Peter Bhat Harkins
356cd601c5
bump rails for vulns
...
https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
2019-03-13 12:53:56 -05:00
Peter Bhat Harkins
4e653a9896
show all suggested tags/titles, lift work from view to db
...
Also extracted tag_link helper to dedupe that snippet of repeated code.
2019-03-13 08:46:51 -05:00
Peter Bhat Harkins
0cea4d497c
greppable logging for sockpuppeting
...
When I cleaned up a sockpuppeter a couple days ago I had to do some ridiculous
shell scripting to combine multiple lines by their request id to see/search
IP, method + URL, and username together. Now basic checks are trivial:
> Request 127.0.0.1 GET /stories/uohnuj/upvote user: 123 totallynotpushcx
2019-03-08 17:24:50 -08:00
Brian Kung
fdd85dbe3d
Adds more macOS specific mysql2 instructions
2019-03-05 14:20:54 -08:00
Peter Bhat Harkins
2cde69aa7d
no images in story text; leaks browsing data to submitter
...
mostly reverts b7e5447
2019-03-04 21:11:38 -08:00
Peter Bhat Harkins
e84fc8c679
recognize /foo and /foo/index.html as dupes
2019-02-26 09:30:14 -06:00
Peter Bhat Harkins
d2963d4b80
title mod pages
2019-02-19 18:34:58 -06:00
Edward Loveall
600fcb9108
Fix comment spec's order dependence
2019-02-17 10:55:29 -06:00
Peter Bhat Harkins
31a938e916
fix so adding tags creates modlog entries
2019-02-16 15:25:46 -06:00
Peter Bhat Harkins
d566b83e14
include deleted stories in flagged view
2019-02-08 09:59:09 -06:00
Peter Bhat Harkins
0dbbbaa213
Fix account deletion form
...
Fixes #636
2019-02-06 11:33:46 -06:00
Peter Bhat Harkins
9169b04fb6
fix similar story display on submit form
2019-01-25 18:38:58 +05:30
Abdullah Samman
1b6a0de73d
Fix comment editing
...
Fixes #624
Closes #625
2019-01-16 09:40:44 -06:00
Chris Lloyd
0a484e38d1
Give seed admin enough activity to take all normal user actions
2019-01-16 08:14:01 -06:00
Nikhil Jha
9ed740767d
Fake Data: Hats, Comments
2019-01-16 08:11:08 -06:00
Peter Bhat Harkins
d9fc5356d6
don't search dupe urls
2019-01-16 07:35:52 -06:00
SvintBel
4841d38894
Fix form tag
...
Fixes #633
2019-01-16 07:35:28 -06:00
Colin Dean
11592ac0a6
Notes mysql2 gem installation workaround for macOS
...
There is apparently a bug in the `mysql_config` script included in `mysql-connector-c` that the mysql2 gem uses to build the native extensions. This theoretically would trip up anyone using macOS 10.12+ without having MySQL or MariaDB running locally.
2018-12-24 18:04:29 -06:00
Peter Bhat Harkins
3cc6ff7aee
revert changes to comment box until I can sort out form errors
2018-12-24 09:38:39 -06:00
Hunter Madison
93440ce5bc
Fix #622 by renaming the invitation_code hidden field
2018-12-23 11:06:44 -05:00
Peter Bhat Harkins
b10d659de4
fix hidden_fields for form_with
2018-12-22 11:38:51 -06:00
Peter Bhat Harkins
c6759f3780
meet the new cop, same as the old cop
2018-12-22 10:42:41 -06:00
Peter Bhat Harkins
0b578ac8ca
rm old yarn binary
2018-12-11 06:51:10 -08:00
Abdullah Samman
17bdf34667
Make merged votes voteable
...
Fix #424
Fix #500
2018-12-09 09:58:38 -06:00
Peter Bhat Harkins
ab5973f203
note about running ruumba
2018-12-09 07:53:47 -08:00
Abdullah Samman
089f3475ba
Migrate deprecated form_tag and form_for to form_with
...
See next commit for note on running view style checks.
2018-12-09 09:51:30 -06:00
Abdullah Samman
8f46f991f3
Fix quoted-printable subject question-mark not being encoded
...
Fix #396
2018-12-05 09:11:09 -06:00
Abdullah Samman
0e198cb9bf
encode fetched content to utf8
...
Net::HTTP is basically returning raw bytes and letting the user figure out if
the Content-Type header is correct, or if the response is HTML and an included
charset meta tag can be trusted. Rather than trying to get smarter and figure
out the encoding of the page, we're force-encoding to utf8 (which the vast
majority of pages are already) in a way that hopefully won't raise any
exceptions. We don't need perfect data here; good data is plenty.
Fix #590
2018-12-05 08:41:44 -06:00
Guillaume Briday
70e8eef8d8
don't try to load rubocop in prod
...
Fix #599
2018-12-05 08:24:46 -06:00
Abdullah Samman
3426d6f607
Story#public_similar_story: return [] not nil
...
Fix #611
2018-12-05 08:22:19 -06:00
Peter Bhat Harkins
bac3fe9179
hint hint
2018-12-05 08:15:12 -06:00
Abdullah Samman
48ea7e43cc
fix opacity on flag menu
...
Fix #601 .
2018-12-05 08:13:41 -06:00
Peter Bhat Harkins
5b958d907a
error if parent comment was removed during writing
2018-11-29 19:29:43 -06:00
Abdullah Samman
1c82243da5
hint iOS safari scroll behavior
...
Fix #591
2018-11-28 09:24:55 -06:00
Peter Bhat Harkins
ec2062f132
don't run if file's required
2018-11-28 09:20:45 -06:00
Lucas Charles
cafc067bea
Allow check_url_dupe to be queried by non-logged-in-users
2018-11-28 08:35:23 -06:00
Peter Bhat Harkins
d9b17c2464
fix submission of dupe links + display of deleted stories from 8554cef
2018-11-28 08:26:42 -06:00
Peter Bhat Harkins
b2fa091e13
fix 92a768e
2018-11-26 18:44:44 -06:00
Abdullah Samman
92a768e604
make rails test
run rails spec
instead
...
Fix #585
2018-11-26 18:42:01 -06:00
Peter Bhat Harkins
922ef94cb7
warn against style churn because folks aren't seeing #460
2018-11-26 18:12:40 -06:00
Peter Bhat Harkins
1e5a7fc81f
whitespace; shallow name
2018-11-24 16:43:43 -06:00
SengMing Tan
0b6476e4ce
add rubocop cop to prevent the safe navigation operator
...
Close #596
2018-11-24 16:41:09 -06:00
Peter Bhat Harkins
04753278b3
rubocop
2018-11-24 16:02:45 -06:00
Peter Bhat Harkins
b23f106477
fix appearance of deleted comments on /comments and user thread pages
...
Also fixes 1 + n queries on those pages.
2018-11-24 09:20:01 -06:00
Peter Bhat Harkins
54abea7ed6
better wording
...
https://lobste.rs/s/sfzmwr/proposal_set_everyone_s_invite_count_zero#c_np1ubv
2018-11-22 23:50:59 -06:00
Peter Bhat Harkins
8554cef9ef
Story#similar_stories should not include deleted stories
2018-11-22 08:48:04 -06:00
Peter Bhat Harkins
1c04acec58
fix #similar_stories to not include merged stories
2018-11-21 21:06:30 -06:00
Peter Bhat Harkins
0724c706fc
name exceptions so we can ignore most of them
...
Now that we've had this in prod a while I've collected a few transient DNS
issues. Because webmentions are a nice-to-have, we can just drop the mention
if someone's DNS is flaking on us. We let BadIPsError hit logs because it
might be someone attempting to use this to enumerate our internal network
(tho it's most likely misconfiguration).
2018-11-20 08:18:10 -06:00
Peter Bhat Harkins
087df3bb6b
bugfix empty string urls
...
Empty string URLs (any story with text and no link) passed this nil check but
threw an exception out of extras/sponge when it tried to get the host.
2018-11-20 08:07:12 -06:00
Peter Bhat Harkins
bdb3098320
strip Facebook tracking param
...
http://thisinterestsme.com/facebook-fbclid-parameter/
2018-11-19 22:12:27 -06:00