Commit graph

911 commits

Author SHA1 Message Date
Trinity Pointard
eafe1ed490 Add content digest to signed http headers
Sign the Digest HTTP header
2018-09-30 12:08:04 +02:00
Trinity Pointard
fceb9ab0cd Update cookie management a bit
Update to latest rocket_csrf
Make user_id a samesite lax cookie (see https://github.com/Plume-org/Plume/issues/233#issuecomment-422660275)
2018-09-30 11:56:12 +02:00
Dominik Pataky
31a3e6c825 Revert icon injection 2018-09-29 21:42:51 +02:00
Dominik Pataky
83c4387e94 Add link underline for main body; add link icon
Links in the main body part are now underlined on mouse hover.
<a> tags in the article content are expanded by an icon from
FontAwesome.

Fixes #140
2018-09-29 21:41:02 +02:00
Baptiste Gelez
1e3f40833d
Add a link to Loomio in the README 2018-09-29 19:25:27 +01:00
Bat
6f8630df2e Use <div> for avatars
<img> is displayed as an error without src, in Chrome

Fixes #222
2018-09-29 18:29:22 +01:00
Baptiste Gelez
05f3ecabd6
Merge pull request #248 from maximesrd/patch-4
Bad commands in the update guide
2018-09-29 17:03:33 +01:00
maximesrd
a1530791ef
Update UPDATE.md 2018-09-29 18:00:48 +02:00
Baptiste Gelez
236cf14406
Merge pull request #245 from Plume-org/rest-api
Some API endpoints for articles
2018-09-29 16:33:31 +01:00
Bat
72fd9eb610 API: Filter posts in the list 2018-09-29 15:45:27 +01:00
maximesrd
3b288c2dad
Update UPDATE.md 2018-09-29 15:34:59 +02:00
maximesrd
b97b0233da
Update UPDATE.md 2018-09-29 15:34:29 +02:00
maximesrd
db4c939be8
Bad commands 2018-09-29 15:02:17 +02:00
Baptiste Gelez
975f8d0393
Merge pull request #246 from fediverse-pl/master
i18n: Update Polish translation
2018-09-27 19:25:12 +01:00
Marcin Mikołajczak
47eeed1008 i18n: Update Polish translation
Signed-off-by: Marcin Mikołajczak <me@m4sk.in>
2018-09-27 12:42:09 +02:00
Bat
f893056d6d Mount the API endpoints 2018-09-25 20:45:32 +01:00
Bat
472da486e9 Fix the canapi::Provider impl for Post 2018-09-25 20:10:18 +01:00
Baptiste Gelez
ba3dd3304c
Merge pull request #243 from rhonda/master
Updated German translation
2018-09-25 15:38:58 +01:00
Rhonda D'Vine
88d8fb95c3 Updated German translation 2018-09-25 16:27:59 +02:00
Baptiste Gelez
9650fdbfb5
Merge pull request #242 from Atul9/fix-broken-link
#227 Fix broken link on blog page
2018-09-24 20:35:20 +01:00
Atul Bhosale
3dce53d899
Fix broken link on blog page 2018-09-24 23:46:32 +05:30
Baptiste Gelez
05fb7c9b42
Merge pull request #238 from Plume-org/csrf-issues
Fix CSRF issues
2018-09-21 13:37:35 +01:00
Baptiste Gelez
7afe249a75
Merge pull request #240 from OpenAlgeria/patch-1
Update INSTALL.md
2018-09-20 19:23:49 +01:00
OpenAlgeria
5d21e26406
Update INSTALL.md 2018-09-20 15:21:32 +02:00
Bat
d8ca1d70b7 Fix CSRF issues
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.

Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Trinity Pointard
f0fb030c7f Update recommended nginx config
Update recommended nginx config to allow iframes
close #234
2018-09-19 18:18:39 +02:00
Bat
1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Trinity Pointard
fab6360100 Be less restrictive on authorized html tags
Allow users to add ids to tags
Allow users to use iframes
2018-09-19 10:51:27 +02:00
Baptiste Gelez
2bc6052a35
Replace plume by DATABASE_NAME in the docs
To make it clearer you can have multiple Plume instances/databases on the same server, and that this part of the URL may change too.
2018-09-18 21:40:20 +01:00
Baptiste Gelez
d8bfd6d39f
Create ISSUE_TEMPLATE.md 2018-09-18 15:40:17 +01:00
Baptiste Gelez
064c5961e7
Add a CoC
Finally!
2018-09-18 13:59:43 +01:00
Baptiste Gelez
eb24ba1774
Merge pull request #223 from igalic/fix/safe-string
make blog/instance description a SafeString
2018-09-14 20:56:13 +01:00
Igor Galić
fb074e6344
render SafeString thru |safe
thanks again to @fdb-hiroshima for pointing me in the right direction!
2018-09-14 21:44:32 +02:00
Igor Galić
06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić
d62c72dde0
allocate new SafeString in FromFormValue impl
thanks to @fdb-hiroshima for this review!
2018-09-14 19:50:59 +02:00
Igor Galić
0897088aa5
add implementation for FromFormValue for SafeString
thanks again to @pwoolcoc for this!
2018-09-14 18:26:42 +02:00
Igor Galić
65e213309b
do not allocate empty strings
follow review from @pwoolcoc, and do not use

    SafeString::new(&<String>::new())

since this makes an allocation which will then just be thrown away.
Instead, we pass ""
2018-09-14 18:24:27 +02:00
Igor Galić
f5c299f23c
make blog/instance description a SafeString
long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
2018-09-14 15:14:24 +02:00
Baptiste Gelez
d355379e01
Merge pull request #219 from igalic/fix/env-howto
improve installation "docs"
2018-09-13 19:38:00 +01:00
Igor Galić
e7b5d81687
gitignore docker-compose.yml 2018-09-13 17:21:20 +02:00
Igor Galić
dfc76757bb
fix comment in docker.sample.env
docker's sample .env file under docs/ which contains the wrong command
to generate a rocket secret_key
2018-09-13 17:18:25 +02:00
Bat
5b138df8ce Remove duplicated message in gl.po 2018-09-12 17:07:41 +01:00
Bat
0200a7b223 Only send notifications for mentions if the post is not a draft 2018-09-12 17:00:00 +01:00
Bat
b01212f4a6 Make it impossible to view drafts if you are not the author
Even if you got the URL
2018-09-12 16:58:38 +01:00
Bat
296aa2fbbb Merge branch 'master' of github.com:Plume-org/Plume 2018-09-12 13:41:10 +01:00
Baptiste Gelez
ab640011e3
Merge pull request #215 from xmgz/master
update galician
2018-09-12 13:37:03 +01:00
Xose M
f5633f4e7f
Merge branch 'master' into master 2018-09-12 07:40:16 +02:00
Xosé M
3d52afc804 fixed some fuzzies & new 2018-09-12 07:23:23 +02:00
Xosé M
c5d93a2951 update 2018-09-12 07:15:33 +02:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00