zotlabs
c2c4e427a8
add plugin route registration, deprecate/remove plugin_module() functionality
2018-07-04 18:18:35 -07:00
zotlabs
bf405df4ed
cleanup of jsalmon, return hubloc with verification success to save a lookup
2018-06-28 20:25:43 -07:00
zotlabs
f51dd5c3e3
more z6 heavy lifting
2018-06-25 20:55:53 -07:00
zotlabs
8222b02495
more zot6 heavy lifting
2018-06-24 18:54:29 -07:00
zotlabs
7cb88e27a9
missed this first time through
2018-06-19 22:09:49 -07:00
zotlabs
e00bae8bb6
httpsig refactor
2018-06-19 19:33:50 -07:00
zotlabs
915c50064c
consolidate directory functions into libzotdir
2018-06-04 23:19:16 -07:00
zotlabs
6dcad87ae8
make refresh packet work
2018-05-30 20:32:59 -07:00
zotlabs
111bb93462
basic communication
2018-05-29 21:08:52 -07:00
zotlabs
d101ea88ca
more zot6 work
2018-05-23 21:48:19 -07:00
zotlabs
27ce7c11bd
lots more zot6 work
2018-05-22 23:20:29 -07:00
zotlabs
bd079166d7
Merge branch 'master' into zapp
2018-04-23 18:22:44 -07:00
zotlabs
66d72d9870
as_fetch depends on the pubcrawl plugin, but is referenced in core. Ensure that it doesn't chuck a wobbly if the function isn't found. This is undergoing significant revision for zot6 so this action is considered a short-term workaround until that work work stabilises.
2018-04-22 22:10:15 -07:00
zotlabs
5eff476469
verify the sig
2018-04-22 19:49:26 -07:00
zotlabs
19888b95cc
draft-cavage issues
2018-04-15 21:04:09 -07:00
zotlabs
b13328140f
accept system_language through either get or post
2018-04-12 18:21:34 -07:00
Klaus Weidenbach
7c28a40c3e
✅ Unit Test for HTTPSig.
2018-02-28 16:04:13 +01:00
zotlabs
cd1e5d4171
zot6 testing
2018-02-08 16:22:10 -08:00
zotlabs
beec49847f
missing quote
2018-02-08 15:45:33 -08:00
zotlabs
e4503f743e
logging
2018-02-08 15:36:22 -08:00
zotlabs
635c5e532b
z6 testing
2018-02-08 15:32:54 -08:00
zotlabs
4c27fa5c37
debug the crypto function
2018-02-07 22:04:53 -08:00
zotlabs
b41c5f3497
Merge branch 'master' into z6
2018-02-05 15:58:28 -08:00
zotlabs
858a6270d5
simplify webserver logic flow, remove obsolete $a from router
2018-01-18 15:36:46 -08:00
zotlabs
2de1285121
z6 deliver
2018-01-16 18:15:58 -08:00
zotlabs
eb3e43feec
cleanup of last fix
2018-01-13 14:08:15 -08:00
zotlabs
08bea83c03
unexpected openssl result
2018-01-13 13:45:33 -08:00
Matthew Dent
ef952a41b3
Fix whitespace formatting
2017-12-23 11:09:37 -05:00
M.Dent
e7f6cd2cfa
fix dupe bug in content hooks
2017-12-23 10:58:51 -05:00
Mario Vavti
a79b268438
fix typo in HTTPSig
2017-12-04 08:57:07 +01:00
Klaus Weidenbach
1a737be2b4
💡 Improving Doxygen documentation.
...
Fix some Doxygen parsing errors.
Improve hooks documentation.
2017-11-03 23:04:27 +01:00
zotlabs
e6c166a182
sort out the notification ids
2017-10-12 11:36:25 -07:00
Mario Vavti
991db280be
experimental new notifications - needs pconfig experimental_notif set to 1 for your channel to work.
2017-10-08 17:19:29 +02:00
git-marijus
98e0534984
Merge pull request #862 from waitman/patch-4
...
prevent 'my_address' being set with bogus info
2017-09-28 11:01:01 +02:00
zotlabs
9d7a88b40d
move the Link header initialisation from Router (where it does not really belong) to Webserver, where we do similar module specific initialisations prior to calling Router->Dispatch()
2017-09-25 23:14:02 -07:00
zotlabs
3648f9952c
typo
2017-09-24 17:08:38 -07:00
zotlabs
866dc9a9b3
For zot6, allow HTTP Signatures to be encrypted, as they may contain sensitive (envelope, metadata) information.
2017-09-24 16:46:52 -07:00
zotlabs
6bd35ef740
log the lack of http sig info
2017-09-21 18:29:41 -07:00
zotlabs
6e9e267b27
provide a space between link header params
2017-09-20 23:57:44 -07:00
zotlabs
24a9c3ba79
add more signature logging
2017-09-20 21:20:00 -07:00
zotlabs
7b060dff68
add HTTP link header to channel page, making it pluggable
2017-09-20 19:12:23 -07:00
Waitman Gobble
b3c805d7d0
prevent 'my_address' being set with bogus info
...
After a user has authenticated, it is possible to set my_address in $_SESSION to 'anything' using zid= parameter in URL - if user is authenticated then zid is never set. This change kills the authenticated switch if a person sends a new zid through for processing, which will trigger remote authentication.
2017-09-18 06:02:14 -05:00
zotlabs
b5966041be
more zot6
2017-09-13 20:40:01 -07:00
zotlabs
61f339a874
owa - first commit
2017-09-07 17:56:02 -07:00
zotlabs
d58f965b9a
some more prep work for Zot VI - some of this will need to be undone or at least re-arranged later but we need to bootstrap a test environment.
2017-09-04 22:35:54 -07:00
zotlabs
4adf2caaa6
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_merge
2017-09-03 17:17:20 -07:00
zotlabs
db82d303e2
only validate headers that aren't "spoofable", which will be somewhat implementation dependent.
2017-09-03 17:12:42 -07:00
Mario Vavti
e935473c5c
add combined index for item.uid and item.item_unseen. this speeds up notifications by a magnitude.
2017-09-01 21:27:59 +02:00
zotlabs
ae8cdc3b42
some changes after testing server-to-server magic auth
2017-08-31 21:38:03 -07:00
zotlabs
6d87311394
now letsencrypt is creating a .htaccess file with re-write rules which kills most of our .well-known routes
2017-08-31 17:47:32 -07:00
zotlabs
f436ec6f21
some issues with mod_display on very first anonymous page visit (prior to any browser cookies being set)
2017-08-30 18:55:56 -07:00
zotlabs
18c57eeaa0
httpsig - return an array with all the different signing possibilities enumerated
2017-08-20 18:30:12 -07:00
zotlabs
f2589cc820
mv HTTPSig to core - so we can use it as an auth method
2017-08-17 22:43:24 -07:00
zotlabs
e9679d251c
more work on activitypub httpsignature verification
2017-08-14 22:40:29 -07:00
zotlabs
323ab3dba4
get rid of some more deprecated uses of $a
2017-03-28 17:00:44 -07:00
zotlabs
046e5e239f
remove obsolete app argument from load_pdl
2017-03-28 16:07:22 -07:00
zotlabs
a2e1019978
move db_upgrade to zlib
2017-03-23 21:49:20 -07:00
zotlabs
8783ccfd72
move admin permission decision out of the router - it is already provided in the module and the higher level check is causing some oembed redirect issues.
2017-02-25 16:22:09 -08:00
zotlabs
8897c5763a
typo
2017-02-15 10:55:53 -08:00
zotlabs
07d92796d2
provide HTTP header parser which honours continuation lines and despite the fact that continuation lines have been deprecated - as they still exist in the wild.
2017-02-14 20:57:14 -08:00
zotlabs
23303391e0
move dreamhost hack to plugin
2017-02-01 22:45:03 -08:00
zotlabs
8029f56d1c
router error reporting
2016-12-09 12:38:53 -08:00
Klaus Weidenbach
7b41839ea8
[TASK] Update Doxyfile and fix Doxygen errors.
...
Updated Doxyfile to include new folders.
Add a list for @hooks tags.
Fixed some parsing problems for Doxygen.
2016-10-13 11:27:23 +02:00
redmatrix
ce6e81c682
more backticks
2016-10-03 21:48:53 -07:00
redmatrix
884bb60c7d
document the SubModule class and provide an option to change where the submodule name is located in the url path
2016-09-06 16:40:38 -07:00
redmatrix
bedc7b7b69
use SubModule class for generalising submodules, move back to the zotlabs/module hierarchy
2016-09-05 18:11:00 -07:00
redmatrix
80e4338314
missing s
2016-07-26 19:28:28 -07:00
redmatrix
db176eec40
set App::$error on 404 so we don't get two 'Page not found.' page bodies.
2016-07-26 17:24:17 -07:00
redmatrix
f3eb9af046
more ZAT work
2016-07-14 19:43:47 -07:00
redmatrix
fb36561a68
force non-null sess_data
2016-07-11 13:27:44 -07:00
redmatrix
415a8d1e01
channel homepage not providing content when javascript disabled
2016-06-21 19:42:08 -07:00
redmatrix
212d8b6cfd
support cookie auth in Sabre DAV
2016-06-14 20:30:34 -07:00
redmatrix
dfb6255f59
more removal of reserved words from DB schemas
2016-05-31 17:50:47 -07:00
redmatrix
096fdfc61b
consolidate all the sys_boot functionality that is common between the web server and the cli daemon manager. Get rid of yet another global variable ($default_timezone) whilst doing so.
2016-05-26 16:33:01 -07:00
redmatrix
516c43ba15
more work associated with DBA and index.php shuffle
2016-05-24 17:54:45 -07:00
redmatrix
84ba6393ad
relocate index and db
2016-05-24 16:36:55 -07:00
redmatrix
ada26dd2cb
This explains it all. Don't set the domain when creating a cookie. You'll get a wildcard and sessions will break if you have multiple domains running hubzilla (or any php basic session based code).
2016-05-18 21:00:31 -07:00
redmatrix
f4b31dcb3a
Document what I know about the session regeneration issue. I'm really tired of fighting this darn thing. Sessions and cookies need to work.
2016-05-18 20:36:03 -07:00
redmatrix
c17b47518d
comment out session_regenerate until we get this sorted
2016-05-18 17:55:22 -07:00
redmatrix
1f7e6cae82
Revert "Revert "yet more session work""
...
This reverts commit 37d14f3a1d
.
2016-05-18 17:03:54 -07:00
redmatrix
37d14f3a1d
Revert "yet more session work"
...
This reverts commit 51edd472c2
.
2016-05-18 17:02:46 -07:00
redmatrix
20cb4130d4
support work for a long-term fix for issue #390 , essentially one can specify a theme:schema string anywhere a theme is input. It will be honoured unless an existing schema setting over-rides this behaviour. This should also be backward compatible but the theme selection code has been cleaned up slightly and there may be subtle differences in behaviour after this commit. On my site this required a page refresh as the first page load after this change was a bit confused.
2016-05-17 17:46:30 -07:00
redmatrix
51edd472c2
yet more session work
2016-05-16 22:01:33 -07:00
redmatrix
883b1ff513
an issue related to #386
2016-05-16 19:23:42 -07:00
redmatrix
2dcedd6951
more work on sessions and cookies, as some anomalies appeared in caldav and firefox which suggested deeper issues
2016-05-16 17:07:39 -07:00
redmatrix
18a9831cd3
restrict static to the one function that requires it
2016-05-16 13:46:35 -07:00
redmatrix
605c05fc8b
changes to session for cdev compatibility
2016-05-16 02:03:15 -07:00
redmatrix
0c5434d5e3
try again with shutdown handler, fix issue #373 (live-pubstream div wasn't present
2016-05-10 01:30:22 -07:00
redmatrix
692e41c41e
provide a way for the router to support custom controller objects and allow plugins to register class objects as modules instead of the traditional procedural interface.
2016-04-21 16:09:25 -07:00
redmatrix
657b34c012
change the 404 warning from the router to reflect the new architecture
2016-04-20 22:50:59 -07:00
redmatrix
5eb594706b
make the cookie check agnostic to cookie state
2016-04-20 22:17:02 -07:00
redmatrix
2b0a04ea9e
revert the reversal of checkjs logic, but still restrict the behaviour scope to just those urls that require it
2016-04-20 22:10:00 -07:00
redmatrix
966773cdbb
pull in the new object router and a few selected samples for the new controller layout
2016-04-17 19:55:36 -07:00
redmatrix
b57f69d14d
cleanup and test of new router
2016-04-15 20:43:05 -07:00
redmatrix
07650b4646
get init() working with class modules
2016-04-15 16:13:55 -07:00
redmatrix
aaa327ca05
testing the new router/module code
2016-04-15 01:25:15 -07:00
redmatrix
9a0b61e4af
refactor the js detection into a checkjs class which is only enabled on demand (currently only the channel and display pages). Will probably require a bit more work to hide/disable the cover photo when js is disabled. Have not actually tested without js to discover any other potential page issues. Have only confirmed that the detection class works and redirects to set a jsdisabled cookie and reload the page with that cookie+variable set if called from the channel page.
2016-04-13 16:31:06 -07:00
redmatrix
91cc365143
reverse the logic of the jsenabled setting so that sessions without js are performance penalised instead of regular sessions.
2016-04-12 22:55:26 -07:00
redmatrix
be654f1769
Important work on the sessionhandler to maintain compatibility with php7 and php5x (x > 4)
...
Merge branch 'master' into dev
2016-04-12 19:40:19 -07:00
redmatrix
202035fc68
move all DB session storage logic to SessionHandler where it belongs
2016-04-11 19:19:58 -07:00