Commit Graph

633 Commits

Author SHA1 Message Date
Azareal 9d321e9f23 The router now redirects requests to localhost domains with localhost equivalents in the host header which don't quite match the destination to the proper domain.
The router now rejects host headers with the wrong port for non-standard ports.
The www. redirect now handles non-standard ports properly.
The Site.Port configuration setting is now validated on start-up to ensure it's a valid integer.

Quickly fixed up the grammar of the Port block in configuration.md
2019-04-01 15:44:38 +10:00
Azareal c8a8de95ae Avoid labelling requests on non-standard ports as malformed. 2019-03-31 11:50:59 +10:00
Azareal 0bbdb6482e Fixed the installer. 2019-03-31 10:39:54 +10:00
Azareal 4f7bb5320d You can now escape whitelisted HTML elements with a backslash to make them render as text rather than HTML elements.
Added eight more parser tests.
Replaced an empty slice with nil to make it cleaner.
2019-03-27 16:36:14 +10:00
Azareal e1dfebf090 main.css should be invalidated properly too. 2019-03-25 14:01:50 +10:00
Azareal f11f85a1f4 You can now quote posts with the quote button.
Back to Site now links back to the site again.
Localised what to do with this topic for a single topic.
Improved the margins before and after blockquotes for various scenarios including one on it's own, one with content after and one with content before.
Don't bother rendering the opening post source block if it's a guest viewing the page in topic.html
Removed some obsolete inline styles from topic.html

Added the topic.quote_button_text phrase.
Added the topic_list.what_to_do_single phrase.
Added the topic.quote_tooltip phrase.
Added the topic.quote_aria phrase.
2019-03-25 13:30:56 +10:00
Azareal 23a0bf3f41 Try hash based cache busting with stylesheets too.
Use a semantic blockquote element instead of span in plugin_bbcode for [quote]
You can now use <blockquote> elements directly in posts.
Added styling for quotes to Shadow, Cosora and Nox.
Experimenting with the padding on Nox's Control Panel Menu.
Tweaked the padding for the User Manager items on Nox.
Fixed #back filling up all the space it can on Tempra Simple.
Added a bit of padding below the last element before the footer on Tempra Simple.

Tempra Simple's misc.js is now loaded asynchronously.
Shadow's misc.js is now loaded asynchronously.
profile_member.js is now loaded asynchronously.
account.js is now loaded asynchronously.
2019-03-24 17:23:38 +10:00
Azareal 660f24acff Experimenting with Nox's Control Panel.
Experimenting with better cache busting for static resources.
HTTPSRedirect requests are now counted in the route analytics.
More scripts are loaded asynchronously now.
Upped the default ReadTimeout to eight seconds.
Reduce the number of unneccesary NewAcc calls.
Added panel_before_head as an injection point for themes.
Themes can now declare scripts to be loaded asynchronously.
Tweaked the WS resumption algorithm to mae the backoffs a little less aggressive.
Fixed an ordering issue in the WS resumption algorithm where backoffs weren't expiring as fast as they should have.
Fixed a bug where template logs weren't being written due to a panic.
You can now use byte slices in more places in the transpiled templates.
Fixed a bug where Cosora's misc.js seemed to be erroring out.
Fixed a bug where YT embeds were getting blocked by the CSP.

Added the panel_back_to_site phrase.
Added the panel_welcome phrase.
2019-03-22 08:59:41 +10:00
Azareal 3320cb4697 Added documentation for server timeouts.
You can now disable server timeouts o.O
Added a slightly more sophisticated WS Backoff algorithm.
2019-03-17 09:14:47 +10:00
Azareal 526ba8dc0e Get WS to backoff slightly, if the connection keeps dropping. 2019-03-16 23:11:24 +10:00
Azareal f2572fc3bd Fixed the analytics charts.
Fixed the back to site link destination.

Added the ReadTimeout, WriteTimeout, IdleTimeout and FullReqLog config settings.
2019-03-16 22:50:31 +10:00
Azareal cb58c1c83f The number of unread alerts now appears in the page title.
Added the Back to Site link to Nox's Control Panel.
Added the panel_group_menu template and used it to de-dupe the group menu HTML.
Fixed a potential race condition with dismiss alert.
Fixed a strange bug where new alerts wouldn't appear.
Fixed a race condition where client templates sometimes wouldn't load.
Dramatically cut down on the number of DOM rebuilds for the alert list.
Added some missing error handling for ajax page block loads.
Fixed a bug where the dimiss alert endpoint wasn't sending a success payload.

Made the register_might_be_machine phrase more descriptive.
Added the panel_menu_aria phrase.
2019-03-16 21:31:10 +10:00
Azareal 414d9c4817 Tighter ratelimiting for password resets.
Eliminated a line in agents.go
Added the DateCutoff method to accCountBuilder.
Function columns should now work for ComplexSelect.
Added type=search to the Search and Filter Widget search box.

Began cleaning some prebuilder logic up.
Began work on the generic ratelimit interface.
2019-03-12 19:13:57 +10:00
Azareal e22ddfec40 Added support for password resets.
Sha256 hashes are now stored in the SFile structures, this will come of use later.
Rows should be properly closed in DefaultTopicStore.BulkGetMap.
All errors should be properly reported now in DefaultTopicStore.BulkGetMap.
Rows should be properly closed in DefaultUserStore.BulkGetMap.
All errors should be properly reported now in DefaultUserStore.BulkGetMap.
Don't have an account on the login page should now be linkified.
Renamed tempra-simple to tempra_simple to avoid breaking the template transpiler.
Fixed up bits and pieces of login.html on every theme.
Removed an old commented code chunk from template_init.go
widget_wol widgets should now get minified.
bindToAlerts() should now unbind the alert items before attempting to bind to them.
Tweaked the SendValidationEmail phrase.
Removed a layer of indentation from DefaultAuth.ValidateMFAToken and added the ErrNoMFAToken error for when MFA isn't setup on the specified account.
Email validation now uses a constant time compare to mitigate certain classes of timing attacks.

Added the /accounts/password-reset/ route.
Added the /accounts/password-reset/submit/ route.
Added the /accounts/password-reset/token/ route.
Added the /accounts/password-reset/token/submit/ route.
Added the password_resets table.

Added the password_reset_email_fail phrase.
Added the password_reset phrase.
Added the password_reset_token phrase.
Added the password_reset_email_sent phrase.
Added the password_reset_token_token_verified phrase.
Added the login_forgot_password phrase.
Added the password_reset_head phrase.
Added the password_reset_username phrase.
Added the password_reset_button phrase.
Added the password_reset_subject phrase.
Added the password_reset_body phrase.
Added the password_reset_token_head phrase.
Added the password_reset_token_password phrase.
Added the password_reset_token_confirm_password phrase.
Added the password_reset_mfa_token phrase.
Added the password_reset_token_button phrase.

You will need to run the updater or patcher for this commit.
2019-03-11 18:47:45 +10:00
Azareal 93b292acc0 Added a little note to the installation guide about setting up emails.
Alerts will be resynced whenever a WebSockets connection is re-established now.
Fixed client side overrides.
2019-03-05 15:53:02 +10:00
Azareal 836a148ee8 Delete old avatar files to avoid dead files from building up in /uploads/ and potentially causing issues.
Make the thumbnailer more resiliant when the avatar it's supposed to be thumbnailing doesn't exist.
/uploads/ should be set to 2755 to reduce the probability of permission issues.

WebSockets now re-connects after a while after the connection drops. This is slightly experimental.
2019-03-05 14:46:43 +10:00
Azareal a28b6c2690 Added a WYSIWYG Editor for editing replies in Cosora. 2019-03-04 17:47:38 +10:00
Azareal 3cb5896316 Tighten the content security policies for profiles.
Use template variables instead of CSS variables in Nox for better browser backwards compatibility.
Emit a local error instead of an internal error when submitting an activation token as a guest or invalid user.
Moved the inline profile scripts into profile_member.js
2019-03-04 16:43:07 +10:00
Azareal 4d1f80edab Tweaked the content security policy a little. 2019-03-04 09:21:06 +10:00
Azareal f41a5dd943 Fix the issue with Grammarly spewing out random HTML. 2019-03-03 16:39:08 +10:00
Azareal 0e5ea2035e Activation tokens should work again now.
Document the SMTPEnableTLS setting and update the documentation for SMTPPort.
2019-03-03 16:10:26 +10:00
Azareal 65924cac2a Try fixing the email headers. 2019-03-03 15:31:13 +10:00
Azareal 3eb06d6822 Temporary email debugging. 2019-03-03 14:49:03 +10:00
Azareal 41e7464f8d Added support for SMTP TLS. 2019-03-03 14:00:04 +10:00
Azareal e9b46e1cd6 Email errors should be logged now.
Reordered the registration logic so the session is created before any, if any, email errors fire.
Fixed a bug where the analytics phrases would load after the graph is drawn.
2019-03-03 13:19:32 +10:00
Azareal ce04b6001e Localised the analytics panes.
Tweaked the analytics phrases to make them a little more compact so they don't overlap as badly.
Added support for Facebook to the analytics panel.
Fixed a bug where language ISO codes weren't tracked properly.
Fixed a bug with settings overflowing their containers on Cosora.
The panel elements can now take up more room on Nox.
Added some information on per-theme overrides to docs/templates.md

Added the analytics.now phrase.
Added the analytics.today phrase.
Added the analytics.days phrase.
Added the analytics.days_short phrase.
Added the analytics.months phrase.
Added the analytics.months_short phrase.
2019-03-03 12:28:17 +10:00
Azareal ec313253ac Up the priority on these CSS directives. 2019-02-28 20:09:50 +10:00
Azareal 4aa680c666 Widen the postbits for Nox when there isn't a sidebar taking up space. 2019-02-28 19:35:27 +10:00
Azareal 25846d8942 shrink_main should work again. 2019-02-28 19:31:13 +10:00
Azareal 75668db3ea Hotfix for broken sidebar handling, a full fix is in the works. 2019-02-28 19:01:28 +10:00
Azareal 38c79f6eae Fix links overflowing their boxes in Shadow and Nox. 2019-02-28 18:42:25 +10:00
Azareal ae8485391b Loosen the CSP a little for images. 2019-02-28 18:11:29 +10:00
Azareal a4b579d75d Whoops, this should fix the SIGSEGV. 2019-02-28 17:34:56 +10:00
Azareal cc1d0f089a Client templates can now be overriden like every other template.
The client templates load earlier now for a smoother user experience.
Added a setting for setting a Google Site Verification meta tag without editing header.html
Added support for favicons. /static/favicon.ico will be mapped to favicon.ico, if it exists.
The parent forum is now visible on the topics list for Nox.

Language headers which contain the wildcard character are no longer considered unknowns.
Meta descriptions and open graph descriptions are no longer emitted for logged in users.
Slimmed down topics_topic slightly for Nox.
Pre-parsed widgets are now minified.
Stale WebSockets connections should be cleaned up far quicker now.
Template generation is now logged separately.
Commented out some obsolete template logic.
Marked a few template generator fields as unexported.

Fixed the styling for the ban page in the profile for Nox.
Fixed the styling for colline for Cosora and Tempra Simple.
Fixed the sidebar overflowing outside of the box on Nox.
Fixed the meta description text overflowing the box in the Setting Manager on Nox.
Fixed excessive padding in the Page Manager.
Fixed a few missing border on the profiles for Tempra Simple.
Fixed the sidebar appearing in places it shouldn't on Tempra Simple.
Fixed the status code emitted by NotFoundJS
Fixed a bug where Gosora kept falling back to interpreted templates.
Fixed a bug where WebSockets connections weren't getting closed properly if the user cache overflowed.
Fixed a bug where WebSocket connections weren't getting initialised for guests.
Fixed a bug where template overrides weren't always getting applied.
Fixed a bug where root template overrides weren't always getting applied.

Added the google_site_verify setting.
Added the google_site_verify phrase.

You will need to run the patcher or updater for this commit.
2019-02-28 17:28:17 +10:00
Azareal fe33112827 Added an experimental content security policy.
Added support for Open Graph Descriptions.
Nox now officially supports notices.
Tweaked the language detection algorithm to cover more cases.
Tweaked the user agent parser to accomodate DotBot better.
Added a non-JS fallback for the theme selector.
Tweaked the padding on widget simple.
Scripts should now execute properly for individual language charts in the analytics panel.
2019-02-24 18:02:00 +10:00
Azareal 1fb497adf8 Deployed multi-series charts across the entirety of the analytics panel.
Added the one year time range to the analytics panes.
Dates are now shown on detail panes for Request, Topic and Post analytics instead of times for higher time ranges.
The labels should now show up properly for the three month time range charts.
The paginator should now work properly for login logs.
Pushed a potential fix for subsequent pages with only one item not showing. up.
Executing a search query should now change the title.
Fixed a bug where the user agent parser choked on : characters.
Fixed the ordering of items in the multi-series charts which caused the most important items to get booted out rather then the least important ones.
Tweaked the padding on the User Manager items for Nox so they won't break onto multiple lines so readily.
Fixed a potential issue with topic list titles.
Fixed a potential crash bug in the Forum Analytics for deleted forums.

Added the Count method to LoginLogStore.
Continued work on the ElasticSearch mapping setup utility.

Added the topic_list.search_head phrase.
Added the panel_statistics_time_range_one_year phrase.
2019-02-24 11:29:06 +10:00
Azareal 633c9ef2ec Let's not default to mostviewed. 2019-02-23 18:16:54 +10:00
Azareal 7f6c1bada2 Added the topics_search phrase. 2019-02-23 17:47:42 +10:00
Azareal 8acc5e7991 Maybe, this will work...? 2019-02-23 17:33:18 +10:00
Azareal c3743bc28d This will require further investigation, thanks MariaDB. 2019-02-23 17:07:48 +10:00
Azareal 255d0adca8 x.x 2019-02-23 17:00:00 +10:00
Azareal cf4a9d1738 You can now disable the search subsystem.
Try Travis with MariaDB 12...
2019-02-23 16:55:34 +10:00
Azareal 6b56d69fc8 Experiment to see if this normalises things in Travis... 2019-02-23 16:39:09 +10:00
Azareal 2296008655 Basic search now works for the Search & Filter Widget. ElasticSearch has been temporarily delayed, so I can push through this update.
Added the three month time range to the analytics panes.
Began work on adding new graphs to the analytics panes.
Began work on the ElasticSearch adapter for the search system.
Added the currently limited AddKey method to the database adapters.
Expanded upon the column parsing logic in the database adapters to ease the use of InsertSelects.

Added the BulkGet method to TopicCache.
Added the BulkGetMap method to TopicStore.
TopicStore methods should now properly retrieve lastReplyBy.
Added the panel_analytics_script template to de-dupe part of the analytics logic. We plan to tidy this up further, but for now, it'll suffice.
Added plugin_sendmail and plugin_hyperdrive to the continuous integration test list.
Tweaked the width and heights of the textareas for the Widget Editor.
Added the AddKey method to *qgen.builder
Fixed a bug where using the inline forum editor would crash Gosora and wouldn't set the preset permissions for that forum properly.
Added DotBot to the user agent analytics.
Invisibles should be better handled when they're encountered now in user agent strings.
Unknown language ISO Codes in headers now have the requests fully logged for debugging purposes.
Shortened some of the pointer receiver names.
Shortened some variable names.

Added the dotbot phrase.
Added the panel_statistics_time_range_three_months phrase.

Added gopkg.in/olivere/elastic.v6 as a dependency.

You will need to run the patcher or updater for this commit.
2019-02-23 16:29:19 +10:00
Azareal a0368ab87c Added information about the Email, DisableLiveTopicList, DisableJSAntispam, MaxTopicTitleLength and MaxUsernameLength configuration settings to configuration.md 2019-02-21 16:52:32 +10:00
Azareal d332870a0f Added some notes about HTTPS to the Installation Guide. 2019-02-20 17:49:08 +10:00
Azareal 6e02c7dd2a Added the configuration documentation file. 2019-02-20 15:35:18 +10:00
Azareal 37ce6165c8 Update the experimental plugins sendmail and hyperdrive to work with the new Plugin APIs. 2019-02-17 15:38:49 +10:00
Azareal d5a58421a7 The forum page now uses EasyJSON to speed it up slightly.
Added SemrushBot to the analytics rather than treating it as an unknown.
The word compatible is now skipped in UA to hopefully avoid allocating a little bit more.
The tickloop is a little more resilient against hard stale connections now.
Removed a temporary benchmark which was used for comparing the built-in JSON library to EasyJSON.

Added the semrush phrase.
2019-02-10 19:32:05 +10:00
Azareal 5099162d9c Add Easyjson to these files too as it's being difficult... 2019-02-10 16:01:09 +10:00