Martin Zimmermann
a92471ca9a
allow failures for TOX_ENV=backport
2014-01-30 21:51:16 +01:00
Martin Zimmermann
4681a391ee
pin versions to current Debian Wheezy/Unstable
2014-01-30 20:57:43 +01:00
Martin Zimmermann
f3e5d8dc1c
add support for html5lib==0.95, fixes #60
...
The python-html5lib package in Debian Wheezy does not support
`etree` as tree builder (called `simpletree` back then).
2014-01-30 20:49:11 +01:00
Martin Zimmermann
417bd4614c
Back to development: 0.8
2014-01-29 11:45:47 +01:00
Martin Zimmermann
45e838fab1
Preparing release 0.7
2014-01-29 11:45:34 +01:00
Martin Zimmermann
d65c984220
update changelog
2014-01-29 11:41:48 +01:00
Martin Zimmermann
518820a4af
fix typo in reply-to-self conf, #59
2014-01-27 11:53:18 +01:00
Martin Zimmermann
14a2f82134
s/tls/starttls/
2014-01-26 18:35:52 +01:00
Martin Zimmermann
335caa4887
Merge pull request #58 from JocelynDelalande/default-to-587-starttls
...
default smtp to port=587 and security=starttls
2014-01-26 09:26:32 -08:00
Jocelyn Delande
cbf63f5a4e
default smtp to port=587 and security=starttls
2014-01-26 17:17:09 +01:00
Martin Zimmermann
aae07a3c24
Merge branch 'pr/57'
2014-01-25 22:57:04 +01:00
Martin Zimmermann
b94329fc66
also mention count.min.js
2014-01-25 22:56:55 +01:00
Jocelyn Delande
5cdab92a4b
Documentation on comment counter.
2014-01-25 22:22:11 +01:00
Martin Zimmermann
baff120800
fix french pluralform
2014-01-25 22:19:59 +01:00
Martin Zimmermann
442cca5030
Merge pull request #56 from JocelynDelalande/patch-1
...
Update api.rst
2014-01-25 12:24:37 -08:00
JocelynDelalande
2e60fc7f68
Update api.rst
...
Added doc on count feature
2014-01-25 20:48:09 +01:00
Martin Zimmermann
cbd449dcd0
Merge branch 'transifex'
2014-01-16 12:01:04 +01:00
Martin Zimmermann
5f990e3697
link example cfg, fix markup errors and show content table, closes #52
...
and also reword a few paragraphs as suggested via mail.
2014-01-13 19:12:50 +01:00
Martin Zimmermann
3a1f92b8bd
use html5lib's sanitizer, supersedes 3713d5e
...
Python's HTMLParser is smart enough to filter malicious tags but fails
to repair invalid, user-inputted HTML. Instead of re-inventing the
wheel, Isso now uses html5lib's HTMLSanitizer with a whitelist of all
tags generated by Sundown.
Disallowed tags are discarded from the output to match the previous
unittests. This feature is only available for html5lib 0.99(9) and
later. Earlier releases just escape disallowed tags.
2014-01-13 19:11:59 +01:00
Martin Zimmermann
3713d5e8ee
allow raw HTML markup for a few (whitelisted) tags
...
To be compatible with comments from Disqus (and users unfamiliar with
Markdown), Misaka no longer disables user-inputted HTML, but the
generated HTML is now post-processed and all "unsafe" tags (not
possible with Markdown) are discarded.
Whitelist: p, a, pre, blockquote, h1-h6, em, sub, sup, del, ins, math,
dl, ol, ul, li
This commit also removes an unnecessary newline generated by
Misaka/Sundown.
2014-01-12 14:44:39 +01:00
Martin Zimmermann
36d702c7bc
proper use of Misaka's HTML render flags (fix malicious HTML injection)
...
This commit now sanitizes *all* HTML tags written by the user (also
prevents auto-link to "unsafe" web protocols and images) as intended.
Fortunately because of Sundown's typography support, it did not affect
JS injection, but custom style tags and iframes.
PS: thanks to the anonymous submitter of a comment including a style tag
for 24pt, red font ;-)
2014-01-12 12:58:24 +01:00
Martin Zimmermann
241b278863
whitelist external ipaddr package in tox configuration
2014-01-07 15:52:35 +01:00
Martin Zimmermann
dcd473967b
Merge branch 'remove-q-lib'
2014-01-07 14:36:06 +01:00
Martin Zimmermann
6006a12778
fix wrong logic when vote counter stays at zero (e.g. self-vote)
2014-01-07 14:29:51 +01:00
Martin Zimmermann
306d2d9f9e
log 5xx errors
...
Also, fix console.log usage.
2014-01-07 14:28:12 +01:00
Martin Zimmermann
a29393ee3f
replace kriskowal/q with 50 LoC homebrew implementation, part of #51
...
As a result, it is no longer possible to chain promises
(then().then().then(etc.)), but that is actually not an issue for Isso.
The deferred/promise implementation is roughly based on
http://stackoverflow.com/a/17722683 and stackp/promisejs.
2014-01-07 14:28:10 +01:00
Martin Zimmermann
ebf6ca7a85
add Transifex translation to contributing guide
2014-01-06 18:38:16 +01:00
Martin Zimmermann
bfae158bde
update translations from Transifex (initial pull)
2014-01-06 18:21:30 +01:00
Martin Zimmermann
4d530fb2f1
add Transifex project configuration file
2014-01-06 18:21:30 +01:00
Martin Zimmermann
055a20606a
add tx-pull and tx-push FILE helper scripts
...
tx-pull fetches translations from Transifex to .tx/<ressource>/<lang>
and converts the JSON into an AMD module. Requires `transifex-client`
from PyPi.
tx-push FILE submits a AMD translation module to Transifex using `curl`
and credentials from ~/.transifexrc.
2014-01-06 18:21:27 +01:00
Martin Zimmermann
9dd066c6a6
reflect security = ... in docs and print warning if used
2014-01-01 22:20:00 +01:00
Martin Zimmermann
c50fe22eb1
fix port -> listen snippet
2014-01-01 22:07:16 +01:00
Martin Zimmermann
ab27ce5450
Merge pull request #48 from chimo/starttls
...
Adds STARTTLS support to SMTP notifications
2013-12-23 04:43:49 -08:00
Chimo
658e065f23
Adds STARTTLS support to SMTP notifications
2013-12-19 23:36:06 -05:00
Martin Zimmermann
85e637d017
simplify JSON response
2013-12-19 08:56:14 +01:00
Martin Zimmermann
905bd63eee
CORS middleware must return bytes
2013-12-19 08:55:53 +01:00
Martin Zimmermann
82da63a81b
check if hash is a base-16 string
2013-12-19 08:55:06 +01:00
Martin Zimmermann
e244227f41
convert proxy object to string before passing to urllib
2013-12-19 08:09:09 +01:00
Martin Zimmermann
d4f836fd65
add test for /check-ip
2013-12-18 19:27:36 +01:00
Martin Zimmermann
cbee3f7b2e
clarify copyright headers
2013-12-18 16:21:35 +01:00
Martin Zimmermann
ecfaf9828e
add faq.rst
2013-12-18 16:20:52 +01:00
Martin Zimmermann
1153b9cf6e
extend API documentation
2013-12-18 14:14:37 +01:00
Martin Zimmermann
a728d3e32d
add doctest for IPv6 mapped IPv4 addresses
2013-12-18 13:08:57 +01:00
Martin Zimmermann
26b9088c9d
add coverage target to Makefile
2013-12-18 13:08:57 +01:00
Martin Zimmermann
2a86b46893
add test for disqus import
2013-12-18 13:08:54 +01:00
Martin Zimmermann
f81b955aa5
use SHA1 instead of MD5 to verify comment owner
2013-12-18 13:01:09 +01:00
Martin Zimmermann
29a825b575
remove unused utility functions
2013-12-18 13:01:05 +01:00
Martin Zimmermann
8bf9b1145a
add link to supervisor init script, close #47
2013-12-18 11:59:49 +01:00
Martin Zimmermann
cc1ccfd70d
change project status from alpha to beta
2013-12-17 13:43:02 +01:00
Martin Zimmermann
65f260d0ba
show session-key on application startup
...
Maybe useful to see that it really changes if unset. Also reduced key
size to 16 bytes form /dev/urandom (cosmetic reason, still enough).
2013-12-17 13:40:32 +01:00