about summary refs log tree commit diff
path: root/app
AgeCommit message (Collapse)Author
2018-10-22Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
Conflicts: - .github/ISSUE_TEMPLATE/bug_report.md Took our version. - CONTRIBUTING.md Updated the embedded copy of upstream's version. - README.md Took our version. - app/policies/status_policy.rb Not a real conflict, took code from both. - app/views/layouts/embedded.html.haml Added upstream's changes (dns-prefetch) and fixed `%body.embed` - app/views/settings/preferences/show.html.haml Reverted some of upstream changes, as we have a page dedicated for flavours and skins. - config/initializers/content_security_policy.rb Kept our version of the CSP. - config/initializers/doorkeeper.rb Not a real conflict, took code from both.
2018-10-22RTL: remove blank character inside bdi (#9038)Masoud Abkenar
* RTL: remove blank character inside bdi * Update app/javascript/mastodon/components/display_name.js Co-Authored-By: mabkenar <ampbox@gmail.com>
2018-10-21Fix og:url on toots' public view (#9047)ThibG
Fixes #9045
2018-10-21RTL: fix cardbar margins and alignment (#9044)Masoud Abkenar
2018-10-21RTL: fix admin account avatar margin in about page (#9039)Masoud Abkenar
* RTL: fix admin account avatar margin in about page * fix code style
2018-10-21Put a video camera emoji or a picture frame emoji instead of “.”Thibaut Girka
This uses the same logic as the status icons in the glitch flavor.
2018-10-21Do not move CWs to toot body when toot body is emptyThibaut Girka
Fixes #395 Instead of leaving the toot body blank, it replaces it with a single “.” in order for the fold/unfold CW behavior to not look *too* weird on upstream Mastodon. Note that this does not fix upstream's CW-dropping behavior, as that is decided at the time the toot is posted, not received.
2018-10-21Attempt at fixing inline video playerThibaut Girka
2018-10-21Update mediaGallery component's width when opening CWsThibaut Girka
2018-10-21RTL: fix column settings toggle label (#9037)Masoud Abkenar
2018-10-21Fix domain label position and color (#9033)kedama
* Fix position of the domain label * Fix position of the domain label for RTL - Fix color mismatch of linear gradient which assigned to "::after" pseudo class
2018-10-20Force sensitive content flag when posting a toot with a CWThibaut Girka
Indeed, when the “Always enable the Content Warning field” setting is enabled, sending a content-less toot with a CW would move the CW to the toot's content and leave the toot not marked as sensitive.
2018-10-20Focus the UI when pressing Escape in the CW fieldThibaut Girka
2018-10-20Add option to block reports from domain (#8830)Eugen Rochko
2018-10-20Add "disable" button to report screen (#9024)Eugen Rochko
* Add "disable" button to report screen * i18n-tasks remove-unused
2018-10-20Redesign direct messages column (#9022)Eugen Rochko
2018-10-20RTL: fix preferences layout (#9021)Masoud Abkenar
2018-10-19Fix admin account avatar margin (#9020)bsky
2018-10-19RTL: fix user stats in about page (#9018)Masoud Abkenar
2018-10-19Add unread indicator to conversations (#9009)Eugen Rochko
2018-10-19fix: initial state of PrivacyDropdown is should not be null (#9008)takayamaki
2018-10-18RTL: fix domain append at signup form (#9007)Masoud Abkenar
2018-10-18Fix fav/boosts hotkeys not working on detailed statuses (#9006)ThibG
2018-10-18Fix fav/boosts hotkeys not working on detailed statusesThibaut Girka
2018-10-18RTL: fix admin account margins in about page (#9005)Masoud Abkenar
2018-10-17Do not show "limited" visibility in default visibility preference (#8999)Eugen Rochko
* Do not show "limited" visibility in default visibility preference Fix regression from #8950 * Fix code style issue
2018-10-17Improve support for aspects/circles (#8950)Eugen Rochko
* Add silent column to mentions * Save silent mentions in ActivityPub Create handler and optimize it Move networking calls out of the database transaction * Add "limited" visibility level masked as "private" in the API Unlike DMs, limited statuses are pushed into home feeds. The access control rules between direct and limited statuses is almost the same, except for counter and conversation logic * Ensure silent column is non-null, add spec * Ensure filters don't check silent mentions for blocks/mutes As those are "this person is also allowed to see" rather than "this person is involved", therefore does not warrant filtering * Clean up code * Use Status#active_mentions to limit returned mentions * Fix code style issues * Use Status#active_mentions in Notification And remove stream_entry eager-loading from Notification
2018-10-17Handle global hotkeys even when no element has focus (#8998)ThibG
This fixes hotkeys not working when pressing the column “back” button, for instance.
2018-10-16always allow DMs from staff (#8993)Quint Guvernator
2018-10-16Improve form for selecting media display preference (#8965)Eugen Rochko
Regression from #8569
2018-10-15Fixes 8987 broken alignment at "Remote interaction dialog" (#8988)Masoud Abkenar
2018-10-15undo part of PR 8202 to fix RTL (#8979)Masoud Abkenar
2018-10-14Handle alt+enter in the spoiler input as shortcut for secondary postThibaut Girka
Fixes #780
2018-10-13Improve style of notice/alert messages (#8973)Eugen Rochko
2018-10-13Weblate translations (2018-10-12) (#8972)Eugen Rochko
* Translated using Weblate (Welsh) Currently translated at 64.4% (448 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/cy/ * Translated using Weblate (Arabic) Currently translated at 98.0% (682 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ar/ * Translated using Weblate (French) Currently translated at 99.9% (695 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/fr/ * Translated using Weblate (Arabic) Currently translated at 94.3% (82 of 87 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/ar/ * Translated using Weblate (Welsh) Currently translated at 88.7% (297 of 335 strings) Translation: Mastodon/React Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/cy/ * Translated using Weblate (French) Currently translated at 100.0% (335 of 335 strings) Translation: Mastodon/React Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fr/ * Translated using Weblate (French) Currently translated at 100,0% (87 of 87 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/fr/ * Translated using Weblate (Czech) Currently translated at 100.0% (335 of 335 strings) Translation: Mastodon/React Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/cs/ * Translated using Weblate (Czech) Currently translated at 100.0% (87 of 87 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/cs/ * Translated using Weblate (Czech) Currently translated at 99.9% (695 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/cs/ * Translated using Weblate (Persian) Currently translated at 100.0% (335 of 335 strings) Translation: Mastodon/React Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/fa/ * Translated using Weblate (Arabic) Currently translated at 94.6% (88 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/ar/ * Translated using Weblate (Arabic) Currently translated at 100.0% (335 of 335 strings) Translation: Mastodon/React Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ar/ * Translated using Weblate (Czech) Currently translated at 100.0% (93 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/cs/ * Translated using Weblate (Galician) Currently translated at 100,0% (93 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/gl/ * Translated using Weblate (Galician) Currently translated at 100,0% (696 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/gl/ * Translated using Weblate (Greek) Currently translated at 100.0% (93 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/el/ * Translated using Weblate (Greek) Currently translated at 98.8% (331 of 335 strings) Translation: Mastodon/React Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/el/ * Translated using Weblate (Greek) Currently translated at 99.7% (694 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/el/ * Translated using Weblate (Persian) Currently translated at 100.0% (93 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/fa/ * Translated using Weblate (Czech) Currently translated at 99.9% (695 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/cs/ * Translated using Weblate (French) Currently translated at 100,0% (93 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/fr/ * Translated using Weblate (French) Currently translated at 99.9% (695 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/fr/ * Translated using Weblate (Japanese) Currently translated at 99.4% (692 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ja/ * Translated using Weblate (Corsican) Currently translated at 100.0% (93 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/co/ * Translated using Weblate (Corsican) Currently translated at 99.9% (695 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/co/ * Translated using Weblate (German) Currently translated at 99.6% (693 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/de/ * Translated using Weblate (German) Currently translated at 100,0% (93 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/de/ * Translated using Weblate (Japanese) Currently translated at 99.4% (692 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ja/ * Translated using Weblate (Japanese) Currently translated at 99.9% (695 of 696 strings) Translation: Mastodon/Backend Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/backend/ja/ * Translated using Weblate (Japanese) Currently translated at 100.0% (335 of 335 strings) Translation: Mastodon/React Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/frontend/ja/ * Translated using Weblate (Japanese) Currently translated at 94.6% (88 of 93 strings) Translation: Mastodon/Preferences Translate-URL: https://weblate.joinmastodon.org/projects/mastodon/simple_form/ja/ * i18n-tasks normalize * yarn manage:translations
2018-10-12Fix auto-unfold CWs when no regexp is setThibaut Girka
Fixes #778
2018-10-12Allow selecting both default flavour and themeThibaut Girka
Fixes #672
2018-10-12Improve signature verification safeguards (#8959)Eugen Rochko
* Downcase signed_headers string before building the signed string The HTTP Signatures draft does not mandate the “headers” field to be downcased, but mandates the header field names to be downcased in the signed string, which means that prior to this patch, Mastodon could fail to process signatures from some compliant clients. It also means that it would not actually check the Digest of non-compliant clients that wouldn't use a lowercased Digest field name. Thankfully, I don't know of any such client. * Revert "Remove dead code (#8919)" This reverts commit a00ce8c92c06f42109aad5cfe65d46862cf037bb. * Restore time window checking, change it to 12 hours By checking the Date header, we can prevent replaying old vulnerable signatures. The focus is to prevent replaying old vulnerable requests from software that has been fixed in the meantime, so a somewhat long window should be fine and accounts for timezone misconfiguration. * Escape users' URLs when formatting them Fixes possible HTML injection * Escape all string interpolations in Formatter class Slightly improve performance by reducing class allocations from repeated Formatter#encode calls * Fix code style issues
2018-10-12Display customized mascot in web UI and fix admin form for it (#8964)Eugen Rochko
Follow-up to #8766
2018-10-12Fix missing protocol in dns-prefetch, improve code style (#8963)Eugen Rochko
Regression from #8942
2018-10-12Fix microformats on statuses according to updated spec (#8958)Eugen Rochko
2018-10-12Fix type of conversation ID in conversations API (#8961)Eugen Rochko
2018-10-12Improve signature verification safeguards (#8959)Eugen Rochko
* Downcase signed_headers string before building the signed string The HTTP Signatures draft does not mandate the “headers” field to be downcased, but mandates the header field names to be downcased in the signed string, which means that prior to this patch, Mastodon could fail to process signatures from some compliant clients. It also means that it would not actually check the Digest of non-compliant clients that wouldn't use a lowercased Digest field name. Thankfully, I don't know of any such client. * Revert "Remove dead code (#8919)" This reverts commit a00ce8c92c06f42109aad5cfe65d46862cf037bb. * Restore time window checking, change it to 12 hours By checking the Date header, we can prevent replaying old vulnerable signatures. The focus is to prevent replaying old vulnerable requests from software that has been fixed in the meantime, so a somewhat long window should be fine and accounts for timezone misconfiguration. * Escape users' URLs when formatting them Fixes possible HTML injection * Escape all string interpolations in Formatter class Slightly improve performance by reducing class allocations from repeated Formatter#encode calls * Fix code style issues
2018-10-11Merge pull request #775 from ThibG/glitch-soc/merge-upstreamThibG
Merge upstream changes
2018-10-11Set Content-Security-Policy rules through RoR's config (#8957)ThibG
* Set CSP rules in RoR's configuration * Override CSP setting in the embed controller to allow frames
2018-10-11Merge commit 'ac7df62a0441b95ec04fd9111a9394795dd53ff2' into ↵Thibaut Girka
glitch-soc/merge-upstream
2018-10-11Fix typo in ActivityPub Create handler (#8952)Eugen Rochko
Regression from #8951
2018-10-11Do not push DMs into the home feed (#8940)Eugen Rochko
* Do not push DMs into the home feed * Show DMs column after sending a DM, if DMs column is not already shown
2018-10-11Move network calls out of transaction in ActivityPub handler (#8951)Eugen Rochko
Mention and emoji code may perform network calls, but does not need to do that inside the database transaction. This may improve availability of database connections when using pgBouncer in transaction mode.
2018-10-10Really fix HotKeysThibaut Girka