Commit Graph

1310 Commits

Author SHA1 Message Date
Azareal f502bf4f53 subresource integrity 2020-07-31 15:33:29 +10:00
Azareal 26ad61057a cover dynamically loaded static resources
cover default noavatars
2020-07-31 09:40:14 +10:00
Azareal 43d72e6f3b wip allow for more cdns
add res template function
add ExtraCSPOrigins config setting
add StaticResBase config setting
skip flush directives
2020-07-30 18:10:29 +10:00
Azareal d4fd85f75c fix attachment uploading 2020-07-26 15:14:08 +10:00
Azareal ed64b8f29b eliminate allocs for getting static resources
optimise two char emoticons
add 30 parser tests
2020-07-26 14:36:40 +10:00
Azareal 101b045000 bulk mod: cancel bulk mod mode
bulk mod: fix init binding
bulk mod: cancel bulk mod mode during page transitions
js: more logging
js: add before_init_bind_page hook
js: add end_unbind_page hook
js: change end_bind_page to init hook
js: change end_bind_topic to init hook
nox: add padding to no alerts alert
phrases: add topic_list.cancel_mod
2020-07-23 21:13:55 +10:00
Azareal e814e85daa fix alerts erroring when you don't have any
reset mod floater status on page bind
alias console.log with log
reduce boilerplate
2020-07-23 14:02:16 +10:00
Azareal afc9f54e5e bulk mod: unselect items by clicking them again. 2020-07-19 17:22:49 +10:00
Azareal be609b47ce new modtools ux
- don't allow users to select things they shouldn't be able to
- hide mod options the user doesn't have access to
- highlight options which can be selected
- stop counting topics twice when they're clicked on multiple times

fix modtools not opening in some cases
fix command orders in batch files
fix global.js's getExt()
reduce boilerplate
2020-07-19 13:26:56 +10:00
Azareal 6260dbced7 fix command order in run.bat 2020-07-19 11:06:09 +10:00
Azareal 0c230e12ec add WSUser.WriteToPageBytesMulti 2020-07-16 20:51:34 +10:00
Azareal da5f383c5b add emoji docs 2020-07-15 19:03:10 +10:00
Azareal 96b61078c5 hide modtool options we don't have access to on forum and topics pages
use hookgen for route_topic_list_start hook
add route_topic_list_mostviewed_start hook
2020-07-15 18:27:36 +10:00
Azareal 32bd1a5e28 let admins reset default emojis 2020-07-15 17:05:06 +10:00
Azareal 5bfc5e3e40 unit tests for profile comment visibility 2020-07-15 16:59:47 +10:00
Azareal eeb932bd4b tempfix csp topic transition bug 2020-07-15 08:01:11 +10:00
Azareal b1af963916 Add per-user profile comment visibility settings.
Honor user blocks in ProfileReplyEditSubmit.
Reduce boilerplate.

Update account_privacy_profile_comments phrase.
Add account_privacy_profile_comments_public phrase.
Add account_privacy_profile_comments_registered phrase.
Add account_privacy_profile_comments_self phrase.
Add account_privacy_enable_embeds phrase.

Add profile_comments column to users table.
Add who_can_convo column to users table.

You will need to run the updater / patcher for this commit.
2020-07-15 07:50:29 +10:00
Azareal 4bdc528744 remove arbitrary restrictions on text fields in MysqlAdapter.SetDefaultColumn
save allocs in mysql query adapter
2020-07-13 16:53:04 +10:00
Azareal d1f977154f guest profiles should not exist
don't load profile resources on error
2020-06-30 12:27:04 +10:00
Azareal 5ac7739648 Config.NoEmbed should override user preferences. 2020-06-29 21:40:52 +10:00
Azareal c4f2f0df90 support youtu.be urls
add noscript tags for video embeds
support youtube timestamps
validate youtube video parameters

add more parser tests
2020-06-25 17:46:09 +10:00
Azareal 7f1cd665ca fix csps for embeds being reset by next post 2020-06-25 12:36:06 +10:00
Azareal ae83a1c701 update brotli and mssql deps
add a couple more canonemail test cases
2020-06-23 06:26:10 +10:00
Azareal 572ff8e073 token based anti-spam for when javascript is disabled
reduce the number of allocs when generating templates
2020-06-19 16:38:32 +10:00
Azareal 195b41cb79 stop suspicious email check breaking optional emails 2020-06-19 14:22:41 +10:00
Azareal 470003665b clarify how the weak password scanner works 2020-06-19 13:18:44 +10:00
Azareal 2c220c47df docs for weakpass.json
grammar
add a weakpass literal
2020-06-19 13:03:10 +10:00
Azareal 3efd887b1a cover common mutations of literal definitions
add seven char weak password definitions to take advantage of mutations
avoid majority of the weak password logic for really long passwords
2020-06-18 13:37:05 +10:00
Azareal 08d5e2e0d8 add more weak password definitions
move the weak password logic to it's own file
add another weak password test case and split the test function
2020-06-18 12:39:21 +10:00
Azareal 898fe9d01e oops 2020-06-18 08:08:18 +10:00
Azareal f0c9544af6 make it easier to define weak password definitions
add tests for weak passwords
make it easier to check values of errors returned from weak password
loosen weak password requirements for long passwords
reduce boilerplate when loading json files
only check for email in passwords when it is longer than two chars
more canonemail tests
2020-06-18 08:03:36 +10:00
Azareal 0254687d5b oh 2020-06-16 13:25:38 +10:00
Azareal bb0f6be91c canonalize emails properly
shorten var names
2020-06-16 12:07:21 +10:00
Azareal efa9b4ea70 did i not commit this? giiiiittt.
wider videos on cosora
2020-06-09 21:52:59 +10:00
Azareal 304c246cb2 security: stop exempting video sites in frame-src on pages which don't have video embeds
perf: reduce allocs in action posts
perf: avoid allocing a map and slice for single reply posts when it is liked and the post also has an attachment.
perf: use hookgen for topic_reply_row_assign hook.
perf: stop unnecessarily indirecting r in topic_reply_row_assign hook.
perf: try optimising reqUserList logic in Topic.Replies()
2020-06-09 12:04:58 +10:00
Azareal 019efc8c62 add support for niconico videos
tweak tempra simple text attach padding
2020-06-08 22:19:32 +10:00
Azareal cb383240f8 tempra simple too
fix line wrap in attach box on themes exc cosora
2020-06-08 21:56:33 +10:00
Azareal 5073c78364 text attachments for cosora and shadow
reduce bytes and boilerplate
2020-06-08 21:31:45 +10:00
Azareal 8be3f79abb improve text file attachment blocks 2020-06-08 21:13:19 +10:00
Azareal ef97d7fb31 avoid false positives in html blocks with underscore markdown with latin word boundary detection
initialise markdown hooks after slice fills
2020-06-08 21:02:19 +10:00
Azareal a8702b617f initial AText 2020-06-08 17:04:47 +10:00
Azareal 308182cdb3 add tests for BbcodeStripTags 2020-06-08 12:35:51 +10:00
Azareal 8ef9dc8353 strip bbcode tags from ogdesc meta blocks for topics
add topic_ogdesc_assign hook
initialise hooks after filling slices in bbcode init
hoist poll input checks out of inner loops in CreateTopicSubmit
shorten variable names and reduce boilerplate
2020-06-08 12:18:17 +10:00
Azareal 75d1d6fcbe add telegram, domcop, maui and alt aspiegel user agents
reduce boilerplate in routergen
2020-05-29 08:41:19 +10:00
Azareal 7211ed4f0e switch the order on these 2020-05-28 18:07:13 +10:00
Azareal 72731cfe0c try moving this down to fix upgrades 2020-05-28 18:00:24 +10:00
Azareal db856af952 reduce boilerplate in topic routes 2020-05-27 18:54:53 +10:00
Azareal 77669d42a5 add actionSuccess function to reduce boilerplate
skip doPush if there is nothing to push
optimise cdnpush string building
use string builder for server push strings
2020-05-27 14:15:02 +10:00
Azareal 4eaf0c472a snip this 2020-05-27 10:30:26 +10:00
Azareal 814eac5a95 comment out this test for now 2020-05-27 10:15:46 +10:00