Martin Zimmermann
772730dbcd
fix make_app logic
2014-03-06 11:05:22 +01:00
Martin Zimmermann
c4b80ff702
make CORS middleware more generic to use
2014-03-04 15:40:21 +01:00
Martin Zimmermann
3b248b293f
set SMTP timeout to 10 seconds and make it configurable, ref 9a735e8
2014-03-04 09:47:54 +01:00
Martin Zimmermann
72c38c2312
set day_diff to 0 if negative, related to #69
2014-03-03 23:47:26 +01:00
Martin Zimmermann
9a735e8eac
initial SMTP connection now timeouts after 5 seconds, closes #70
2014-03-03 23:42:35 +01:00
Martin Zimmermann
154d591ae9
add CONTRIBUTORS.txt
...
Similar to urllib3 [1] and based on
git log --format='%at %aN <%aE> %s' | sort -rn | grep -v posativ
Unfortunately only based on git's history.
[1] https://github.com/shazow/urllib3/blob/master/CONTRIBUTORS.txt
2014-02-18 18:26:57 +01:00
Martin Zimmermann
9272e7390f
Merge branch 'feature/configurable-markdown', closes #62
2014-02-18 17:36:09 +01:00
Martin Zimmermann
1b0a74e188
expand db path, closes #68
2014-02-18 17:34:14 +01:00
Martin Zimmermann
c6214e31d7
document new [markup] section
2014-02-18 17:30:37 +01:00
Martin Zimmermann
8f70a3a7cb
add tests for 81ecc8e
2014-02-18 17:01:02 +01:00
Martin Zimmermann
d93d77c8c7
refactor markup and sanitization code
...
This commit introduces a new configuration section [markup] to refine
Misaka's Markdown extensions (by default strikethrough, superscript and
autolink).
Furthermore, you can set custom HTML elements/attributes that are
allowed, e.g. to enable images, set
[markup]
allowed-elements = img
allowed-attributes = src
The refactorization separates HTML sanitization from Markdown -> HTML
and allows to include new markup languages such as BB Code or
reStructuredText.
2014-02-18 16:59:51 +01:00
Martin Zimmermann
6071a85787
add Config.getlist
method
2014-02-18 16:51:04 +01:00
Martin Zimmermann
8f86109cb6
use system's python interpreter
2014-02-16 16:17:38 +01:00
Martin Zimmermann
d1a0b3f6f9
refactor docs a bit, add section for mod_fastcgi and uberspace.de
2014-02-16 15:52:28 +01:00
Martin Zimmermann
56316b8998
remove html5 writer (does not work with Sphinx)
...
Features like .. note:: and .. warning:: are not supported. Sadly back
to the default `html4css1` stuff :(
2014-02-11 01:20:14 +01:00
Martin Zimmermann
f4cfa6f63c
Merge pull request #67 from srijan/master
...
Docs update: forward url protocol in sample nginx configs
2014-02-11 00:19:09 +01:00
Srijan Choudhary
5525184243
Docs update: forward url protocol in sample nginx configs
2014-02-11 04:38:51 +05:30
Martin Zimmermann
079e5d19da
add note about insecure connections, #65
2014-02-04 18:10:03 +01:00
Martin Zimmermann
16d085c9d1
improve tests for comment field validation
2014-02-04 15:34:02 +01:00
Martin Zimmermann
5efa81b57e
replace assert foo == bar with appropriate self.assert$Foo calls
...
except for test_migration because there are improved tests available
in the feature/cli branch
2014-02-04 15:05:32 +01:00
Martin Zimmermann
b100517e4b
update developer's guide
2014-02-03 11:19:21 +01:00
Martin Zimmermann
6aa122bc58
fix typo
2014-02-03 11:03:29 +01:00
Martin Zimmermann
3d9665b523
remove now obsolete Makefile
2014-02-03 11:00:11 +01:00
Martin Zimmermann
1c3c826ada
replace requirejs-domready with a (self-made) HTML5 idiom, #51
...
This commit removes yet another dependency. The provided domready
function is compatible with IE9, Firefox and Safari/Chrome.
Inspired by:
* http://stackoverflow.com/a/15580098
* https://github.com/requirejs/domReady/blob/master/domReady.js
2014-02-03 10:54:54 +01:00
Martin Zimmermann
cfbf595605
mention mailing list and fix CSS typo
2014-02-01 20:26:08 +01:00
Martin Zimmermann
a92471ca9a
allow failures for TOX_ENV=backport
2014-01-30 21:51:16 +01:00
Martin Zimmermann
4681a391ee
pin versions to current Debian Wheezy/Unstable
2014-01-30 20:57:43 +01:00
Martin Zimmermann
f3e5d8dc1c
add support for html5lib==0.95, fixes #60
...
The python-html5lib package in Debian Wheezy does not support
`etree` as tree builder (called `simpletree` back then).
2014-01-30 20:49:11 +01:00
Martin Zimmermann
417bd4614c
Back to development: 0.8
2014-01-29 11:45:47 +01:00
Martin Zimmermann
45e838fab1
Preparing release 0.7
2014-01-29 11:45:34 +01:00
Martin Zimmermann
d65c984220
update changelog
2014-01-29 11:41:48 +01:00
Martin Zimmermann
518820a4af
fix typo in reply-to-self conf, #59
2014-01-27 11:53:18 +01:00
Martin Zimmermann
14a2f82134
s/tls/starttls/
2014-01-26 18:35:52 +01:00
Martin Zimmermann
335caa4887
Merge pull request #58 from JocelynDelalande/default-to-587-starttls
...
default smtp to port=587 and security=starttls
2014-01-26 09:26:32 -08:00
Jocelyn Delande
cbf63f5a4e
default smtp to port=587 and security=starttls
2014-01-26 17:17:09 +01:00
Martin Zimmermann
aae07a3c24
Merge branch 'pr/57'
2014-01-25 22:57:04 +01:00
Martin Zimmermann
b94329fc66
also mention count.min.js
2014-01-25 22:56:55 +01:00
Jocelyn Delande
5cdab92a4b
Documentation on comment counter.
2014-01-25 22:22:11 +01:00
Martin Zimmermann
baff120800
fix french pluralform
2014-01-25 22:19:59 +01:00
Martin Zimmermann
442cca5030
Merge pull request #56 from JocelynDelalande/patch-1
...
Update api.rst
2014-01-25 12:24:37 -08:00
JocelynDelalande
2e60fc7f68
Update api.rst
...
Added doc on count feature
2014-01-25 20:48:09 +01:00
Martin Zimmermann
cbd449dcd0
Merge branch 'transifex'
2014-01-16 12:01:04 +01:00
Martin Zimmermann
5f990e3697
link example cfg, fix markup errors and show content table, closes #52
...
and also reword a few paragraphs as suggested via mail.
2014-01-13 19:12:50 +01:00
Martin Zimmermann
3a1f92b8bd
use html5lib's sanitizer, supersedes 3713d5e
...
Python's HTMLParser is smart enough to filter malicious tags but fails
to repair invalid, user-inputted HTML. Instead of re-inventing the
wheel, Isso now uses html5lib's HTMLSanitizer with a whitelist of all
tags generated by Sundown.
Disallowed tags are discarded from the output to match the previous
unittests. This feature is only available for html5lib 0.99(9) and
later. Earlier releases just escape disallowed tags.
2014-01-13 19:11:59 +01:00
Martin Zimmermann
3713d5e8ee
allow raw HTML markup for a few (whitelisted) tags
...
To be compatible with comments from Disqus (and users unfamiliar with
Markdown), Misaka no longer disables user-inputted HTML, but the
generated HTML is now post-processed and all "unsafe" tags (not
possible with Markdown) are discarded.
Whitelist: p, a, pre, blockquote, h1-h6, em, sub, sup, del, ins, math,
dl, ol, ul, li
This commit also removes an unnecessary newline generated by
Misaka/Sundown.
2014-01-12 14:44:39 +01:00
Martin Zimmermann
36d702c7bc
proper use of Misaka's HTML render flags (fix malicious HTML injection)
...
This commit now sanitizes *all* HTML tags written by the user (also
prevents auto-link to "unsafe" web protocols and images) as intended.
Fortunately because of Sundown's typography support, it did not affect
JS injection, but custom style tags and iframes.
PS: thanks to the anonymous submitter of a comment including a style tag
for 24pt, red font ;-)
2014-01-12 12:58:24 +01:00
Martin Zimmermann
241b278863
whitelist external ipaddr package in tox configuration
2014-01-07 15:52:35 +01:00
Martin Zimmermann
dcd473967b
Merge branch 'remove-q-lib'
2014-01-07 14:36:06 +01:00
Martin Zimmermann
6006a12778
fix wrong logic when vote counter stays at zero (e.g. self-vote)
2014-01-07 14:29:51 +01:00
Martin Zimmermann
306d2d9f9e
log 5xx errors
...
Also, fix console.log usage.
2014-01-07 14:28:12 +01:00