Commit Graph

241 Commits

Author SHA1 Message Date
Eugen Rochko 4a2ee43e80 Fix #457 - escape JSON in INITIAL_STATE (this bug only ever allowed a user to xss themselves rather than anyone else) 2017-01-12 03:54:50 +01:00
Effy Elden f876a8681d Update the Mastodon repository URL from Gargron/ to tootsuite/ in various places 2017-01-11 13:24:14 +11:00
Eugen 67a31454ad Merge pull request #450 from blackle/master
simplify emojification on public pages with .emojify class
2017-01-10 12:21:06 +01:00
blackle 917cf0bf5d simplify emojification on public pages with .emojify class 2017-01-09 22:41:47 -05:00
Eugen Rochko 205ba00017 Fix sandboxed iOS login again 2017-01-09 19:43:53 +01:00
Eugen Rochko 75f80bef10 Persist UI settings, add missing localizations for German 2017-01-09 14:00:55 +01:00
Eugen Rochko 23ebf60b95 Improve initialState loading 2017-01-09 12:37:53 +01:00
Eugen Rochko 1bfbce7b45 Clean up h-card mess of divs 2017-01-06 20:24:51 +01:00
Eugen Rochko 72c3a41bef Fix h-card classes and remote follow button appearing when it shouldn't 2017-01-06 20:15:24 +01:00
Greg V 18deeb9db5 Add Microformats2 markup
h-feed, h-card and h-entry
2017-01-06 18:10:10 +03:00
Effy Elden 819bfb75c6 Add twitter:card metatag to enable Twitter Cards support 2017-01-06 09:47:40 +11:00
Eugen Rochko f79ba2de83 Fix admin UI not loading JS, make sure to strip "acct:" out of remote account's usernames when authorizing follow 2017-01-02 22:31:10 +01:00
Eugen Rochko 8f47f6a7ec Adding remote follow button 2017-01-01 19:54:34 +01:00
Eugen Rochko a302e56f9a Add API for retrieving favourites 2016-12-29 20:33:26 +01:00
Eugen Rochko 49834a6e7f Add API for retrieving blocked accounts 2016-12-29 20:12:32 +01:00
Eugen Rochko 8724094ed0 Support remote follow request providing URL instead of acct 2016-12-29 17:23:27 +01:00
Eugen Rochko d7dc84439c Add ability to use remote follow function on other sites 2016-12-29 16:54:54 +01:00
Eugen Rochko eca6110fc4 Add preferences for follow request notification e-mails 2016-12-26 22:04:16 +01:00
Eugen Rochko 2146ac91a0 Follow requests send e-mail notifications, but are excluded from notifications API
Better initial state for unlisted/nsfw toggles
2016-12-26 21:52:03 +01:00
Eugen Rochko 3689c119f0 Replacing follow requests in the settings area with in-UI column 2016-12-26 21:33:51 +01:00
Eugen Rochko 004382e4d0 Adding follow requests API 2016-12-26 19:30:45 +01:00
Eugen Rochko 3282448878 Fix #86 - resolve layout breaking on zoom-out on accounts grid 2016-12-26 18:48:33 +01:00
Eugen Rochko 26f969665d Fix alignment 2016-12-23 00:45:16 +01:00
Eugen Rochko b302b9202b Add page for authorizing/rejecting follow requests 2016-12-23 00:04:52 +01:00
Eugen Rochko 9d42bff285 Hide follow/unfollow button from public page if follow already requested 2016-12-22 23:07:46 +01:00
Eugen Rochko b891a81008 Follow call on locked account creates follow request instead
Reflect "requested" relationship in API and UI
Reflect inability of private posts to be reblogged in the UI
Disable Webfinger for locked accounts
2016-12-22 23:03:57 +01:00
Eugen Rochko 2d2154ba75 Add "locked" flag to accounts, prevent blocked users from following, force-unfollow blocked users 2016-12-22 21:34:19 +01:00
Eugen Rochko 80e02b90e4 Private visibility on statuses prevents non-followers from seeing those
Filters out hidden stream entries from Atom feed
Blocks now generate hidden stream entries, can be used to federate blocks
Private statuses cannot be reblogged (generates generic 422 error for now)
POST /api/v1/statuses now takes visibility=(public|unlisted|private) param instead of unlisted boolean
Statuses JSON now contains visibility=(public|unlisted|private) field
2016-12-21 20:04:13 +01:00
Eugen Rochko 587bf6820e Improved launcher icon on Android 2016-12-21 00:28:57 +01:00
Eugen Rochko e09d3a2c66 Fix #249 - use window.location hack to let people login from sandboxed iOS homescreen 2016-12-21 00:13:13 +01:00
Eugen Rochko 0542773bca Make unfavouriting async to prevent timeout errors from leaving orphaned records behind 2016-12-19 09:12:29 +01:00
Eugen Rochko 5ae1b39ec9 Adjusting public display of statuses to look similar to logged-in UI,
fix #361 with rich OEmbed display via iframe, fix #237 by hiding sensitive
content behind a spoiler on public pages
2016-12-18 19:47:11 +01:00
Eugen Rochko aed25932b5 Add OEmbed iframe HTML, convert emojis on public pages, increase size of attachment thumbnails 2016-12-18 15:20:39 +01:00
Eugen Rochko 6de079a5af Removing external hub completely, fix #333 fixing digit-only hashtags,
removing web app capability from non-webapp pages
2016-12-18 12:24:37 +01:00
Eugen Rochko c4ffffbeed Add a better cropped image 2016-12-15 01:07:58 +01:00
Eugen Rochko 642e464670 Adding art by cutewitchirl, open graph tags for about page 2016-12-15 00:59:49 +01:00
Eugen Rochko 76ec907993 Improved admin UI 2016-12-13 13:42:10 +01:00
Eugen Rochko 6c60757e99 Improve images in opengraph meta tags 2016-12-09 12:08:39 +01:00
Eugen Rochko c8e0ceed56 Fix OpenGraph meta tags 2016-12-09 11:56:27 +01:00
Eugen Rochko f978b06dd1 Add suspend account functionality to admin UI 2016-12-06 18:22:59 +01:00
Eugen Rochko 39cc9fde8a Add account suspension 2016-12-05 22:59:30 +01:00
Eugen Rochko 64d109dc0e Downsize originals in media attachments, small fixes 2016-12-05 17:13:44 +01:00
Eugen Rochko 9d9f796130 Adding more to admin accounts UI 2016-12-04 18:10:40 +01:00
Eugen Rochko d236dcded2 Fix public tags page 2016-12-04 16:56:45 +01:00
Eugen Rochko f763e844e8 Do not use expiring links after all 2016-12-04 13:02:43 +01:00
Eugen Rochko 24e692b0cf Set a specific S3 expiration time so that files can be cached 2016-12-04 12:58:35 +01:00
Eugen Rochko 80c44ed9c1 Do not autoplay videos, display play button instead. Use expiring links when using S3. Do not keep originals
for avatars/headers, resize avatars down to 120x120 instead of 300x300. Set cache headers on S3 stuff, also
make it private (aka only accessible via expiring links to prevent hotlinking)
2016-12-04 12:28:10 +01:00
Eugen Rochko 5abf64d647 Add "next" pagination to public profiles 2016-12-03 19:30:13 +01:00
Eugen Rochko ec44cff9a2 Admin accounts page lists accounts 2016-12-03 19:08:07 +01:00
Eugen Rochko 1d0321fc45 Fix pt translations, improve pre-cache queries, removing will_paginate
from accounts/tags because it's a terribly inefficient way to paginate
large sets of data
2016-12-01 16:26:25 +01:00
Eugen bdf7d8f8fd Fix opengraph preview image 2016-12-01 01:56:43 +01:00
Eugen Rochko 6ff93845d5 Add basic OEmbed provider API, fix #247 2016-11-30 23:01:03 +01:00
Eugen Rochko 14bd46946d Per-status control for unlisted mode, also federation for unlisted mode
Fix #233, fix #268
2016-11-30 21:34:59 +01:00
Eugen Rochko 356d3874eb Normalize localizations, add stub for admin/accounts 2016-11-30 15:32:26 +01:00
Eugen Rochko 4a2347da41 Track successful PuSH deliveries 2016-11-30 15:24:57 +01:00
Eugen Rochko 27fc49d745 Add simple admin overview of PuSH subscriptions 2016-11-28 18:45:13 +01:00
Eugen Rochko 2d2c81765b Adding embedded PuSH server 2016-11-28 13:36:47 +01:00
Eugen Rochko 71401659b8 Fix #65 - Options to block notifications from people you don't follow/who don't follow you 2016-11-25 13:13:16 +01:00
Eugen Rochko b6ee2fb1c6 Add some OpenGraph tags to public statuses 2016-11-24 18:28:10 +01:00
Eugen Rochko 0603971894 Adding sensitive marker to statuses in API 2016-11-23 10:46:48 +01:00
Eugen Rochko 1788164352 Local accounts can control "silenced" attribute which removes them from public timeline 2016-11-21 23:06:41 +01:00
Eugen Rochko 7abbb02824 Fix #163 - No need for Safari chrome on iOS 2016-11-21 22:33:44 +01:00
Eugen Rochko f88ca4a206 Performance improvement for notifications API 2016-11-21 16:10:42 +01:00
Eugen Rochko da2ef4d676 Adding unified streamable notifications 2016-11-20 19:39:58 +01:00
Eugen Rochko 39533190c2 Display human names of locales in dropdown 2016-11-19 00:19:57 +01:00
Eugen Rochko 7b7bf834e9 Fix OAuth authorization page and add a spec for it 2016-11-18 23:10:44 +01:00
Eugen Rochko 116ab27e08 i18n for devise mailer too 2016-11-16 18:25:21 +01:00
Eugen Rochko 2c766bd4b4 Add user locale setting 2016-11-16 17:56:31 +01:00
Eugen Rochko 546c4718e7 Localizations for most server-side strings 2016-11-16 00:55:33 +01:00
Eugen Rochko 3ce6ac0ce2 Adding some localizations 2016-11-15 23:02:57 +01:00
Eugen Rochko a4313224d9 Improve how public status pages look slightly 2016-11-15 18:45:54 +01:00
Eugen Rochko 3f54fba0d3 Use privacy policy from Discourse 2016-11-13 19:35:45 +01:00
Eugen Rochko d42ed78aa4 Fix #110 - Make web UI use browser history, change links in e-mails to link to that 2016-11-13 14:02:34 +01:00
Eugen Rochko ca3b364aea Fix #122 - Add microformats-2 classes to mention links 2016-11-10 01:19:33 +01:00
Eugen Rochko 9aecc0f48a Move timelines API from statuses to its own controller, add a check for
resources that require a user context vs those that don't (such as public timeline)

/api/v1/statuses/public   -> /api/v1/timelines/public
/api/v1/statuses/home     -> /api/v1/timelines/home
/api/v1/statuses/mentions -> /api/v1/timelines/mentions
/api/v1/statuses/tag/:tag -> /api/v1/timelines/tag/:tag
2016-11-08 23:29:08 +01:00
Eugen Rochko 23fc424b7a Account notes (bios) can now contain links. Character limit upped to 160 2016-11-07 01:14:12 +01:00
Eugen Rochko a698b767c1 Fix linking of remote hashtags in UI, add public view of hashtags 2016-11-05 17:44:14 +01:00
Eugen Rochko 48b9619439 Adding hashtags 2016-11-05 17:13:14 +01:00
Eugen Rochko 4ea13d8dc9 Fix web app manifests 2016-11-04 14:19:58 +01:00
Eugen Rochko 159203a7bc Fix #136: Add aria-labels 2016-11-03 19:19:39 +01:00
Eugen Rochko 1828df9bc0 Disable accounts caching too 2016-11-03 19:06:11 +01:00
Eugen Rochko abf664b560 Disable caching of statuses (maybe this will help with the weird bug) 2016-11-03 18:55:55 +01:00
Eugen Rochko e4671adc25 Fix reblogged/favourited caching; add API endpoints for who favd/reblogged status 2016-11-03 14:50:22 +01:00
Eugen Rochko c003e70758 Caching should work correctly now (fingers crossed) 2016-11-03 14:12:45 +01:00
Eugen Rochko 562044f36a Need to disable caching again due to bug in Rabl 2016-11-03 13:59:31 +01:00
Eugen Rochko 0160d1d9b5 Enable caching for some rabl views 2016-11-03 13:28:36 +01:00
Eugen bc1dba22c5 Fix syntax errors 2016-11-02 17:13:47 +01:00
Frederic Hemberger e7cd6da938 Add touch icons for Chrome, iOS and Windows 10 2016-11-02 16:05:08 +01:00
Frederic Hemberger d991869498 a11y: Add HTML lang attribute and utf8 encoding meta tag
See: https://dequeuniversity.com/rules/axe/2.1/html-has-lang
2016-11-02 11:01:18 +01:00
Eugen Rochko dd03118098 Fix follow icon changing plus to minus, add terms page stub 2016-11-01 18:05:55 +01:00
Eugen Rochko 57304ac375 Catch 404 errors when downloading remote media, add screenshot to landing page 2016-11-01 16:58:13 +01:00
Eugen Rochko e0a197650a Adding common followers API, fixing fallback query again 2016-10-29 01:29:19 +02:00
Eugen Rochko b746a931a5 Fix OAuth authorization redirect 2016-10-23 12:05:55 +02:00
Eugen Rochko a9e40a3d80 Adding OAuth access scopes, fixing OAuth authorization UI, adding rate limiting
to the API
2016-10-22 19:39:44 +02:00
Eugen Rochko aea151a0de Fix #97 - plain text version of devise e-mails 2016-10-18 16:39:21 +02:00
Eugen Rochko 43df35213e Improving all forms 2016-10-18 16:37:15 +02:00
Eugen Rochko 2e0a38d07c Added e-mail edit field to settings, proper format default for webfinger 2016-10-18 03:34:26 +02:00
Eugen Rochko d5e086a47b Adding application/jrd+json webfinger resource 2016-10-18 02:54:49 +02:00
Eugen Rochko de1f3aab86 Fix #16 - Optimize n+1 queries when checking reblogged/favourited values for status lists in API 2016-10-16 19:10:16 +02:00
Eugen Rochko e21a3fe0cd Adding sync of follow relationships to Neo4J, accounts/suggestions API 2016-10-14 23:10:07 +02:00