summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2010-03-26Return an http auth error, when a client sends in an invalid auth user, even ↵Zach Copley
when http auth is not required.
2010-03-26Drop debug statements on every regex match from Blacklist plugin; filling ↵Brion Vibber
the logs a little faster than ops likes. :)
2010-03-26move base64_url_(encode|decode) to static functions in MagicsigJames Walker
2010-03-25add whitelist and blacklist for openid URLsEvan Prodromou
2010-03-25Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testingEvan Prodromou
2010-03-25remove debugging callsEvan Prodromou
2010-03-25And clarify a little moreBrion Vibber
2010-03-25Clarify RewriteBase comment in htaccess.sampleBrion Vibber
2010-03-25Merge commit 'origin/master' into testingBrion Vibber
Conflicts: classes/Notice.php
2010-03-25Merge branch 'blacklisttable' into testingEvan Prodromou
2010-03-25Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testingEvan Prodromou
2010-03-25Store blacklist patterns in their own tablesEvan Prodromou
We were bumping into limits on the config format in the Blacklist plugin. So, added new tables for nickname and homepage blacklists, and changed the plugin to use those instead of config file (actually, still uses config file in addition, for compatibility).
2010-03-24Fix for API group methods, caused failure or output corruption when pulling ↵Brion Vibber
up local groups by name in api/statusnet/groups/is_member.json/xml
2010-03-24Fix for API group methods, caused failure or output corruption when pulling ↵Brion Vibber
up local groups by name in api/statusnet/groups/is_member.json/xml
2010-03-24Make sure we're requiring the libraryJames Walker
2010-03-24Updated Math_Biginteger from upstream - removing safe* workaroundsJames Walker
2010-03-24Check for 0.9.0 bad keys from old Crypt_RSA libraryJames Walker
2010-03-24A bit safer checking in the keypair parsingJames Walker
2010-03-24Look for the first object in the ActivityZach Copley
2010-03-23Improve legibility of OStatus remote tests outputBrion Vibber
2010-03-23add a general PuSHed post and an @-reply back to a subscribee by name to ↵Brion Vibber
OStatus remote test cases
2010-03-23fixup_deletions.php script to look for notices posted by now-deleted ↵Brion Vibber
profiles and remove them.
2010-03-23fixup_deletions.php script to look for notices posted by now-deleted ↵Brion Vibber
profiles and remove them.
2010-03-23Add basic subscribe/unsubscribe test to OStatus test casesBrion Vibber
2010-03-23Don't spew XML parse warnings to output when checking a remote XRD pageBrion Vibber
2010-03-23FOAF was missing OStatus remote subscriptions, now fixed.Brion Vibber
2010-03-23Merge branch 'master' of git@gitorious.org:statusnet/mainline into testingBrion Vibber
2010-03-23Consistently send Profiles into Fave::addNew()Brion Vibber
2010-03-23prevent password login actions in OpenID-only modeEvan Prodromou
2010-03-23Don't add PHPSESSID parameter onto notice and conversation URIs if we save a ↵Brion Vibber
notice during a session override. This was being triggered by welcomebot messages created at account creation time, then propagated through replies.
2010-03-23change router to allow hooking path connectionsEvan Prodromou
2010-03-23start making OpenID-only mode workEvan Prodromou
2010-03-23reformat OpenIDPlugin for PHPCSEvan Prodromou
2010-03-22Fix reference. Look at the first ActivityObject in the list.Zach Copley
2010-03-22Some initial media parsingZach Copley
- Activity now returns a list of activity objects - Processing of photo objects
2010-03-22Merge branch 'testing' of gitorious.org:statusnet/mainline into testingZach Copley
* 'testing' of gitorious.org:statusnet/mainline: OStatus remote sending test cases. Doesn't actually run within PHPUnit right now, must be run from command line -- specify base URLs to two StatusNet sites that will be able to communicate with each other. Math_BigInteger doesn't correctly handle serialization/deserialization for a value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached. Log backtraces for non-ClientException exceptions caught at the top-level handler. Confirm there's actually user and domain portions of acct string before assigning things from output of explode(); avoids notice message when invalid input passed to main/xrd Fixing HTTP Header LRDD parsing (sites in subdirectories need this) Replace the "give up and dump object" attachment view fallback with a client-side redirect to the target URL, which will at least be useful. ignore unrecognized object types Pull <atom:author> info as well as <activity:actor> when we have an old-style ActivityStreams feed. This fixes subscription setup for Cliqset feeds, which currently have a bogus activity:actor/atom:id but a good atom:author/atom:uri Accept 'tag' and other non-http id URIs in Ostatus_profile::getActivityObjectProfileURI().
2010-03-22OStatus remote sending test cases. Doesn't actually run within PHPUnit right ↵Brion Vibber
now, must be run from command line -- specify base URLs to two StatusNet sites that will be able to communicate with each other. Current test run includes: * register accounts (via web form) * local post * @-mention using path (@domain/path/to/user) Subscriptions, webfinger mentions, various paths to subscription and unsubscription, etc to come.
2010-03-22Math_BigInteger doesn't correctly handle serialization/deserialization for a ↵Brion Vibber
value of 0, which can end up spewing notices to output and otherwise intefering with Salmon signature setup and verification when using memcached. Worked around this with a subclass that fixes the wakeup, used for the stored 0 value in the subclassed Crypt_RSA.
2010-03-22Log backtraces for non-ClientException exceptions caught at the top-level ↵Brion Vibber
handler.
2010-03-22Confirm there's actually user and domain portions of acct string before ↵Brion Vibber
assigning things from output of explode(); avoids notice message when invalid input passed to main/xrd
2010-03-22Replace the "give up and dump object" attachment view fallback with a ↵Brion Vibber
client-side redirect to the target URL, which will at least be useful.
2010-03-22Fixing HTTP Header LRDD parsing (sites in subdirectories need this)James Walker
2010-03-22Replace the "give up and dump object" attachment view fallback with a ↵Brion Vibber
client-side redirect to the target URL, which will at least be useful.
2010-03-22ignore unrecognized object typesEvan Prodromou
2010-03-21Fix broken assertionZach Copley
2010-03-21Pull <atom:author> info as well as <activity:actor> when we have an ↵Brion Vibber
old-style ActivityStreams feed. This fixes subscription setup for Cliqset feeds, which currently have a bogus activity:actor/atom:id but a good atom:author/atom:uri
2010-03-21Accept 'tag' and other non-http id URIs in ↵Brion Vibber
Ostatus_profile::getActivityObjectProfileURI(). (If there's not a valid ID we fall back to the link, which we do still validate as http/s.)
2010-03-21OStatus profile setup cleanupBrion Vibber
* drop OStatusPlugin::localProfileFromUrl(), we can just look up on user.uri * clean up a few edge cases that returned null through Ostatus_profile::ensure* code paths, now throws clear exception when we can't find a feed from the given profile url * add some doc comments on the ensure* methods
2010-03-21only use Posterous author data if it matches the profile URLEvan Prodromou
2010-03-20use Posterous element if available for RssChannel discoveryEvan Prodromou