From 8c96fd4967348449d93904fc59326447aeb1cd02 Mon Sep 17 00:00:00 2001
From: Aditoo17 <42938951+Aditoo17@users.noreply.github.com>
Date: Wed, 5 Sep 2018 01:50:06 +0200
Subject: Add Czech language option and locale data (#8594)

* Added Czech language option

* Added Czech language option

* Add Czech locale data

* Delete duplicate locale-data/cs.js

Duplicate locale-data is ignored in Mastodon.

see https://github.com/tootsuite/mastodon/blob/v2.5.0/config/webpack/generateLocalePacks.js#L25-L35
---
 app/helpers/settings_helper.rb | 1 +
 1 file changed, 1 insertion(+)

(limited to 'app')

diff --git a/app/helpers/settings_helper.rb b/app/helpers/settings_helper.rb
index fc03fcf82..ed873ceed 100644
--- a/app/helpers/settings_helper.rb
+++ b/app/helpers/settings_helper.rb
@@ -8,6 +8,7 @@ module SettingsHelper
     bg: 'Български',
     ca: 'Català',
     co: 'Corsu',
+    cs: 'Čeština',
     cy: 'Cymraeg',
     da: 'Dansk',
     de: 'Deutsch',
-- 
cgit 


From 0c5db3163a2599013252a75d488518fcf88aad65 Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Fri, 7 Sep 2018 01:18:46 +0200
Subject: Fix dropdown arrow position (#8637)

---
 app/javascript/styles/mastodon/components.scss | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'app')

diff --git a/app/javascript/styles/mastodon/components.scss b/app/javascript/styles/mastodon/components.scss
index c2965a5d7..24fb77d98 100644
--- a/app/javascript/styles/mastodon/components.scss
+++ b/app/javascript/styles/mastodon/components.scss
@@ -1666,14 +1666,14 @@ a.account__display-name {
 
   &.top {
     bottom: -5px;
-    margin-left: -13px;
+    margin-left: -7px;
     border-width: 5px 7px 0;
     border-top-color: $ui-secondary-color;
   }
 
   &.bottom {
     top: -5px;
-    margin-left: -13px;
+    margin-left: -7px;
     border-width: 0 7px 5px;
     border-bottom-color: $ui-secondary-color;
   }
-- 
cgit 


From 10680f93e7d6333d43aabc4c6f251a076120231c Mon Sep 17 00:00:00 2001
From: Sorin Davidoi <sorin.davidoi@protonmail.com>
Date: Fri, 7 Sep 2018 05:42:16 +0200
Subject: feat(auth/session_controller): Send Clear-Site-Data when logging out
 (#8627)

Will clear the browser's cache, cookies and storage.

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data
https://w3c.github.io/webappsec-clear-site-data/
---
 app/controllers/auth/sessions_controller.rb | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'app')

diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb
index 62b4a6377..b0d974ff8 100644
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@@ -10,6 +10,7 @@ class Auth::SessionsController < Devise::SessionsController
   prepend_before_action :authenticate_with_two_factor, if: :two_factor_enabled?, only: [:create]
   before_action :set_instance_presenter, only: [:new]
   before_action :set_body_classes
+  after_action :clear_site_data, only: [:destroy]
 
   def new
     Devise.omniauth_configs.each do |provider, config|
@@ -121,4 +122,10 @@ class Auth::SessionsController < Devise::SessionsController
     end
     paths
   end
+
+  def clear_site_data
+    # Should be '"*"' but that doen't work in Chrome (neither does '"executionContexts"')
+    # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data
+    response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage"'
+  end
 end
-- 
cgit 


From 7607f4778b0e9021d4ed6ebcafbff60e67e38e59 Mon Sep 17 00:00:00 2001
From: "Renato \"Lond\" Cerqueira" <renato@lond.com.br>
Date: Fri, 7 Sep 2018 05:43:09 +0200
Subject: Use animation config for avatar in profile pages (#8614)

Fixes #7380.
---
 app/views/accounts/_header.html.haml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'app')

diff --git a/app/views/accounts/_header.html.haml b/app/views/accounts/_header.html.haml
index 95e55a1b0..bfad49b6c 100644
--- a/app/views/accounts/_header.html.haml
+++ b/app/views/accounts/_header.html.haml
@@ -3,7 +3,10 @@
     = image_tag account.header.url, class: 'parallax'
   .public-account-header__bar
     = link_to short_account_url(account), class: 'avatar' do
-      = image_tag account.avatar.url
+      - if current_account&.user&.setting_auto_play_gif
+        = image_tag account.avatar_original_url
+      - else
+        = image_tag account.avatar_static_url
     .public-account-header__tabs
       .public-account-header__tabs__name
         %h1
-- 
cgit 


From 8fefcb86eacb469530fc52c6d03b74fe83c3d01d Mon Sep 17 00:00:00 2001
From: Sorin Davidoi <sorin.davidoi@protonmail.com>
Date: Sun, 9 Sep 2018 02:08:49 +0200
Subject: feat(css): Styled scrollbars in Firefox Nightly (#8653)

You currently need to enable `layout.css.scrollbar-colors.enabled` in `about:config` in Firefox
Nightly.
---
 app/javascript/styles/mastodon/reset.scss | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'app')

diff --git a/app/javascript/styles/mastodon/reset.scss b/app/javascript/styles/mastodon/reset.scss
index ff3b2c022..a140e8bc7 100644
--- a/app/javascript/styles/mastodon/reset.scss
+++ b/app/javascript/styles/mastodon/reset.scss
@@ -53,6 +53,11 @@ table {
   border-spacing: 0;
 }
 
+html {
+  scrollbar-face-color: lighten($ui-base-color, 4%);
+  scrollbar-track-color: rgba($base-overlay-background, 0.1);
+}
+
 ::-webkit-scrollbar {
   width: 12px;
   height: 12px;
-- 
cgit 


From 2492c12281e4fc692fc4f0fe9dc0abb0455b50d8 Mon Sep 17 00:00:00 2001
From: Evgeny Petrov <groosha@protonmail.com>
Date: Sun, 9 Sep 2018 04:38:13 +0300
Subject: RU: Translation fixes (#8652)

* RU: Fixed typos and wrong translations

* RU: Added missing "chosen_languages" string

* RU: Fixed translation for "Features" tab in Admin Dashboard

* Shortened "Mobile apps" string, lowercased "following" string (it needs plurals btw), fixed typo at "copy" string.

* Fixed "media only" string, shortened "Content warning" placeholder, edited "mute thread" translation

* RU: Fixed "Reply to all" translation, Re-worded "short description" translation
---
 app/javascript/mastodon/locales/ru.json |  8 ++++----
 config/locales/ru.yml                   | 22 +++++++++++-----------
 config/locales/simple_form.ru.yml       |  2 ++
 3 files changed, 17 insertions(+), 15 deletions(-)

(limited to 'app')

diff --git a/app/javascript/mastodon/locales/ru.json b/app/javascript/mastodon/locales/ru.json
index 83cbb5240..7499f03ea 100644
--- a/app/javascript/mastodon/locales/ru.json
+++ b/app/javascript/mastodon/locales/ru.json
@@ -63,7 +63,7 @@
   "column_header.show_settings": "Показать настройки",
   "column_header.unpin": "Открепить",
   "column_subheading.settings": "Настройки",
-  "community.column_settings.media_only": "Только медиа",
+  "community.column_settings.media_only": "Только с медиа",
   "compose_form.direct_message_warning": "Этот статус будет виден только упомянутым пользователям.",
   "compose_form.direct_message_warning_learn_more": "Узнать больше",
   "compose_form.hashtag_warning": "Этот пост не будет показывается в поиске по хэштегу, т.к. он непубличный. Только публичные посты можно найти в поиске по хэштегу.",
@@ -76,7 +76,7 @@
   "compose_form.sensitive.unmarked": "Медиафайлы не отмечены как чувствительные",
   "compose_form.spoiler.marked": "Текст скрыт за предупреждением",
   "compose_form.spoiler.unmarked": "Текст не скрыт",
-  "compose_form.spoiler_placeholder": "Напишите свое предупреждение здесь",
+  "compose_form.spoiler_placeholder": "Текст предупреждения",
   "confirmation_modal.cancel": "Отмена",
   "confirmations.block.confirm": "Заблокировать",
   "confirmations.block.message": "Вы уверены, что хотите заблокировать {name}?",
@@ -290,7 +290,7 @@
   "status.mention": "Упомянуть @{name}",
   "status.more": "Больше",
   "status.mute": "Заглушить @{name}",
-  "status.mute_conversation": "Заглушить тред",
+  "status.mute_conversation": "Заглушить всю цепочку",
   "status.open": "Развернуть статус",
   "status.pin": "Закрепить в профиле",
   "status.pinned": "Закреплённый статус",
@@ -300,7 +300,7 @@
   "status.reblogs.empty": "Никто ещё не продвинул этот статус. Как только кто-то это сделает, они появятся здесь.",
   "status.redraft": "Удалить и исправить",
   "status.reply": "Ответить",
-  "status.replyAll": "Ответить на тред",
+  "status.replyAll": "Ответить всем",
   "status.report": "Пожаловаться",
   "status.sensitive_toggle": "Нажмите для просмотра",
   "status.sensitive_warning": "Чувствительный контент",
diff --git a/config/locales/ru.yml b/config/locales/ru.yml
index f1b26236a..19771aefa 100644
--- a/config/locales/ru.yml
+++ b/config/locales/ru.yml
@@ -6,7 +6,7 @@ ru:
     about_this: Об этом узле
     administered_by: 'Администратор узла:'
     api: API
-    apps: Мобильные приложения
+    apps: Приложения
     closed_registrations: В данный момент регистрация на этом узле закрыта. Но вы можете найти другой узел, создать на нём учётную запись и получить доступ к той же сети оттуда.
     contact: Связаться
     contact_missing: Не установлено
@@ -51,7 +51,7 @@ ru:
       many: подписчиков
       one: подписчик
       other: подписчиков
-    following: Подписан(а)
+    following: подписки
     joined: 'Дата регистрации: %{date}'
     media: Медиа
     moved_html: "%{name} переехал(а) на %{new_profile_link}:"
@@ -206,7 +206,7 @@ ru:
     custom_emojis:
       by_domain: Домен
       copied_msg: Локальная копия эмодзи успешно создана
-      copy: Скопироват
+      copy: Копировать
       copy_failed_msg: Не удалось создать локальную копию эмодзи
       created_msg: Эмодзи успешно создано!
       delete: Удалить
@@ -231,11 +231,11 @@ ru:
     dashboard:
       backlog: задачи
       config: Конфигурация
-      feature_deletions: Аккаунтов удалено
+      feature_deletions: Удаление аккаунтов
       feature_invites: Пригласительные ссылки
-      feature_registrations: Регистрации
-      feature_relay: Ретрансляторов сети
-      features: Нововведения
+      feature_registrations: Регистрация
+      feature_relay: Ретрансляторы
+      features: Возможности
       hidden_service: Федерация со скрытыми сервисами
       open_reports: открытых жалоб
       recent_users: Недавние пользователи
@@ -300,7 +300,7 @@ ru:
       search: Поиск
       title: Известные узлы
     invites:
-      deactivate_all: Удалить все
+      deactivate_all: Отключить все
       filter:
         all: Все
         available: Актуальные
@@ -314,7 +314,7 @@ ru:
       inbox_url: URL ретранслятора
       pending: Ожидание подтверждения ретранслятора
       save_and_enable: Сохранить и включить
-      setup: Настроте соединение с ретранслятором
+      setup: Настроить соединение с ретранслятором
       status: Состояние
       title: Ретрансляторы
     report_notes:
@@ -405,7 +405,7 @@ ru:
         title: Расширенное описание узла
       site_short_description:
         desc_html: Отображается в боковой панели и в тегах. Опишите, что такое Mastodon и что делает именно этот узел особенным. Если пусто, используется описание узла по умолчанию.
-        title: Короткое описание узла
+        title: Краткое описание узла
       site_terms:
         desc_html: Вы можете добавить сюда собственную политику конфиденциальности, пользовательское соглашение и другие документы. Можно использовать теги HTML.
         title: Условия использования
@@ -791,7 +791,7 @@ ru:
       ownership: Нельзя закрепить чужой статус
       private: Нельзя закрепить непубличный статус
       reblog: Нельзя закрепить продвинутый статус
-    show_more: Подробнее
+    show_more: Ещё
     sign_in_to_participate: Войдите, чтобы принять участие в дискуссии
     title: '%{name}: "%{quote}"'
     visibilities:
diff --git a/config/locales/simple_form.ru.yml b/config/locales/simple_form.ru.yml
index 3ca176a1f..d1066b054 100644
--- a/config/locales/simple_form.ru.yml
+++ b/config/locales/simple_form.ru.yml
@@ -35,6 +35,8 @@ ru:
         data: Файл CSV, экспортированный с другого узла Mastodon
       sessions:
         otp: 'Введите код двухфакторной аутентификации, сгенерированный в мобильном приложении, или используйте один из Ваших кодов восстановления:'
+      user:
+        chosen_languages: Если выбрано, то в публичных лентах будут показаны только посты на выбранных языках
     labels:
       account:
         fields:
-- 
cgit 


From 2288d50a7bb4afcec4cfbcaa4b5cffaabd1df437 Mon Sep 17 00:00:00 2001
From: Eugen Rochko <eugen@zeonfederated.com>
Date: Sun, 9 Sep 2018 04:10:44 +0200
Subject: Add force_login option to OAuth authorize page (#8655)

* Add force_login option to OAuth authorize page

For when a user needs to sign into an app from multiple accounts
on the same server

* When logging out from modal header, redirect back after re-login
---
 app/controllers/api/base_controller.rb             |  4 ---
 app/controllers/application_controller.rb          |  4 +++
 app/controllers/auth/sessions_controller.rb        |  8 ++++++
 app/controllers/oauth/authorizations_controller.rb | 14 ++++++++++
 app/views/layouts/modal.html.haml                  |  2 +-
 spec/controllers/auth/sessions_controller_spec.rb  |  7 +++++
 .../oauth/authorizations_controller_spec.rb        | 32 +++++++++++++++++++---
 7 files changed, 62 insertions(+), 9 deletions(-)

(limited to 'app')

diff --git a/app/controllers/api/base_controller.rb b/app/controllers/api/base_controller.rb
index 0b3735087..90f42251e 100644
--- a/app/controllers/api/base_controller.rb
+++ b/app/controllers/api/base_controller.rb
@@ -53,10 +53,6 @@ class Api::BaseController < ApplicationController
     [params[:limit].to_i.abs, default_limit * 2].min
   end
 
-  def truthy_param?(key)
-    ActiveModel::Type::Boolean.new.cast(params[key])
-  end
-
   def current_resource_owner
     @current_user ||= User.find(doorkeeper_token.resource_owner_id) if doorkeeper_token
   end
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d266fa1bd..fb4283da3 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -58,6 +58,10 @@ class ApplicationController < ActionController::Base
 
   protected
 
+  def truthy_param?(key)
+    ActiveModel::Type::Boolean.new.cast(params[key])
+  end
+
   def forbidden
     respond_with_error(403)
   end
diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb
index b0d974ff8..bc980009e 100644
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@@ -28,8 +28,10 @@ class Auth::SessionsController < Devise::SessionsController
   end
 
   def destroy
+    tmp_stored_location = stored_location_for(:user)
     super
     flash.delete(:notice)
+    store_location_for(:user, tmp_stored_location) if continue_after?
   end
 
   protected
@@ -124,8 +126,14 @@ class Auth::SessionsController < Devise::SessionsController
   end
 
   def clear_site_data
+    return if continue_after?
+
     # Should be '"*"' but that doen't work in Chrome (neither does '"executionContexts"')
     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data
     response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage"'
   end
+
+  def continue_after?
+    truthy_param?(:continue)
+  end
 end
diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb
index e9cdf9fa8..cebbdc4d0 100644
--- a/app/controllers/oauth/authorizations_controller.rb
+++ b/app/controllers/oauth/authorizations_controller.rb
@@ -13,4 +13,18 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
   def store_current_location
     store_location_for(:user, request.url)
   end
+
+  def render_success
+    if skip_authorization? || (matching_token? && !truthy_param?('force_login'))
+      redirect_or_render authorize_response
+    elsif Doorkeeper.configuration.api_only
+      render json: pre_auth
+    else
+      render :new
+    end
+  end
+
+  def truthy_param?(key)
+    ActiveModel::Type::Boolean.new.cast(params[key])
+  end
 end
diff --git a/app/views/layouts/modal.html.haml b/app/views/layouts/modal.html.haml
index b73068459..2ef49e413 100644
--- a/app/views/layouts/modal.html.haml
+++ b/app/views/layouts/modal.html.haml
@@ -8,7 +8,7 @@
       .name
         = t 'users.signed_in_as'
         %span.username @#{current_account.local_username_and_domain}
-      = link_to destroy_user_session_path, method: :delete, class: 'logout-link icon-button' do
+      = link_to destroy_user_session_path(continue: true), method: :delete, class: 'logout-link icon-button' do
         = fa_icon 'sign-out'
 
   .container-alt= yield
diff --git a/spec/controllers/auth/sessions_controller_spec.rb b/spec/controllers/auth/sessions_controller_spec.rb
index 97719a606..b4f912717 100644
--- a/spec/controllers/auth/sessions_controller_spec.rb
+++ b/spec/controllers/auth/sessions_controller_spec.rb
@@ -30,6 +30,13 @@ RSpec.describe Auth::SessionsController, type: :controller do
 
         expect(response).to redirect_to(new_user_session_path)
       end
+
+      it 'does not delete redirect location with continue=true' do
+        sign_in(user, scope: :user)
+        controller.store_location_for(:user, '/authorize')
+        delete :destroy, params: { continue: 'true' }
+        expect(controller.stored_location_for(:user)).to eq '/authorize'
+      end
     end
 
     context 'with a suspended user' do
diff --git a/spec/controllers/oauth/authorizations_controller_spec.rb b/spec/controllers/oauth/authorizations_controller_spec.rb
index 91c2d03ef..a84260a54 100644
--- a/spec/controllers/oauth/authorizations_controller_spec.rb
+++ b/spec/controllers/oauth/authorizations_controller_spec.rb
@@ -5,23 +5,25 @@ require 'rails_helper'
 RSpec.describe Oauth::AuthorizationsController, type: :controller do
   render_views
 
-  let(:app) { Doorkeeper::Application.create!(name: 'test', redirect_uri: 'http://localhost/') }
+  let(:app) { Doorkeeper::Application.create!(name: 'test', redirect_uri: 'http://localhost/', scopes: 'read') }
 
   describe 'GET #new' do
     subject do
-      get :new, params: { client_id: app.uid, response_type: 'code', redirect_uri: 'http://localhost/' }
+      get :new, params: { client_id: app.uid, response_type: 'code', redirect_uri: 'http://localhost/', scope: 'read' }
     end
 
     shared_examples 'stores location for user' do
       it 'stores location for user' do
         subject
-        expect(controller.stored_location_for(:user)).to eq "/oauth/authorize?client_id=#{app.uid}&redirect_uri=http%3A%2F%2Flocalhost%2F&response_type=code"
+        expect(controller.stored_location_for(:user)).to eq "/oauth/authorize?client_id=#{app.uid}&redirect_uri=http%3A%2F%2Flocalhost%2F&response_type=code&scope=read"
       end
     end
 
     context 'when signed in' do
+      let!(:user) { Fabricate(:user) }
+
       before do
-        sign_in Fabricate(:user), scope: :user
+        sign_in user, scope: :user
       end
 
       it 'returns http success' do
@@ -35,6 +37,28 @@ RSpec.describe Oauth::AuthorizationsController, type: :controller do
       end
 
       include_examples 'stores location for user'
+
+      context 'when app is already authorized' do
+        before do
+          Doorkeeper::AccessToken.find_or_create_for(
+            app,
+            user.id,
+            app.scopes,
+            Doorkeeper.configuration.access_token_expires_in,
+            Doorkeeper.configuration.refresh_token_enabled?
+          )
+        end
+
+        it 'redirects to callback' do
+          subject
+          expect(response).to redirect_to(/\A#{app.redirect_uri}/)
+        end
+
+        it 'does not redirect to callback with force_login=true' do
+          get :new, params: { client_id: app.uid, response_type: 'code', redirect_uri: 'http://localhost/', scope: 'read', force_login: 'true' }
+          expect(response.body).to match(/Authorize/)
+        end
+      end
     end
 
     context 'when not signed in' do
-- 
cgit 


From bd9e47e9bed132b9164ce7cb357e84f5f2b3c72a Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Mon, 10 Sep 2018 18:26:28 +0200
Subject: Handle relative URLs when fetching OEmbed/OpenGraph cards (#8669)

---
 app/services/fetch_link_card_service.rb | 18 ++++++++++--------
 app/services/fetch_oembed_service.rb    |  2 +-
 2 files changed, 11 insertions(+), 9 deletions(-)

(limited to 'app')

diff --git a/app/services/fetch_link_card_service.rb b/app/services/fetch_link_card_service.rb
index 560a81768..ea94e2491 100644
--- a/app/services/fetch_link_card_service.rb
+++ b/app/services/fetch_link_card_service.rb
@@ -87,34 +87,36 @@ class FetchLinkCardService < BaseService
   end
 
   def attempt_oembed
-    embed = FetchOEmbedService.new.call(@url, html: @html)
+    service = FetchOEmbedService.new
+    embed   = service.call(@url, html: @html)
+    url     = Addressable::URI.parse(service.endpoint_url)
 
     return false if embed.nil?
 
     @card.type          = embed[:type]
     @card.title         = embed[:title]         || ''
     @card.author_name   = embed[:author_name]   || ''
-    @card.author_url    = embed[:author_url]    || ''
+    @card.author_url    = embed[:author_url].present? ? (url + embed[:author_url]).to_s : ''
     @card.provider_name = embed[:provider_name] || ''
-    @card.provider_url  = embed[:provider_url]  || ''
+    @card.provider_url  = embed[:provider_url].present? ? (url + embed[:provider_url]).to_s : ''
     @card.width         = 0
     @card.height        = 0
 
     case @card.type
     when 'link'
-      @card.image_remote_url = embed[:thumbnail_url] if embed[:thumbnail_url].present?
+      @card.image_remote_url = (url + embed[:thumbnail_url]).to_s if embed[:thumbnail_url].present?
     when 'photo'
       return false if embed[:url].blank?
 
-      @card.embed_url        = embed[:url]
-      @card.image_remote_url = embed[:url]
+      @card.embed_url        = (url + embed[:url]).to_s
+      @card.image_remote_url = (url + embed[:url]).to_s
       @card.width            = embed[:width].presence  || 0
       @card.height           = embed[:height].presence || 0
     when 'video'
       @card.width            = embed[:width].presence  || 0
       @card.height           = embed[:height].presence || 0
       @card.html             = Formatter.instance.sanitize(embed[:html], Sanitize::Config::MASTODON_OEMBED)
-      @card.image_remote_url = embed[:thumbnail_url] if embed[:thumbnail_url].present?
+      @card.image_remote_url = (url + embed[:thumbnail_url]).to_s if embed[:thumbnail_url].present?
     when 'rich'
       # Most providers rely on <script> tags, which is a no-no
       return false
@@ -146,7 +148,7 @@ class FetchLinkCardService < BaseService
 
     @card.title            = meta_property(page, 'og:title').presence || page.at_xpath('//title')&.content || ''
     @card.description      = meta_property(page, 'og:description').presence || meta_property(page, 'description') || ''
-    @card.image_remote_url = meta_property(page, 'og:image') if meta_property(page, 'og:image')
+    @card.image_remote_url = (Addressable::URI.parse(@url) + meta_property(page, 'og:image')).to_s if meta_property(page, 'og:image')
 
     return if @card.title.blank? && @card.html.blank?
 
diff --git a/app/services/fetch_oembed_service.rb b/app/services/fetch_oembed_service.rb
index 998228517..9ddf9b13b 100644
--- a/app/services/fetch_oembed_service.rb
+++ b/app/services/fetch_oembed_service.rb
@@ -31,7 +31,7 @@ class FetchOEmbedService
 
     return if @endpoint_url.blank?
 
-    @endpoint_url = Addressable::URI.parse(@endpoint_url).to_s
+    @endpoint_url = (Addressable::URI.parse(@url) + @endpoint_url).to_s
   rescue Addressable::URI::InvalidURIError
     @endpoint_url = nil
   end
-- 
cgit 


From bda0f7ac7353a63b42ca99b2e7d4e80a3b03b850 Mon Sep 17 00:00:00 2001
From: ThibG <thib@sitedethib.com>
Date: Mon, 10 Sep 2018 18:26:47 +0200
Subject: Add a few black emojis that are to have a white outline (#8597)

---
 app/javascript/styles/mastodon/accessibility.scss | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app')

diff --git a/app/javascript/styles/mastodon/accessibility.scss b/app/javascript/styles/mastodon/accessibility.scss
index 373bcd4ac..d33806c84 100644
--- a/app/javascript/styles/mastodon/accessibility.scss
+++ b/app/javascript/styles/mastodon/accessibility.scss
@@ -1,4 +1,4 @@
-$black-emojis: '8ball' 'ant' 'back' 'black_circle' 'black_large_square' 'black_medium_small_square' 'black_medium_square' 'black_nib' 'black_small_square' 'bomb' 'bust_in_silhouette' 'camera' 'camera_with_flash' 'clubs' 'copyright' 'curly_loop' 'currency_exchange' 'end' 'heavy_check_mark' 'heavy_division_sign' 'heavy_dollar_sign' 'heavy_minus_sign' 'heavy_multiplication_x' 'heavy_plus_sign' 'lower_left_fountain_pen' 'on' 'registered' 'soon' 'spades' 'spider' 'tm' 'top' 'waving_black_flag' 'wavy_dash' 'video_game';
+$black-emojis: '8ball' 'ant' 'back' 'black_circle' 'black_heart' 'black_large_square' 'black_medium_small_square' 'black_medium_square' 'black_nib' 'black_small_square' 'bomb' 'bowling' 'bust_in_silhouette' 'busts_in_silhouette' 'camera' 'camera_with_flash' 'clubs' 'copyright' 'curly_loop' 'currency_exchange' 'dark_sunglasses' 'eight_pointed_black_star' 'electric_plug' 'end' 'female-guard' 'film_projector' 'fried_egg' 'gorilla' 'guardsman' 'heavy_check_mark' 'heavy_division_sign' 'heavy_dollar_sign' 'heavy_minus_sign' 'heavy_multiplication_x' 'heavy_plus_sign' 'hocho' 'hole' 'joystick' 'kaaba' 'lower_left_ballpoint_pen' 'lower_left_fountain_pen' 'male-guard' 'microphone' 'mortar_board' 'movie_camera' 'musical_score' 'on' 'registered' 'soon' 'spades' 'speaking_head_in_silhouette' 'spider' 'telephone_receiver' 'tm' 'top' 'tophat' 'turkey' 'vhs' 'video_camera' 'video_game' 'water_buffalo' 'waving_black_flag' 'wavy_dash';
 
 %white-emoji-outline {
   filter: drop-shadow(1px 1px 0 $white) drop-shadow(-1px 1px 0 $white) drop-shadow(1px -1px 0 $white) drop-shadow(-1px -1px 0 $white);
-- 
cgit 


From f1214f00d990612229c753d8657944a10b9bf8a1 Mon Sep 17 00:00:00 2001
From: Thibaut Girka <thib@sitedethib.com>
Date: Tue, 11 Sep 2018 17:00:22 +0200
Subject: Do not clear local storage on log out

---
 app/controllers/auth/sessions_controller.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'app')

diff --git a/app/controllers/auth/sessions_controller.rb b/app/controllers/auth/sessions_controller.rb
index 19722364c..f4401b3dd 100644
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@@ -135,7 +135,7 @@ class Auth::SessionsController < Devise::SessionsController
 
     # Should be '"*"' but that doen't work in Chrome (neither does '"executionContexts"')
     # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Clear-Site-Data
-    response.headers['Clear-Site-Data'] = '"cache", "cookies", "storage"'
+    response.headers['Clear-Site-Data'] = '"cache", "cookies"'
   end
 
   def continue_after?
-- 
cgit