Maxwell Salzberg
190fceaf5c
[SECURITY FIX] please update your pod ASAP
...
This is a fix for public messages, where a malicious pod could spoof a message from someone a user was connected to, as the verified signatures were not checked that the object was also from said sender. This hole only affected public messages, and the private part of code had the correct checks
THX to s-f-s(Stephan Schulz) for reporting and tracking down this issue, and props to Raven24(florian.staudacher@gmx.at ) for helping me test the patch
2012-07-02 10:00:12 -07:00
Steven Hancock
a8de3a5a3f
Rails.root and File.join cleanup
...
- `Rails.root` is a `Pathname`, so let's use `Rails.root.join`
- Clean up most of the remaining `File.join`s
2012-06-11 03:13:20 -07:00
Maxwell Salzberg
b124d3e5a1
Revert "update factory girl" new version does not support 1.8.7 :(
...
This reverts commit c52342b7cb
2012-05-16 17:43:56 -07:00
Maxwell Salzberg
c52342b7cb
update factory girl
2012-05-16 17:17:14 -07:00
danielgrippi
4f7dda6012
bang! kill redis cache.
2012-02-02 12:45:43 -08:00
Maxwell Salzberg
49f18d435a
upgrade factory girl there are 3 failing cukes.
2012-01-21 21:58:50 -08:00
danielgrippi
0e5bb81d66
remove all references to the websocket. bang bang.
2012-01-10 12:28:19 -08:00
Maxwell Salzberg
63cdd93afc
the websocket has been completely removed, and replaced for a stub until
...
we find a better way to reimpliment it in a more sane way
2012-01-03 18:39:54 -08:00
Sarah Mei
f1d669a024
Delete all pending specs except stuff we actually want to fix in the short term. Add more useful comments to those.
2011-11-06 21:29:22 -08:00
Manuel Schölling
02a3c3f88b
Introduced Shareable
2011-10-16 13:58:35 +02:00
Ilya Zhitomirskiy
91a0af078c
added checking for the sharing contact in postzord caching
2011-10-06 12:31:09 -07:00
Ilya Zhitomirskiy
d891e78652
refactored post receiving; only update cache on verfied received objects
2011-10-06 12:31:09 -07:00
Ilya Zhitomirskiy
6ea540fb94
wip, adding to cache in receiver, caching is only triggered for receiving of posts
2011-10-04 10:32:17 -07:00
Ilya Zhitomirskiy
7926ebfb53
subclassing receivers, renamed perform to perform [bang]
2011-10-04 10:32:17 -07:00
Maxwell Salzberg
a99d992706
GAHHHH DATABASE STRING OR INTEGER MAKE UP YOUR MIND
2011-09-29 18:53:25 -07:00
Maxwell Salzberg
c0ed7218fa
ugh postgres and your string ids\!
2011-09-29 18:30:12 -07:00
Maxwell Salzberg
9760033fa5
weird postgres thing
2011-09-29 17:43:47 -07:00
Maxwell Salzberg
44942036da
make the socketing tests pending as we are not currently doing that
2011-09-29 13:33:44 -07:00
Ilya Zhitomirskiy
c3746aec7f
passing around arrays instead of object on local batch receive
2011-09-28 21:34:48 -07:00
Ilya Zhitomirskiy
da0591f55e
tightened the spec, about to refactor
2011-09-28 21:03:10 -07:00
Ilya Zhitomirskiy
5cf11447e6
tightened the spec, about to refactor
2011-09-28 21:00:17 -07:00
Ilya Zhitomirskiy
c98189b057
refactored the salmon models and the xml, added a pending spec to strip '='
2011-09-16 08:53:13 -07:00
danielgrippi
999efbd451
IZ DG MS; fix method call in public receiver
2011-09-15 19:37:56 -07:00
danielgrippi
ba8e50e34c
DG MS; renamed a file; fixed the build
2011-09-15 15:16:34 -07:00
danielgrippi
97f80272b2
DG MS; changed Job:: to Jobs::; require all mail jobs from Job base class
2011-09-15 12:42:53 -07:00
danielgrippi
ec011f0800
DG MS; optimized local comments to be batched; backfilled more tests
2011-09-15 11:22:47 -07:00
danielgrippi
91e649977c
MS DG update copyright
2011-09-14 11:23:12 -07:00
Maxwell Salzberg
665facaeb0
DG MS renamed private dispatcher; started refactor including public
...
dispatcher
2011-09-12 17:02:40 -07:00
Maxwell Salzberg
5177e5b218
DG MS test receive_relayable
2011-09-12 14:05:32 -07:00
Maxwell Salzberg
6e60905d0d
DG MS major refactor of salmon and corresponding federation logic
2011-09-12 14:05:32 -07:00
Maxwell Salzberg
e0429ee823
MS DG pulling apart salmon and making our custom hacks more obvious
2011-09-12 14:05:31 -07:00
