will not update if the ↵Mario2022-05-071-1/+1
| | | | icon url remains static
* more cleanupMario2022-05-062-12/+5
|
* some cleanup after moving articles and cards to addonsMario2022-05-063-85/+3
|
* fix core issue #1676 and a liked/disliked/commented confusionMario2022-05-062-9/+40
|
* move wiki to addonsMario2022-05-066-2094/+0
|
* move articles to addonMario2022-05-042-370/+0
|
* move cards to addonMario2022-05-044-356/+11
|
* hubloc in AS has been moved from data to meta a while agoMario Vavti2022-04-261-2/+2
|
* whitespaceMario Vavti2022-04-251-1/+1
|
* if we have not been provided a profile id set the profile id to the default ↵Mario Vavti2022-04-251-0/+4
| | | | profile - fixes #1671
* fix regression with incoming poll answers from activitypubMario Vavti2022-04-231-1/+1
|
* move AP addressing to pubcrawlMario Vavti2022-04-071-122/+14
| | | (cherry picked from commit 1390e1db399c06cb76e191437eb5be24dd95a5c7)
* fixes in regard to hub re-installs: dismiss deleted hublocs, make sure we ↵Mario2022-04-013-11/+11
| | | | use the latest hubloc entry for addressing, in Queue::deliver() prefer primaries since their info is probably more accurate
* make sure to set comments_closed to the created date if nocomment is setMario Vavti2022-03-231-1/+1
|
* streamline comment policy with downstreamMario2022-03-231-14/+4
|
* Merge branch 'security-fixes-lfi-xss-open-redirect' into 'dev'Mario2022-03-2310-47/+47
|\ | | | | | | | | Security fixes See merge request hubzilla/core!2017
| * CVE-2022-27256: Open redirect via rpath query param.Harald Eilertsen2022-03-2010-27/+27
| | | | | | | | | | | | | | | | Don't follow urls to external sites when submitting forms from the settings modules. This mitigates an Open Redirect vulnerability where an attacker could trick a user to go to an attacker controlled destination. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
| * CVE-2022-27258: XSS via rpath query param.Harald Eilertsen2022-03-2010-20/+20
| | | | | | | | | | | | | | | | | | | | Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
* | add the signing algo to zotinfo, and store it in import_xchan() if presentMario2022-03-202-0/+9
|/
* make sure an announce does not overwrite an item we already have and make ↵Mario2022-03-111-0/+7
| | | | sure it will be a toplevel post
* whitespaceMario2022-03-101-35/+35
|
* support for hs2019Mario2022-03-102-16/+61
|
* move attachments to the topMario2022-03-051-5/+5
|
* fix regressionMario2022-03-041-2/+2
|
* streamline event activity handlingMario2022-03-041-11/+80
|
* port some ap quirks from the addonMario2022-03-041-15/+50
|
* more work on enhanced content filtersMario2022-03-032-3/+39
|
* collect the accept headers in an arrayMario2022-03-031-2/+6
|
* Merge branch 'dev' of https://framagit.org/hubzilla/core into devMario2022-03-021-2/+2
|\
| * Merge branch 't0rum-master-patch-68993' into 'master'Mario2022-03-011-2/+2
| | | | | | | | | | | | | | | | | | Typo in Setup.php prevents users from using Postgres See merge request hubzilla/core!2014 (cherry picked from commit 0e2e9321025f87fe9587f3d183adaea6185e4e20) d384f55d Typo in Setup.php prevents users from using Postgres
* | port some peertube tweeks from pubcrawl to lib/activityMario2022-03-021-20/+47
|/
* enhanced content filtersMario2022-03-015-75/+230
|
* make gprobe deal with URLs, fix issue in get_actor_protocols and fix missing ↵Mario2022-02-283-15/+41
| | | | author issue if wall2wall comment arrives and author is not yet known
* widget descriptions and add content region to all pdl files for convenienceMario2022-02-2334-59/+190
|
* this was required for old style forum posts only and should not be needed ↵Mario2022-02-211-9/+11
| | | | anymore
* do not require network for forums widgetMario2022-02-211-1/+0
|
* remove deprecated widgets and add some more widget descriptionsMario2022-02-2127-166/+148
|
* merge branch pdledit_gui into dev - many widgets still miss their ↵Mario2022-02-2011-9/+612
| | | | description and requirements (this is work in progress)