This temporarily reverts the conversion to using the DW::Request->cache
instead of Apache notes. There were some issues when this went live
briefly and I need to spend more time debugging it.
This switches to using a request cache on the DW::Request object instead
of using Apache notes. This also gives us a facility for observing who
is interacting with request cache -- which might please Nick as it would
let us untangle the wilderness that is Apache notes.
As part of cleaning up authentication flows to live in one place, I've
moved challenge generation/checking into a submodule of DW::Auth. Also
wrote some crappy unit tests.
This diff removes IS_SSL, USE_SSL, USE_HTTPS_EVERYWHERE,
ALL_TRAFFIC_IS_SSL, SSLROOT, SSL*PREFIX, and a bunch of other machinery
that was responsible for SSL management.
This used to be necessary when we had some parts of the site that were
SSL and some weren't, but that's no longer true. These days, the
expectation is that all web traffic is encrypted and that is true on
Dreamwidth and should be true on our hacks and anybody else using our
code, so we can truly simplify the code.
The recommended way for running DW is behind something like Cloudflare
or AWS CloudFront or another proxy service that provides cheap, fast SSL
at scale. If you happen to be running it yourself, you can do the same
with Nginx, Varnish, or your reverse proxy of choice.
Was only set in LJ::Lang::set_lang, which was only called by
LJ/Setting/Language.pm, which was unused and removed.
LJ::Lang::set_lang is retained as a stub for future replacement
of BML::set_language as we move away from using BML.
There was no effective way to ever set the cookie, and even
if there were, the code was never implemented to honor the
value of the cookie on non-BML pages.
Can still override the site's default language on a per-request
basis by using the "uselang" GET parameter.
* in cgi-bin/Apache/LiveJournal::trans, we need only check against the
current page's protocol (http or https)
* in other files, we check for both http and https
Fixes#1246.
This was hacked together to provide some quick and dirty 'event count'
metric reporting for Dreamwidth. This was implemented to work with the
Datadog service, but it should be pretty easy to convert the DW::Stats
module to have support for more services.
Step one in making styling consistent. Consolidate classes as much as possible while only slightly tweaking visual appearance. Also adds a new page under /dev/classes, to help developers.
Patch by fu.
Efficiency: use $1 (first group in parentheses) instead of $& (entire matched, which has a performance impact). Add parentheses where necessary.
Efficiency: use $1 (first group in parentheses) instead of $& (entire matched, which has a performance impact).
Add an empty summary to all tables that are purely for layout, to make it easier to see what they are (and find them later). For some data tables, convert from td+b to th, and tweak styling if necessary.
Patch by fu.
Block memorial accounts from logging in through the site, and from any activity requiring authentication in the protocol, as a security measure.
Patch by fu.
Enforce ordering on inclusion of resources, so that we can make site scheme CSS come before per-page CSS. Includes a hack to make some pages respect old behavior (so that colors in per-page CSS don't clash with site scheme colors); this is a temporary measure and should be removed as the CSS framework is made consistent.
Patch by fu.
New page when viewing a protected entry: if logged in, just present an informative error message. If logged out, show forms to log in via either a Dreamwidth account, or an OpenID account.
Patch by allen.
Code cleanup: For cleanliness, remove code that allows site administrators to force users to signify their agreement with the TOS if it changes. Note: new users signing up to the service will still need to say they agree with the TOS.
Patch by kareila.
Icon swap for Dreamwidth.
All icons in this commit are either taken from or based upon the Silk icon set by Mark James: http://www.famfamfam.com/lab/icons/silk/
They are licensed under the Creative Commons Attribution 2.5 License http://creativecommons.org/licenses/by/2.5/
<user name="nova"> put together the icons and modified them as appropriate.
<user name="rho"> wrote the patch to put them on the site.