nocebo/diaspora
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14376 commits 4 branches 0 tags 121 MiB
Commit graph

7065 commits

Author SHA1 Message Date
Jonne Haß
ecb1b80e24 Render flash message content with .text 
.html does not escape any html input in these, leading to XSS
attack vectors.

Thanks to A Kai (@sixhundredns) for reporting the related issues.
 2014-05-24 16:08:32 +02:00
Marien Fressinaud
fa2de8c195 Remove duplicate checkbox in Settings 
Fix issue #4964
 2014-05-22 22:39:09 +02:00
Lukas Matt
8170ef8363 Validate on report that post or comment does exist 2014-05-16 09:48:14 -04:00
Lukas Matt
6d6ebd297e Do not try to render posts/comments which are not present 
refs diaspora/diaspora#4959
 2014-05-16 09:48:14 -04:00
Jason Robinson
01381ddf25 Merge pull request #4957 from MrZYX/4956_deleted_reshare 
Use absolute_root more consistently in Reshare
 2014-05-16 10:00:31 +03:00
Lukas Matt
3d9fceb479 DB fix to work with existing entries 
* added temp. default values for user_id and item_type
* changed model validation for item_type
 2014-05-15 07:23:44 -04:00
Lukas Matt
462a7116de Fixed possible XSS; escape comment text in report helper 2014-05-15 07:23:44 -04:00
Lukas Matt
7ef802127e Added confirm-dialog to report-delete-button 
* changed button description
* replaced links with buttons
 2014-05-15 07:23:44 -04:00
Lukas Matt
693986bba0 Fixed report icon in single post view 2014-05-15 07:23:44 -04:00
Lukas Matt
6ff2141503 If you're able to remove the comment you shouldn't be able to report it 2014-05-15 07:23:44 -04:00
Lukas Matt
23d0890bdc Fixed and cleaned comment template/stylesheet 
fixed:
* comment-report-icon will not be displayed when post author is current user
* if you hover a comment all report icons will be displayed
 2014-05-15 07:23:44 -04:00
Lukas Matt
218845d5b4 Changed and renamed database columns 
* changed user_id type to integer
* renamed post_id to item_id
* renamed post_type to item_type
 2014-05-15 07:23:44 -04:00
Lukas Matt
9d3af93c7d Removed unicode from entypo css file 2014-05-15 07:23:43 -04:00
Lukas Matt
6f65ef8437 Using save for report model 
Instead of checking the status code I am using success and
error callbacks from model-save. In that case we have to return
json in the controller for signaling that the request was sucessfully.
 2014-05-15 07:23:43 -04:00
Lukas Matt
8b8a232b17 Added diaspora copyright 2014-05-15 07:23:43 -04:00
Lukas Matt
011db282b7 Removed local variable in ReportMailer 2014-05-15 07:23:43 -04:00
Lukas Matt
045ced0518 Joined if statements and removed duplicated code 2014-05-15 07:23:43 -04:00
Lukas Matt
512d96bda6 Display validation errors to user 2014-05-15 07:23:43 -04:00
Lukas Matt
6309e1a4ee Cleaned and optimized report model 2014-05-15 07:23:43 -04:00
Lukas Matt
0fae1137fa Using unless instead of 'if !' 2014-05-15 07:23:43 -04:00
Lukas Matt
1a0c9f5983 Make report-type translatable 2014-05-15 07:23:43 -04:00
Lukas Matt
6f21ccda06 Using case instead of equal 2014-05-15 07:23:43 -04:00
Lukas Matt
26d0c81dae Added the ability to disable report-email-notification 
Podmin can see a extra checkbox in Settings > Account
for disabling report-email-notification
 2014-05-15 07:23:43 -04:00
Lukas Matt
719edcd1a7 Added missing action in report controller 2014-05-15 07:23:43 -04:00
Lukas Matt
2e36f8d375 Diaspora review part 1 
* join the conditions of the inner ifs
* add a uniqueness constraint to the model
* differentiate between author is a local or a remote user
* simplify controller/mailer functions
 2014-05-15 07:23:43 -04:00
Lukas Matt
ed96ddac98 Display status when the user send a report 2014-05-15 07:23:43 -04:00
Lukas Matt
d23f4a66da Cleaned javascript report view 2014-05-15 07:23:43 -04:00
Lukas Matt
1748d3b940 It is now possible to report comments 
* Renamed PostReport to Report
* Added report button to SPV
* Updated rspec

refs diaspora/diaspora#4732
refs diaspora/diaspora#4710
refs diaspora/diaspora#4711
refs diaspora/diaspora#4517
 2014-05-15 07:23:43 -04:00
Jonne Haß
8a599e1c1d Use absolute_root more consistently in Reshare 
Closes #4956
 2014-05-14 22:41:24 +02:00
Jason Robinson
62b5fea526 Merge pull request #4932 from Raven24/fix-bookmarklet 
port bookmarklet to Backbone.js, use gon for params
 2014-05-01 13:29:36 +03:00
Florian Staudacher
9da3bc347b disable publisher after successfully posting in standalone mode 2014-04-25 19:51:45 +02:00
Florian Staudacher
0d51bba959 port bookmarklet to Backbone.js, use gon for params (fixes #4931) 2014-04-19 17:41:21 +02:00
flaburgan
b1f59a9b53 Switch back from Roboto to Helvetica on bootstrap pages 2014-04-18 18:34:25 +02:00
Steffen van Bergerem
232e4fa236 Improve set read/unread in notifications dropdown 2014-04-16 23:33:22 +02:00
Steffen van Bergerem
e1685c9a29 Remove auto 'mark as read' for notifications 2014-04-15 14:51:38 +02:00
Jason Robinson
07ae7d7862 Merge pull request #4426 from Flaburgan/fix-padding-spv 
[Ready to merge] fix padding between panels
 2014-04-13 15:08:29 +03:00
Jason Robinson
356096a7eb Merge pull request #4836 from MrZYX/message_renderer 
Introduce message renderer
 2014-04-13 15:00:46 +03:00
flaburgan
a4886fa77b SPV: Improve padding and interaction counts 2014-04-13 11:27:12 +02:00
Jason Robinson
7d9248b7ac Merge pull request #4854 from Flaburgan/fix-mobile-drawer 
Fix mobile drawer
 2014-04-12 21:46:54 +03:00
Jason Robinson
ee3a9f9be0 Merge pull request #4912 from goobertron/settings 
Reorder items on settings page and improve wording
 2014-04-12 21:37:52 +03:00
flaburgan
86e71cd1b6 fix registration test 2014-04-11 20:25:58 +02:00
flaburgan
438ebc839f Fix scroll in the drawer nav 2014-04-11 19:02:26 +02:00
flaburgan
a9b9420214 Fix header search bar in safari 2014-04-11 19:02:25 +02:00
flaburgan
e4244f01f5 Remove span12, main content now expand smoothly and the drawer become correctly displayed even in big resolution 2014-04-11 19:02:25 +02:00
flaburgan
c25ae02ff2 Remove mobile footer 2014-04-11 19:02:25 +02:00
flaburgan
53b1f9effd Fix search field in the header of the mobile version 2014-04-11 19:02:25 +02:00
Hincu Petru
2311b761e1 Redirect to stream_path if is destkop 2014-04-08 09:34:14 +00:00
goobertron
63abe9055b Reorder items on settings page and improve wording 
Update cukes to be text-independent
Update changelog
 2014-04-08 00:28:25 +01:00
Jonne Haß
682a49605e Merge pull request #4910 from hpetru/rewrite-poll-creator 
Rewrite poll creation inputs
 2014-04-06 22:27:01 +02:00
Jannik Streek
095d616198 fixed federation issue due to missing delegation + test + some minor tweaks 
fixed indenting

renamed test
 2014-04-06 20:58:58 +02:00