- 25 Feb, 2016 3 commits
-
-
mmn authored
-
mmn authored
I don't know why, but people started following those instructions for no apparent reason and it ended up causing a bunch of federation issues or homegrown cron script messes. Maybe changing the name to "another" instead of "your" domain will make people stop doing stuff randomly.
-
mmn authored
We should probably have a separate class for this, so we can more easily combine different technologies similar to oEmbed/OpenGraph.
-
- 23 Feb, 2016 7 commits
-
-
mmn authored
I think this solves much of the "third party conversation" issues, assuming involved parties are using modern GNU social instances.
-
mmn authored
-
mmn authored
For some reason they were written to ->object, which is incorrect as we use the objects[] array (which usually just holds one entry though)
-
mmn authored
-
mmn authored
-
mmn authored
-
mmn authored
Also move fancyurlfix into site-wide $config['fix']['fancyurls'] TODO: getByUri should make use of this directly I guess?
-
- 22 Feb, 2016 1 commit
-
-
mmn authored
Evil forms on other websites could otherwise potentially be configured to have action="https://gnusocial.example/api/statuses/update.json" or whatever. XHR is already blocked with CORS stuff. Really, why do browsers allow cross domain POSTs at all? Sigh. The web.
-
- 21 Feb, 2016 8 commits
- 18 Feb, 2016 1 commit
-
-
mmn authored
We say the email is private data, so reasonably we shouldn't reveal it indirectly through a hash sum: http://xmlns.com/foaf/spec/#term_mbox_sha1sum
-
- 17 Feb, 2016 12 commits
- 16 Feb, 2016 2 commits
- 15 Feb, 2016 2 commits
- 14 Feb, 2016 2 commits
- 13 Feb, 2016 2 commits