c850a61a89
check if file exists
...
(cherry picked from commit 52bd27a0280c736e563ccc67a9307cd75bd14d3f)
2019-11-13 16:26:57 +01:00
97f36fa46f
fix issue #1331
...
(cherry picked from commit 394f263ddd648e25ff3967bfbe3b0e25dccf89a0)
2019-09-19 12:34:01 +02:00
cf844cb27c
http signature consolidation
2019-06-26 21:45:21 -07:00
3b31dbaa16
clean up whitespace and remove superfluous semicolon
2019-01-29 22:37:30 +01:00
4b516fdb09
Custom sessionhandler support, as requested
2019-01-29 21:41:23 +01:00
a7d2f9b530
remove checkjs and nojs
2018-11-15 15:35:06 -08:00
d0f0a74df8
encrypted header issue
2018-11-14 18:14:47 -08:00
65a8965e85
extra logging
2018-11-14 18:07:39 -08:00
c6bfd5e7be
verify some edge case http signatures
2018-10-11 21:28:47 -07:00
c6f3298f78
SECURITY: signature issue
2018-10-09 22:37:53 -07:00
ed00d1b2e3
Page meta properties
2018-09-22 10:44:51 +02:00
2f6cb764a4
prepare submodule to interact with route
2018-09-17 10:30:47 +02:00
a94c9d2709
checkjs fix ($page not bin-hex in all cases)
2018-07-19 17:19:19 -07:00
5ce50d0a2e
mangled urls on redirects
2018-07-18 17:05:38 -07:00
d71e70bedf
functions to support module and widget registration by plugins. These have identical construction to core modules and widgets and are registered just like hooks during addon load. Also additional Apps functions addon_app_installed() and system_app_installed() which will eventually replace feature_installed() for features which are converted to apps. The convention being used is that the module associated with the app calls the appropriate *_app_installed() function and if not present emits descriptive text about the app and exits. This allows one to click on an 'available' app and learn about it. Once installed, the app module behaves normally and may offer functionality or what once were addon settings on the settings/featured page. Refer to zap-addons in the zap repository for examples of how this is being used to eliminate the 'additional features' and 'addon settings' pages.
2018-07-12 16:23:32 -07:00
66d72d9870
as_fetch depends on the pubcrawl plugin, but is referenced in core. Ensure that it doesn't chuck a wobbly if the function isn't found. This is undergoing significant revision for zot6 so this action is considered a short-term workaround until that work work stabilises.
2018-04-22 22:10:15 -07:00
19888b95cc
draft-cavage issues
2018-04-15 21:04:09 -07:00
b13328140f
accept system_language through either get or post
2018-04-12 18:21:34 -07:00
7c28a40c3e
✅ Unit Test for HTTPSig.
2018-02-28 16:04:13 +01:00
cd1e5d4171
zot6 testing
2018-02-08 16:22:10 -08:00
beec49847f
missing quote
2018-02-08 15:45:33 -08:00
e4503f743e
logging
2018-02-08 15:36:22 -08:00
635c5e532b
z6 testing
2018-02-08 15:32:54 -08:00
4c27fa5c37
debug the crypto function
2018-02-07 22:04:53 -08:00
b41c5f3497
Merge branch 'master' into z6
2018-02-05 15:58:28 -08:00
858a6270d5
simplify webserver logic flow, remove obsolete $a from router
2018-01-18 15:36:46 -08:00
2de1285121
z6 deliver
2018-01-16 18:15:58 -08:00
eb3e43feec
cleanup of last fix
2018-01-13 14:08:15 -08:00
08bea83c03
unexpected openssl result
2018-01-13 13:45:33 -08:00
ef952a41b3
Fix whitespace formatting
2017-12-23 11:09:37 -05:00
e7f6cd2cfa
fix dupe bug in content hooks
2017-12-23 10:58:51 -05:00
a79b268438
fix typo in HTTPSig
2017-12-04 08:57:07 +01:00
1a737be2b4
💡 Improving Doxygen documentation.
...
Fix some Doxygen parsing errors.
Improve hooks documentation.
2017-11-03 23:04:27 +01:00
e6c166a182
sort out the notification ids
2017-10-12 11:36:25 -07:00
991db280be
experimental new notifications - needs pconfig experimental_notif set to 1 for your channel to work.
2017-10-08 17:19:29 +02:00
98e0534984
Merge pull request #862 from waitman/patch-4
...
prevent 'my_address' being set with bogus info
2017-09-28 11:01:01 +02:00
9d7a88b40d
move the Link header initialisation from Router (where it does not really belong) to Webserver, where we do similar module specific initialisations prior to calling Router->Dispatch()
2017-09-25 23:14:02 -07:00
3648f9952c
typo
2017-09-24 17:08:38 -07:00
866dc9a9b3
For zot6, allow HTTP Signatures to be encrypted, as they may contain sensitive (envelope, metadata) information.
2017-09-24 16:46:52 -07:00
6bd35ef740
log the lack of http sig info
2017-09-21 18:29:41 -07:00
6e9e267b27
provide a space between link header params
2017-09-20 23:57:44 -07:00
24a9c3ba79
add more signature logging
2017-09-20 21:20:00 -07:00
7b060dff68
add HTTP link header to channel page, making it pluggable
2017-09-20 19:12:23 -07:00
b3c805d7d0
prevent 'my_address' being set with bogus info
...
After a user has authenticated, it is possible to set my_address in $_SESSION to 'anything' using zid= parameter in URL - if user is authenticated then zid is never set. This change kills the authenticated switch if a person sends a new zid through for processing, which will trigger remote authentication.
2017-09-18 06:02:14 -05:00
b5966041be
more zot6
2017-09-13 20:40:01 -07:00
61f339a874
owa - first commit
2017-09-07 17:56:02 -07:00
d58f965b9a
some more prep work for Zot VI - some of this will need to be undone or at least re-arranged later but we need to bootstrap a test environment.
2017-09-04 22:35:54 -07:00
4adf2caaa6
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into xdev_merge
2017-09-03 17:17:20 -07:00
db82d303e2
only validate headers that aren't "spoofable", which will be somewhat implementation dependent.
2017-09-03 17:12:42 -07:00
e935473c5c
add combined index for item.uid and item.item_unseen. this speeds up notifications by a magnitude.
2017-09-01 21:27:59 +02:00
Mario
zotlabs
Mark Nowiasz
M. Dent
Klaus Weidenbach
Matthew Dent
Waitman Gobble