| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2010-10-26 | Set cookies with "secure" flag on SSL sites. Improves security.testing | Craig Andrews | |
| 2010-10-25 | Forgot to add the OAuth verifier pin page to sensitive array | Zach Copley | |
| 2010-10-25 | We don't need to have editapplication (only showapplication) in the | Zach Copley | |
| sensitive array because it doesn't expose the consumer keypair | |||
| 2010-10-25 | Add OAuth token exchange endpoint to 'sensitive' array; i.e.: use SSL if | Zach Copley | |
| available | |||
| 2010-10-22 | Additional fixes found while looking at ticket #2532: when given a screen ↵ | Brion Vibber | |
| name as API parameter for a profile, do the nickname lookup on local users only. The profile table can't guarantee unique lookups, so using names isn't currently safe there. This won't affect anything using local nicknames correctly, and may avoid some weird bugs if there were conflicts between local and remote nicknames. | |||
| 2010-10-22 | Fix for ticket #2532: fixed API block create/destroy when specifying the ↵ | Brion Vibber | |
| target user/profile as a separate query parameter, such as api/blocks/create.xml?param=xxx The router settings weren't quite right so we ended up with bogus regex values passed in as the 'id' parameter, which broke the regular fallback ordering of parameter checks. | |||
| 2010-10-22 | Normalize HTML body ids to lowercase when the user is logged out as well. | Zach Copley | |
| 2010-10-21 | Workaround for http_build_query() oddities in low-level router parent code ↵ | Brion Vibber | |
| when PHP config is set with non-default separator. | |||
| 2010-10-21 | Re-camelcase ApiOauthAuthorizeAction so it will be accessible when | Zach Copley | |
| a site is in pivate mode | |||
| 2010-10-21 | Normalize all action HTML body ids to lowercase | Zach Copley | |
| 2010-10-21 | Change OAuth authorization page's action name to be inline with | Zach Copley | |
| other web page action names so the body id outputs correctly. Fix some other bugs. | |||
| 2010-10-21 | Merge branch '0.9.x' of git@gitorious.org:statusnet/mainline into 0.9.x | Zach Copley | |
| 2010-10-21 | Fix syntax error | Zach Copley | |
| 2010-10-21 | i18n/L10n updates, translator docs updated, superfluous whitespace removed. | Siebrand Mazeland | |
| 2010-10-20 | Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x | Zach Copley | |
| Conflicts: actions/apioauthauthorize.php lib/apioauthstore.php | |||
| 2010-10-20 | Use a new table (oauth_token_association) to associate authorized | Zach Copley | |
| request tokins with OAuth client applications and profiles. | |||
| 2010-10-21 | * translator documentation added. | Siebrand Mazeland | |
| * moved some translator comments that were not directly above the line with the message to the correct location. * i18n for UI text. * superfluous whitespace removed. | |||
| 2010-10-20 | Fix for ticket #2845: singleuser nickname configuration was being overridden ↵ | Brion Vibber | |
| by site owner in router setup. I've consolidated the checks for which user to use for single-user mode into User::singleUser(), which now uses the configured nickname by preference, falling back to the site owner if it's unset. This is now called consistently from the places that needed to use the primary user's nickname in routing setup. Setting $config['singleuser']['nickname'] should now work again as expected. | |||
| 2010-10-20 | Add FIXME | Siebrand Mazeland | |
| 2010-10-20 | * i18n/L10n fixes. | Siebrand Mazeland | |
| * translator documentation updated/added. * superfluous whitespace removed. | |||
| 2010-10-20 | Merge branch '0.9.x' of git://gitorious.org/statusnet/mainline into 0.9.x | Siebrand Mazeland | |
| 2010-10-20 | Fix nasty bug in parameter for e-mail notification for favourite. | Siebrand Mazeland | |
| 2010-10-19 | Merge branch 'anon-consumer' into 0.9.x | Zach Copley | |
| 2010-10-19 | Add support for an anonymous OAuth consumer. Note: this requires a | Zach Copley | |
| small DB tweak. Oauth_application_user needs to have the primary compound key: (profile_id, application_id, token). http://status.net/open-source/issues/2761 This should also make it possible to have multiple access tokens per application. http://status.net/open-source/issues/2788 | |||
| 2010-10-20 | More complete sentence and translator documentation added. | Siebrand Mazeland | |
| 2010-10-20 | Many i18n/L10n updates and lots of descriptions for translators added. | Siebrand Mazeland | |
| 2010-10-19 | Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x | Zach Copley | |
| 2010-10-19 | OAuth - better log messages | Zach Copley | |
| 2010-10-18 | Bump version/string: 0.9.6 "Man on the Moon" | Brion Vibber | |
| 2010-10-18 | fix notice on non-https views | Brion Vibber | |
| 2010-10-18 | default for nofollow external is sometimes | Evan Prodromou | |
| 2010-10-18 | options to nofollow external links in notices | Evan Prodromou | |
| 2010-10-14 | Merge branch '2828' into 0.9.x | Brion Vibber | |
| 2010-10-14 | Fix for ticket #2828: apostrophe in site name set in installer created a ↵ | Brion Vibber | |
| broken config.php. Now running values through var_export() before putting them into the config.php, ensuring strings will be properly quoted. | |||
| 2010-10-14 | document and default for site|ssllogo | Evan Prodromou | |
| 2010-10-14 | fix copy-and-paste error in javascript url creation | Evan Prodromou | |
| 2010-10-14 | make the logo be compatible with HTTPS pages, if possible | Evan Prodromou | |
| 2010-10-14 | Make HTTPS urls in File::url() if necessary | Evan Prodromou | |
| 2010-10-14 | correctly use sslserver if it is set | Evan Prodromou | |
| 2010-10-14 | use HTTPS for scripts and stylesheets if the current page is HTTPS | Evan Prodromou | |
| 2010-10-14 | show HTTPS urls for JavaScript if HTTPS used for page | Evan Prodromou | |
| 2010-10-14 | consolidate some theme path code between ssl and non-ssl | Evan Prodromou | |
| 2010-10-14 | use HTTPS for favicon.ico if page is HTTPS | Evan Prodromou | |
| 2010-10-14 | try to show HTTPS-encrypted theme files for HTTPS-encrypted pages | Evan Prodromou | |
| 2010-10-14 | try and show an SSL image for the creative commons image | Evan Prodromou | |
| 2010-10-14 | add static method StatusNet::isHTTPS() | Evan Prodromou | |
| 2010-10-13 | Merge remote branch 'gitorious/0.9.x' into 0.9.x | Evan Prodromou | |
| 2010-10-13 | Clean up remote avatar temporary files if we fail before saving them into ↵ | Brion Vibber | |
| avatars directory (OMB core, OStatus, WikiHowProfile, YammerImport) | |||
| 2010-10-12 | Merge branch 'oauth-1.0a' into 0.9.x | Zach Copley | |
| 2010-10-12 | Spelling - OAuth not Oath | Zach Copley | |
 |
index : statusnet/lukeshus-statusnet | |
| Unnamed repository; edit this file 'description' to name the repository. | git-mirror |
| summaryrefslogtreecommitdiff |