Streams/streams
Streams/streams
1
0
Fork 0
mirror of https://codeberg.org/streams/streams.git synced 2024-09-20 17:35:12 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
22585 commits 7 branches 30 tags 160 MiB
Commit graph

138 commits

Author SHA1 Message Date
zotlabs
eb3e43feec cleanup of last fix 2018-01-13 14:08:15 -08:00
zotlabs
08bea83c03 unexpected openssl result 2018-01-13 13:45:33 -08:00
Matthew Dent
ef952a41b3
Fix whitespace formatting 2017-12-23 11:09:37 -05:00
M.Dent
e7f6cd2cfa fix dupe bug in content hooks 2017-12-23 10:58:51 -05:00
Mario Vavti
a79b268438 fix typo in HTTPSig 2017-12-04 08:57:07 +01:00
Klaus Weidenbach
1a737be2b4 💡 Improving Doxygen documentation. 
Fix some Doxygen parsing errors.
Improve hooks documentation.
 2017-11-03 23:04:27 +01:00
zotlabs
e6c166a182 sort out the notification ids 2017-10-12 11:36:25 -07:00
Mario Vavti
991db280be experimental new notifications - needs pconfig experimental_notif set to 1 for your channel to work. 2017-10-08 17:19:29 +02:00
git-marijus
98e0534984 Merge pull request #862 from waitman/patch-4 
prevent 'my_address' being set with bogus info
 2017-09-28 11:01:01 +02:00
zotlabs
9d7a88b40d move the Link header initialisation from Router (where it does not really belong) to Webserver, where we do similar module specific initialisations prior to calling Router->Dispatch() 2017-09-25 23:14:02 -07:00
zotlabs
3648f9952c typo 2017-09-24 17:08:38 -07:00
zotlabs
866dc9a9b3 For zot6, allow HTTP Signatures to be encrypted, as they may contain sensitive (envelope, metadata) information. 2017-09-24 16:46:52 -07:00
zotlabs
6bd35ef740 log the lack of http sig info 2017-09-21 18:29:41 -07:00
zotlabs
6e9e267b27 provide a space between link header params 2017-09-20 23:57:44 -07:00
zotlabs
24a9c3ba79 add more signature logging 2017-09-20 21:20:00 -07:00
zotlabs
7b060dff68 add HTTP link header to channel page, making it pluggable 2017-09-20 19:12:23 -07:00
Waitman Gobble
b3c805d7d0 prevent 'my_address' being set with bogus info 
After a user has authenticated, it is possible to set my_address in $_SESSION to 'anything' using zid= parameter in URL - if user is authenticated then zid is never set. This change kills the authenticated switch if a person sends a new zid through for processing, which will trigger remote authentication.
 2017-09-18 06:02:14 -05:00
zotlabs
b5966041be more zot6 2017-09-13 20:40:01 -07:00
zotlabs
61f339a874 owa - first commit 2017-09-07 17:56:02 -07:00
zotlabs
d58f965b9a some more prep work for Zot VI - some of this will need to be undone or at least re-arranged later but we need to bootstrap a test environment. 2017-09-04 22:35:54 -07:00
zotlabs
4adf2caaa6 Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_merge 2017-09-03 17:17:20 -07:00
zotlabs
db82d303e2 only validate headers that aren't "spoofable", which will be somewhat implementation dependent. 2017-09-03 17:12:42 -07:00
Mario Vavti
e935473c5c add combined index for item.uid and item.item_unseen. this speeds up notifications by a magnitude. 2017-09-01 21:27:59 +02:00
zotlabs
ae8cdc3b42 some changes after testing server-to-server magic auth 2017-08-31 21:38:03 -07:00
zotlabs
6d87311394 now letsencrypt is creating a .htaccess file with re-write rules which kills most of our .well-known routes 2017-08-31 17:47:32 -07:00
zotlabs
f436ec6f21 some issues with mod_display on very first anonymous page visit (prior to any browser cookies being set) 2017-08-30 18:55:56 -07:00
zotlabs
18c57eeaa0 httpsig - return an array with all the different signing possibilities enumerated 2017-08-20 18:30:12 -07:00
zotlabs
f2589cc820 mv HTTPSig to core - so we can use it as an auth method 2017-08-17 22:43:24 -07:00
zotlabs
e9679d251c more work on activitypub httpsignature verification 2017-08-14 22:40:29 -07:00
zotlabs
323ab3dba4 get rid of some more deprecated uses of $a 2017-03-28 17:00:44 -07:00
zotlabs
046e5e239f remove obsolete app argument from load_pdl 2017-03-28 16:07:22 -07:00
zotlabs
a2e1019978 move db_upgrade to zlib 2017-03-23 21:49:20 -07:00
zotlabs
8783ccfd72 move admin permission decision out of the router - it is already provided in the module and the higher level check is causing some oembed redirect issues. 2017-02-25 16:22:09 -08:00
zotlabs
8897c5763a typo 2017-02-15 10:55:53 -08:00
zotlabs
07d92796d2 provide HTTP header parser which honours continuation lines and despite the fact that continuation lines have been deprecated - as they still exist in the wild. 2017-02-14 20:57:14 -08:00
zotlabs
23303391e0 move dreamhost hack to plugin 2017-02-01 22:45:03 -08:00
zotlabs
8029f56d1c router error reporting 2016-12-09 12:38:53 -08:00
Klaus Weidenbach
7b41839ea8 [TASK] Update Doxyfile and fix Doxygen errors. 
Updated Doxyfile to include new folders.
Add a list for @hooks tags.
Fixed some parsing problems for Doxygen.
 2016-10-13 11:27:23 +02:00
redmatrix
ce6e81c682 more backticks 2016-10-03 21:48:53 -07:00
redmatrix
884bb60c7d document the SubModule class and provide an option to change where the submodule name is located in the url path 2016-09-06 16:40:38 -07:00
redmatrix
bedc7b7b69 use SubModule class for generalising submodules, move back to the zotlabs/module hierarchy 2016-09-05 18:11:00 -07:00
redmatrix
80e4338314 missing s 2016-07-26 19:28:28 -07:00
redmatrix
db176eec40 set App::$error on 404 so we don't get two 'Page not found.' page bodies. 2016-07-26 17:24:17 -07:00
redmatrix
f3eb9af046 more ZAT work 2016-07-14 19:43:47 -07:00
redmatrix
fb36561a68 force non-null sess_data 2016-07-11 13:27:44 -07:00
redmatrix
415a8d1e01 channel homepage not providing content when javascript disabled 2016-06-21 19:42:08 -07:00
redmatrix
212d8b6cfd support cookie auth in Sabre DAV 2016-06-14 20:30:34 -07:00
redmatrix
dfb6255f59 more removal of reserved words from DB schemas 2016-05-31 17:50:47 -07:00
redmatrix
096fdfc61b consolidate all the sys_boot functionality that is common between the web server and the cli daemon manager. Get rid of yet another global variable ($default_timezone) whilst doing so. 2016-05-26 16:33:01 -07:00
redmatrix
516c43ba15 more work associated with DBA and index.php shuffle 2016-05-24 17:54:45 -07:00
redmatrix
84ba6393ad relocate index and db 2016-05-24 16:36:55 -07:00
redmatrix
ada26dd2cb This explains it all. Don't set the domain when creating a cookie. You'll get a wildcard and sessions will break if you have multiple domains running hubzilla (or any php basic session based code). 2016-05-18 21:00:31 -07:00
redmatrix
f4b31dcb3a Document what I know about the session regeneration issue. I'm really tired of fighting this darn thing. Sessions and cookies need to work. 2016-05-18 20:36:03 -07:00
redmatrix
c17b47518d comment out session_regenerate until we get this sorted 2016-05-18 17:55:22 -07:00
redmatrix
1f7e6cae82 Revert "Revert "yet more session work"" 
This reverts commit 37d14f3a1d.
 2016-05-18 17:03:54 -07:00
redmatrix
37d14f3a1d Revert "yet more session work" 
This reverts commit 51edd472c2.
 2016-05-18 17:02:46 -07:00
redmatrix
20cb4130d4 support work for a long-term fix for issue #390, essentially one can specify a theme:schema string anywhere a theme is input. It will be honoured unless an existing schema setting over-rides this behaviour. This should also be backward compatible but the theme selection code has been cleaned up slightly and there may be subtle differences in behaviour after this commit. On my site this required a page refresh as the first page load after this change was a bit confused. 2016-05-17 17:46:30 -07:00
redmatrix
51edd472c2 yet more session work 2016-05-16 22:01:33 -07:00
redmatrix
883b1ff513 an issue related to #386 2016-05-16 19:23:42 -07:00
redmatrix
2dcedd6951 more work on sessions and cookies, as some anomalies appeared in caldav and firefox which suggested deeper issues 2016-05-16 17:07:39 -07:00
redmatrix
18a9831cd3 restrict static to the one function that requires it 2016-05-16 13:46:35 -07:00
redmatrix
605c05fc8b changes to session for cdev compatibility 2016-05-16 02:03:15 -07:00
redmatrix
0c5434d5e3 try again with shutdown handler, fix issue #373 (live-pubstream div wasn't present 2016-05-10 01:30:22 -07:00
redmatrix
692e41c41e provide a way for the router to support custom controller objects and allow plugins to register class objects as modules instead of the traditional procedural interface. 2016-04-21 16:09:25 -07:00
redmatrix
657b34c012 change the 404 warning from the router to reflect the new architecture 2016-04-20 22:50:59 -07:00
redmatrix
5eb594706b make the cookie check agnostic to cookie state 2016-04-20 22:17:02 -07:00
redmatrix
2b0a04ea9e revert the reversal of checkjs logic, but still restrict the behaviour scope to just those urls that require it 2016-04-20 22:10:00 -07:00
redmatrix
966773cdbb pull in the new object router and a few selected samples for the new controller layout 2016-04-17 19:55:36 -07:00
redmatrix
b57f69d14d cleanup and test of new router 2016-04-15 20:43:05 -07:00
redmatrix
07650b4646 get init() working with class modules 2016-04-15 16:13:55 -07:00
redmatrix
aaa327ca05 testing the new router/module code 2016-04-15 01:25:15 -07:00
redmatrix
9a0b61e4af refactor the js detection into a checkjs class which is only enabled on demand (currently only the channel and display pages). Will probably require a bit more work to hide/disable the cover photo when js is disabled. Have not actually tested without js to discover any other potential page issues. Have only confirmed that the detection class works and redirects to set a jsdisabled cookie and reload the page with that cookie+variable set if called from the channel page. 2016-04-13 16:31:06 -07:00
redmatrix
91cc365143 reverse the logic of the jsenabled setting so that sessions without js are performance penalised instead of regular sessions. 2016-04-12 22:55:26 -07:00
redmatrix
be654f1769 Important work on the sessionhandler to maintain compatibility with php7 and php5x (x > 4) 
Merge branch 'master' into dev
 2016-04-12 19:40:19 -07:00
redmatrix
202035fc68 move all DB session storage logic to SessionHandler where it belongs 2016-04-11 19:19:58 -07:00
Mario Vavti
482962648f whitespace 2016-04-11 11:01:53 +02:00
redmatrix
d1a2aecfa0 move more session related stuff such as paranoia handling (IP address changes) into the session object and extend remember_me cookies once a day so that they will never expire (theoretically). The DB session driver will extend its expiration on every session write (in the case of persistent sessions). 2016-04-10 19:20:41 -07:00
redmatrix
abfbe9c937 a few issues: block public not blocking mod_cal, typo in sql for one clone file sync operation, fix_system_urls not catching cached contact photos, extend sessionhandler expiration when remember_me is enabled as the stored session is expiring long before the browser session. 2016-04-10 16:56:08 -07:00
redmatrix
c0bdcfedeb log if the session handler fails and surface the ssl_cookie config setting 2016-04-08 05:10:36 -07:00
redmatrix
9b66b5eee3 objectify all the session management stuff 2016-04-08 04:44:10 -07:00
redmatrix
d09694587d typo in router 2016-04-02 13:52:16 -07:00
redmatrix
9abd95fad3 static App 2016-03-31 16:06:03 -07:00
redmatrix
1cd3b41825 deprecate $a->get_baseurl() 2016-03-30 22:13:24 -07:00
redmatrix
1258f9bb21 turn 'OpenGraph' into a more general purpose HTTP meta facility for setting any meta header 2016-03-08 16:06:58 -08:00
redmatrix
76467b5a35 allow modules/addons to override the og:title field 2016-03-07 15:11:11 -08:00
redmatrix
d5db25808a Facebook scraper "OpenGraph" support; modules will need to set the required fields (type, image, url) as well as any desired optional or type specific fields. We will set the title during pagebuild. 2016-03-07 15:03:53 -08:00
redmatrix
b101a8f6fb missing function 2016-02-24 11:20:46 -08:00
redmatrix
1db3409f36 add router class 2016-02-19 16:19:15 -08:00