nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
12709 commits 4 branches 0 tags 121 MiB
Commit graph

136 commits

Author SHA1 Message Date
Jonne Haß
7134513b28 Fix XSS vulnerabilities caused by not escaping a users name fields when loading it from JSON. #3948 
From a quick look at the for us available databases this was not actually used in the wild.
 2013-02-01 22:20:31 +01:00
Gonzalo
e1756b5b3f Privatize non-action controller methods 2012-10-14 19:32:53 -02:00
Marek Lewandowski
125e45cdba Force user to authenticate instead of raising error 2012-09-29 16:57:34 +02:00
Jonne Haß
58d1448085 update factory girl 2012-09-12 13:24:23 +02:00
Maxwell Salzberg
b124d3e5a1 Revert "update factory girl" new version does not support 1.8.7 :( 
This reverts commit c52342b7cb.
 2012-05-16 17:43:56 -07:00
Maxwell Salzberg
c52342b7cb update factory girl 2012-05-16 17:17:14 -07:00
Maxwell Salzberg
b8b6557379 adding an ajax loader, and pull out the js from the middle of the view 2012-03-13 17:10:23 -07:00
Steven Fuchs
7d3a6a061c add spec to ake sure background query is only set when a full diaspora id is given. 2012-03-07 23:19:51 -05:00
Steven Fuchs
7048fa6d50 fixing conflicts in merge 2012-03-07 23:19:50 -05:00
Steven Fuchs
23aff2af5e run second search ajaxily when no results are found from remote pod. 2012-03-07 23:19:50 -05:00
danielgrippi
73f224e690 don't render page-viewer twice; last_post should actually get the last post posted, not the first one 2012-02-24 21:48:37 -08:00
danielgrippi
02021584a7 EvilQuery for Participation, refactor comment creation 
you can now create a comment with User#comment!(post, text)
 2012-02-01 15:09:31 -08:00
Maxwell Salzberg
13d1e68540 refactor people#index 2012-01-28 23:48:37 -08:00
Sarah Mei
d40746bff7 Fixes #2713 - searching for punctuation now doesn't throw a 500. Refactored people#index specs. 2012-01-28 13:45:39 -08:00
Jonne Haß
100625d18c fix people and person specs for the guid stuff on psql 2012-01-24 23:02:07 +01:00
Jonne Haß
7aaaf4f43b use guid instead of id for /people/ urls 2012-01-23 23:35:31 +01:00
Maxwell Salzberg
49f18d435a upgrade factory girl there are 3 failing cukes. 2012-01-21 21:58:50 -08:00
Maxwell Salzberg
35676cddac fix #2627 (webfinger produces 500 error, and refactor a little to encapsulate into Webfinger object a bit more 2012-01-14 00:40:42 -08:00
danielgrippi
0e5bb81d66 remove all references to the websocket. bang bang. 2012-01-10 12:28:19 -08:00
danielgrippi
c6e4172926 fixed likes_controller; half of the failing jasmine tests 2012-01-07 14:23:23 -08:00
Jonne Hass
57661fe9dd fixed a couple of specs 2011-12-11 02:08:38 +01:00
Ilya Zhitomirskiy
03ca34767a ms iz rendering nothing for hcard and webfinger if account is closed, not showing aspect dropdown if the user account is closed 2011-12-08 16:32:18 -08:00
Gonzalo Rodriguez
3c74f3d848 Failing spec for empty search bug #2427 2011-12-03 21:19:58 -02:00
Johannes Hackel
ef28e89809 people_controller_spec 2011-11-23 23:45:09 +01:00
Johannes Hackel
0c1be5002d end 2011-11-23 08:00:08 +01:00
Johannes Hackel
66acd7db14 specs, stay on page 2011-11-22 12:54:19 +01:00
Dan Hansen & Maxwell Salzberg
5b8365118d Stream#posts no longer needs to call for_a_stream 
exclude blocked users from all streams
 2011-11-03 12:31:24 -07:00
danielgrippi
9fba69cd5b added person stream; temp hack for photos 2011-10-25 16:29:45 -07:00
Gonzalo Rodriguez
00e93ba765 Fix people_controller specs 2011-10-13 00:01:05 -02:00
danielgrippi
97f80272b2 DG MS; changed Job:: to Jobs::; require all mail jobs from Job base class 2011-09-15 12:42:53 -07:00
danielgrippi
91e649977c MS DG update copyright 2011-09-14 11:23:12 -07:00
Ilya Zhitomirskiy
ad11bd2a31 the Devise email regex was not catching pods that were anything other than a standard url 2011-09-09 18:05:58 -07:00
Jonne Hass
bc4872d3a5 ensure handle is downcased on search, fix #1912 2011-09-07 15:17:42 +02:00
Gonzalo Rodriguez
0aeab944bf Related to #1885. Workaround to avoid crashing when searching tags with dots like cubbi.es 
What i did was to redirect to the tag without dots, in this case cubbies
I didn't consider a good idea to add route support for /tags/cubbi.es
since it get messed with request formats
 2011-09-03 00:22:27 -03:00
Sarah Mei
2255e80b69 So. It turns out that postgresql has a less-consistent idea of what .first means in an association with no default ordering. All the places we were doing bob.aspects.first (& etc.) needed to be more specific. & o ya, POSTGRES IS GREEN. 2011-08-29 22:03:05 -07:00
Gonzalo Rodriguez
cc1add81b0 Avoid RecordNotFound exception thrown by find method when invalid person_id 2011-08-27 02:45:58 -03:00
Andrej Kacian
a904b59a03 Add rspec test for correct behavior of /u/nonexistentuser URL 2011-08-10 22:25:35 +02:00
Maxwell Salzberg
e9d993b8f6 throw 404s when the person is no found 2011-08-09 13:03:45 -07:00
Raphael Sofaer
5967f01dab Take out PostsFake, now that we ajax in comments it's not worth the extra complications 2011-08-03 11:09:21 -07:00
Ilyaaaaaaaaaaaaa Zhitomirskiy
3a6f0583c7 added featured users dg iz 2011-07-29 19:00:15 -07:00
Ilyaaaaaaaaaaaaa Zhitomirskiy
e42d7273a8 featured users section 2011-07-29 19:00:15 -07:00
Raphael Sofaer
78bced56bb Reshares and reshare retractions are green. 2011-07-22 16:00:19 -07:00
Maxwell Salzberg
fa9269541f wip removed some generated specs 2011-07-21 18:22:17 -07:00
Maxwell Salzberg
06f886ad77 WIP reshare 2011-07-21 18:22:17 -07:00
Maxwell Salzberg
eee2225f04 rspec is green 2011-07-21 14:32:10 -07:00
Raphael Sofaer
14759b2c80 Use person_link in notifications_helper, move hovercard css out to a file 2011-07-12 16:21:03 -07:00
Raphael Sofaer
8cf0fa8446 Don't get tags in the publisher 2011-07-07 10:48:07 -07:00
Maxwell Salzberg
1ef9d43262 added pagination for people on tag pages 2011-06-01 18:59:15 -07:00
Raphael Sofaer
df04b59857 Change :on to :post in the comment and post methods 2011-06-01 16:45:29 -07:00
MrZYX
3db4772652 ignore searchable if one searches by handle in people#index 2011-05-29 22:58:33 +02:00