sam/pleroma-fe
sam/pleroma-fe
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
5863 commits 3 branches 15 tags 109 MiB
Commit graph

869 commits

Author SHA1 Message Date
Absturztaube 12db1d8719 Merge branch 'develop' into fedi-absturztau-be 2021-12-15 20:50:39 +01:00
rinpatch d36b45ad43 entity_normalizer: Escape name when parsing user 
In January 2020 Pleroma backend stopped escaping HTML in display names
and passed that responsibility on frontends, compliant with Mastodon's
version of Mastodon API [1]. Pleroma-FE was subsequently modified to
escape the display name [2], however only in the "name_html" field. This
was fine however, since that's what the code rendering display names used.

However, 2 months ago an MR [3] refactoring the way the frontend does emoji
and mention rendering was merged. One of the things it did was moving away
from doing emoji rendering in the entity normalizer and use the unescaped
'user.name' in the rendering code, resulting in HTML injection being
possible again.

This patch escapes 'user.name' as well, as far as I can tell there is no
actual use for an unescaped display name in frontend code, especially
when it comes from MastoAPI, where it is not supposed to be HTML.

[1]: https://git.pleroma.social/pleroma/pleroma-fe/-/merge_requests/1052
[2]: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/2167
[3]: https://git.pleroma.social/pleroma/pleroma-fe/-/merge_requests/1392
 2021-11-16 20:35:23 +03:00
Absturztaube d34cef391b resolve merge confilcts 2021-10-02 19:31:29 +02:00
HJ 1c53528433 Merge branch 'fix-favico-badge-chrome' into 'develop' 
fix favico badge not working on chrome

See merge request pleroma/pleroma-fe!1391
 2021-09-07 16:17:31 +00:00
Henry Jameson f16658adfc fix tests 2021-08-15 02:59:14 +03:00
Henry Jameson 97e86381c8 remove old emoji added, everything emoji-bearing uses RichContent now 2021-08-13 13:12:33 +03:00
Henry Jameson 4c974f5ca2 richcontent support in polls, user cards and user profiles 2021-08-13 13:06:42 +03:00
Henry Jameson 6c6df29ed3 support richcontent in polls 2021-08-13 12:19:57 +03:00
Absturztaube 5a5320b71c Merge branch 'tusooa/pleroma-fe-from/develop/tusooa/media-touch-actions' into fedi-absturztau-be 2021-08-07 11:54:30 +02:00
Tusooa Zhu 3366c915e9
Check whether we swiped only for mouse pointer 2021-08-02 22:29:49 -04:00
Tusooa Zhu db71bbf358
Scale swipe threshold with viewport width 2021-08-02 22:29:48 -04:00
Tusooa Zhu 33384af5df
Use native click for hiding overlay 
The pointerup strategy is unsuccessful, as some other overlays
(Firefox's Inspect Element) will pass down pointerup events.
 2021-08-02 22:29:48 -04:00
Tusooa Zhu cd9384adae
Clean up 2021-08-02 22:29:47 -04:00
Tusooa Zhu 7469849c39
Add swipe-click handler to media modal 
Now swiping will correctly change the current media, and with a good
preview. Clicking without swiping closes the overlay.
 2021-08-02 22:29:47 -04:00
Tusooa Zhu 7d767f840b
Handle pinch action 2021-08-02 22:29:46 -04:00
Tusooa Zhu aa70c31950
Preview swipe action 2021-08-02 22:29:46 -04:00
Tusooa Zhu 61509d1b1e
Make media modal be aware of multi-touch actions 
Originally the media viewer would think every touch is a swipe (one-finger
touch event), so we would encounter the case where a two-finger scale event
would incorrectly change the current media. This is now fixed.
 2021-08-02 22:28:16 -04:00
Absturztaube fcf1c7b4b4 resolve merge conflicts 2021-06-21 13:58:30 +02:00
Henry Jameson 8fe4355a6b fix rich images 2021-06-18 21:29:47 +03:00
Henry Jameson bebafa1a2c refactored line converter, untied its logic from greentexting, better 
handling of broken cases
 2021-06-13 15:24:29 +03:00
Henry Jameson 418f029789 review + fixes 2021-06-12 20:43:29 +03:00
Henry Jameson 90a188f2c3 cleanup 2021-06-12 19:54:34 +03:00
Henry Jameson cd44556750 restructure and tests 
squash! restructure and tests
 2021-06-12 19:54:30 +03:00
Henry Jameson 5834790d0b fix #935 2021-06-11 11:50:05 +03:00
Henry Jameson f819227bed fixed console errors, improved user-selecting, added cyantexting 2021-06-11 11:49:32 +03:00
Henry Jameson cc00af7a31 Hellthread(tm) Certified 2021-06-10 18:52:01 +03:00
Henry Jameson 7d6fc044fb new mentions look 2021-06-07 23:42:04 +03:00
Henry Jameson 8e9f5d7580 renamed StatusText to StatusBody for clarity, fixed chats 2021-06-07 19:50:38 +03:00
Henry Jameson 04fa1f0b2d some docs, added richcontent to usernames in status, updated stillImage 
to allow scale of "gif" label
 2021-06-07 18:41:47 +03:00
Henry Jameson b0ae32e309 made getAttrs correctly handle both ' and " 2021-06-07 18:41:47 +03:00
Henry Jameson be79643bcf fix emoji processor not leaving string as-is if no emoji are found 2021-06-07 18:41:47 +03:00
Henry Jameson 20ce646852 [WIP] MUCH better approach to replacing emojis with still versions 2021-06-07 18:41:47 +03:00
Henry Jameson 2a2483f4c9 handle multiple favicons (different sizes) 2021-06-02 12:47:54 +03:00
Henry Jameson 008e711e11 fix favico badge not working on chrome 2021-06-02 12:15:31 +03:00
HJ dc611dffdb Merge branch 'flash-support' into 'develop' 
Flash support

See merge request pleroma/pleroma-fe!1380
 2021-05-31 11:00:53 +00:00
Absturztaube c8e517828e Merge branch 'develop' into fedi-absturztau-be 2021-05-12 13:50:27 +02:00
Matilde Park 06d0254cc5 entity_normalizer: safely check screen_name 
Prevents a crash on undefined screen name cases.
 2021-04-21 01:40:25 -04:00
Absturztaube c44f2bbcd6 Merge branch 'develop' into fedi-absturztau-be 2021-04-19 11:45:22 +02:00
Henry Jameson 87903fbf6d do not load ruffle multiple times! 2021-04-12 01:15:59 +03:00
Henry Jameson 5fdc4a1904 whooops dropped my monstercondo 2021-04-12 00:03:17 +03:00
Henry Jameson d695dcaff9 experimental flash support through ruffle 2021-04-09 19:14:05 +03:00
HJ 8b96ea9377 Merge branch 'settings-import-export' into 'develop' 
Settings backup/restore + small fixes

See merge request pleroma/pleroma-fe!1372
 2021-04-07 17:40:07 +00:00
Absturztaube 7f05730e9b resolve merge conflicts and update fixes 2021-03-16 11:20:22 +01:00
Absturztaube 6ef591bdcc Merge branch 'develop' into fedi-absturztau-be 2021-03-09 17:14:31 +01:00
Henry Jameson a8967d85bd streamlined WS flow, reduced spam amount related to WS reconnections 2021-03-09 02:38:10 +02:00
Henry Jameson 90afcd3420 WIP some work on making errors less spammy 2021-03-08 22:24:39 +02:00
Henry Jameson 2e7bd99444 Merge remote-tracking branch 'origin/develop' into websocket-fixes 
* origin/develop: (119 commits)
  Apply 1 suggestion(s) to 1 file(s)
  Make it possible to localize user highlight options
  remove shoutbox test hacks
  fix shoutbox header, use custom scroll-to-bottom system, remove vue-chat-scroll, temporarily add chat test hack
  update changelog with 2.3.0
  change icons around
  Translated using Weblate (Japanese)
  Update timeline_quick_settings.js
  add screen_name_ui to tests
  separate screen_name and screen_name_ui with decoded punycode
  Update CHANGELOG.md
  add basic validation for statusless status notifications
  changelog mention
  fix chat unread badge
  update shelljs to get rid of warnings on build
  save a few characters
  focus input in emoji picker and react picker
  fix vue warnings
  add only to wording
  basic loggedin check for reply filtering
  ...
 2021-03-08 22:01:28 +02:00
Henry Jameson 3d95ea6acb cleanup + fix 2021-03-08 21:56:20 +02:00
Henry Jameson bd5b62b107 changed importexport into a service instead of component for simplicity 2021-03-08 19:42:24 +02:00
Henry Jameson 4baa397ed0 fixed another problem with p's broken theme causing theme editor to 
become unusable
 2021-03-08 19:19:16 +02:00