* Instead of parsing shared status contents verbatim, make roundtrip
to purported original URL. Confirm that the "original" URL is from the
same domain as the author it claims to be from.
* Fix obvious typo, add comment
* Use URI look-up first
* Add test, update Goldfinger dependency to make less useless HTTP requests per Webfinger lookup
* OEmbed support for PreviewCard
* Improve ProviderDiscovery code failure treatment
* Do not crawl links if there is a content warning, since those
don't display a link card anyway
* Reset db schema
* Fresh migrate
* Fix rubocop style issues
Fix#1681 - return existing access token when applicable instead of creating new
* Fix test
* Extract http client to helper
* Improve oembed controller
* Fix syntax error
* Remove two_factor_auth.warning (appears obsolete)
* Add missing strings in ru.yml
A lot of new strings translated, especially for the newly added admin section
* Update Russian translation
* Fix merge conflicts
Redid Works by @rkarabut
* Add coverage for domain block service with silence
* Get rid of warning about find_each and order
* Move domain_block to attr_reader
* Move optional clear_media into silence_accounts method
* Use blocked_domain method to reduce passed vars
* Extract blocked_domain_accounts method to find accounts on the domain
* Extract media_from_blocked_domain method to find relevant attachments
* Separate destruction of account images and account attachments
* Fixes#1985
- add migration AddMediaAttachmentMeta, which add meta field to media_attachments
- before saving attachment, set file meta if needed
- add meta in api
* add spec
* align the “size” format for image and video
* fix code climate
* fixes media_attachment_spec.rb
Closestootsuite/mastodon#1349
This is my first PR and I’m only checking in the source JSX file.
Please let me know if it should be checked in after being built also.
* Stricter whitelist rules
* Linting
* Added spec for blacklisting
* Test subdomain blacklist on domain whitelist
* No need to split
* Change spec name
Set status action bar to have display flex and center align items so dropdown icon appears center aligned with other icons. Make styles alpha organized.
Add hover state to boost icon - lighten color on hover.
This PR fixes I18n.locale for rake middlewares. Mastodon uses Devise that depends on Warden.
Warden::Manager can be found in rake middleware. It is outside of the controller.
In the case of authentication failed, warden calls throw(:warden). At the time Warden::Manager
delegates request to failure_app to generate response and flash[:alert] after catching it.
Unfortunately, I18n.locale is already reset then because I18n.with_locale is enabled only
inside the controller. If we used I18n.locale=, Devise::FailureApp could get the current locale.
* Change ActivityPub paging to match spec. Clean up ActivityPub outbox changes.
* Fix code style and test failures for OutboxController.
* Attempt to fix CI errors.
duplicates. Web UI regenerates UUID for that header every time the compose
form is changed or successfully submitted
Also, fix Farsi i18n overwriting the English one
* Fix#2119 - Whenever about to send a HTTP request, normalize the URI
* Add test for IDN request in FetchLinkCardService
* Perform IDN normalization on domains before they are stored in the DB
* fix(upload): Only show upload modal when drag even contains files
* fix(firefox): Close drag window ondragend also
Do not only end drag styles on drag leave, but also on drag end. Fixes firefox bug. #687
* fix(drag-modal): Remove drag modal trigger cruft
* fix(upload-modal): Allow close with escape button
* Add failing spec for oauth/authorized_applications controller
* Use explicit reference to flashes partial from admin layout
Because some of the controllers which use the admin layout do not inherit from
application controller, this partial is not in their view path.
* Expose media attachments on reported statuses directly
* Comment out unused bulk report checkbox. Add title to report comment for viewing full comment. Add 'contents' column, with icons and numerical indicators to show the number of referenced statuses and media attachments in the report
* Link account name on authorize_follow card back to account
* Add localisation string for report_contents
* Show new admin accounts card partial on report view. Apply simple_format to report comment so newlines are preserved.
* Add new admin accounts card partial, for display quick useful admin stats (e.g. report history, moderation status).
* Fix localized variable
* Make private toots get PuSHed to subscription URLs that belong to domains where you have approved followers
* Authorized followers controller, stub for bulk action
* Soft block in the background
* Add simple test for new controller
* Rename Settings::FollowersController to Settings::FollowerDomainsController, paginate results,
rename "private" post setting to "followers-only", fix pagination style, improve post privacy
preferences style, improve warning style
* Extract compose form warnings into own container, show warning when posting to followers-only with unlocked account
Float detailed status display avatar left. Only apply display block to display names in status info, not in detailed status. Thanks to @nightpool for finding those. Make star icon in notification show up as gold. Add anchor selector back to status__content__spoiler-link in order to override default anchor style elsewhere.
Add an ID to the CW spoiler input field to give aria-controls a handle on it. Pass that id to the CW trigger button. Modify text icon button component to accept aria controls id value. Add aria-expanded value to text icon button to indicate when it is expanded.
* Add failing spec showing that human_locales does not match what i18n knows about
* Add missing `ar` key for arabic to human locales
* Remove duplicate `id` key from available locales
* Sort keys in human locales list
* Add spec for human_locale helper
This provides a hotfix for outbound salmon requests to other Mastodon instances
as they currently will try to resovle user@WEB_DOMAIN instead of user@LOCAL_DOMAIN
(see #2012 and #20312).
Furthermore, this should ease transition from users switching from
LOCAL_DOMAIN = WEB_DOMAIN to another LOCAL_DOMAIN when WEB_DOMAIN does not change.
Put Column Slim Back Button classnames in order so it is positioned right and top. Add icon button style back to privacy dropdown and upload buttons so they are positioned correctly and do not wiggle. Remove abstracted style from CSS. Add missed class for the upload form thumbnail. Add the missed styles for upload form thumnail. Alphabetize styles for column-back-button. Fix fontSize typo for media-spoiler-video-play-icon.
The two methods `StreamEntriesHelper#stream_link_target` and
`StreamEntriesHelper#acct` are based on checking whether we are running
in an embedded view.
This adds some test helper code to make the testing easier. We extracted
some "magic strings" to constants to lower the coupling in the specs.
The code that generates CSS is based on a lot of boolean conditions.
The possible combinations of these grows exponentially as we add more
conditions.
Since most of the code is conditional on a single boolean, we tested the
following:
1. All `false`
2. All `true`
3. Each individual flag set to `true`
The methods tested are:
* `StreamEntriesHelper#style_classes`
* `StreamEntriesHelper#microformats_classes`
* `StreamEntriesHelper#microformats_h_class`
* Made tooltip for boosting depend on visibility
* Removed spaces that were added in merge conflict resolution
* Try again :P
* Added missing bracket
* Changed 'toot' to 'status'
* Clean up collapsible components
* Expose user Outboxes and AS2 representations of statuses
* Save work thus far.
* Fix bad merge.
* Save my work
* Clean up pagination.
* First test working.
* Add tests.
* Add Forbidden error template.
* Revert yarn.lock changes.
* Fix code style deviations and use localized instead of hardcoded English text.
* Shows confirmed status in list.
* Adds ability to confirm users in admin UI.
* Added new english translations.
* Addresses feedback from #2245.
* More feedback.
- Deleting a toot
- Muting, blocking someone
- Clearing notifications
Remove source map generation from development environment, as it is a huge
performance sink hole with little gains
The previous translation for NSFW, "不適切" means "impertinent". This change
suggests "閲覧注意", which means the content requires precaution, instead.
However, "閲覧注意" was also a translation for CW. CW is now translated as
"警告", which simply means "warnings".
* fix(classnames): Status icon style classnames
Take out inline css and put into classnames for the following components: account, avatar, icon button, status action bar, notification.
* fix(status): Move styles from inline to classes for statuses
Move styles to classnames in components.scss for the following components:
display name
media gallery
status
status content
video player
* fix(classnames): Add classnames to rest of components
Take out inline styles and apply them to classnames in the sass for the following components:
button
column back button
slim column back button
collapsable column
dropdown menu
loading indicator
status list
* fix(classnames): Remove all non-dynamic inline styles
Components affected:
autosuggested
permalink
action bar
header
character counter
compose form
emoji dropdown
privacy dropdown
reply indicator
upload form
account auth
followers
getting started
column settings
mutes
settings
reblogs
status checkbox
report
action bar
status
card
boost modal
media modal
video modal
* fix(permalink): Do not lose classname
* fix(tests): Add space back in display name
* fix(status__wrapper): Remove duplicate css name
Remove incorrect style attribute. Remove style attribute all together. Cursor defaults to "auto" when not specified as 'default'.
* fix(nl): do not lose translations
The force_ssl method from controllers does not add all of the options that the
sitewide configuration in a config block does. For example, HSTS enforcement is
not added by the controller method, but is added by this style.
* feat(aria): Add aria-labels to underlabelled tab nav items
The drawer tabs which control primary navigation are only labelled by a title which is not available to many screenreaders. Add an aria-label attribute to each link to improve readability with screenreaders. Organize link attributes so link target is first followed by classname.
Issue #1349
* feat(aria): Replace abstract aria role of section with region
Abstract aria roles such as section should not be used in content. Use non-abstract 'region' aria role instead. That role expects an aria-labelledby attribute with an id. Pass an ID to the column header. Remove the aria-label attribute on the ColumnHeader because the same value is output in plaintext as its child.
Issue #1349
* fix(aria): Remove aria-controls attribute until solution is found
Columns do not have wrappers, so these icons can't point to a column wrapper which it controls. Instead these icons function as triggers to show or hide individual columns.
#1349
* fix(typo): Remove type of aria-labelledby instead of aria-label
* Add spec coverage for settings/two_factor_auth area
* extract setup method for qr code
* Move otp required check to before action
* Merge method only used once
* Remove duplicate view
* Consolidate creation of @codes for backup
* Move settings/2fq#recovery_codes to settings/recovery_codes#create
* Rename settings/two_factor_auth#disable to #destroy
* Add coverage for the otp required path on 2fa#show
* Clean up the recovery codes list styles
* Move settings/two_factor_auth to settings/two_factor_authentication
* Reorganize the settings two factor auth area
Updated to use a flow like:
- settings/two_factor_authentication goes to a #show view which has a button
either enable or disable 2fa on the account
- the disable button turns off the otp requirement for the user
- the enable button cycles the user secret and redirects to a confirmation page
- the confirmation page is a #new view which shows the QR code for user
- that page posts to #create which verifies the code, and creates the recovery
codes
- that create action shares a view with a recovery codes controller which can be
used separately to reset codes if needed
* Fix#1057 (close#1819) - Move HTML-formatted bio from <poco:note /> to <summary type="html" />
* Ensure <poco:note /> is plaintext for remote accounts, also, by stripping out HTML
* add Indonesian (Bahasa Indonesia) translation
add id.jsx
add translations on email views
add devise.id.yml
add doorkeeper.id.yml
add id.yml
add simple_form.id.yml
update id locale on mastodon.jsx, index.jsx, settings_helper.rb, and
application.rb
* add Indonesian (Bahasa Indonesia) translation
add id.jsx
add translations on email views
add devise.id.yml
add doorkeeper.id.yml
add id.yml
add simple_form.id.yml
update id locale on mastodon.jsx, index.jsx, settings_helper.rb, and
application.rb
* fix InvalidLocaleData on a string
* fix InvalidLocaleData on a string
* Fix language keys in Indonesian ruby locale (id)
Use "id" instead of "en" as object keys.
* Removed obsoleted translation (id)
For the 'time ago' value of stream entry simple statuses and the timestamp value
of detailed statuses - output their UTC value and use the browser timezone to
convert locally.
This commit fixes hashtag_html so it correctly handles matches with multiple hash-signs.
Bug located by @over9001, initial fix suggested by @nightpool.