Commit Graph

1135 Commits

Author SHA1 Message Date
Facundo Batista
04b6d70b01 Added a generic way to migrate from a json file 2018-04-18 15:54:54 -03:00
Benoît Latinier
07ce742b77
add documentation for uberspaces users (closes #409) 2018-04-18 10:51:17 +02:00
Benoît Latinier
93ea722992
add contributors 2018-04-17 23:47:06 +02:00
Benoît Latinier
e285c91112
Merge pull request #412 from vincentbernat/feature/dockerfile
Provide a multi-staged Dockerfile
2018-04-17 23:03:47 +02:00
Vincent Bernat
9618c0f3a3 jade: avoid using eval once compiled
Use of eval is handy when we need to automatically reload a
template. However, in production, this is slow and unsafe. Moreover,
when using CSP, we have to use 'unsafe-eval' which brings shame to
most of us. It appears use of eval() is not needed because the
template has already been translated to Javascript. We just need to
bind "jade" to its local scope.

So, we add an additional wrapper function binding "jade" to the local
scope. Moreover, when compiling the template, we add a flag to the
function to know it has already been compiled. In this case, we
execute it with "jade" in its scope. Otherwise, we keep using eval.

Quickly tested in both situations. Seem to work.

Fix #274.
2018-04-17 22:54:22 +02:00
Benoît Latinier
47b14ab0c8
Merge pull request #413 from vincentbernat/fix/doc-isso-id
docs: document data-isso-id
2018-04-17 09:31:27 +02:00
Vincent Bernat
30f0c7eeb8 docs: document data-isso-id 2018-04-17 07:40:52 +02:00
Vincent Bernat
2b7c17a361 Provide a multi-staged Dockerfile
Many of the Docker images on hub.docker.com are outdated. The one
specified in the documentation doesn't exist anymore. We provide a
decent Dockerfile to build our own Docker image.

This uses a multi-stage build to avoid polluting the final image with
the intermediate artifacts. The final image is 155 MB. It should be
possible to squeeze it even more by using Alpine Linux for the last
two parts instead of Stretch.

The service is using gunicorn. The user is expected to complete the
installation with a reverse proxy configuration.
2018-04-16 22:09:28 +02:00
Pelle Nilsson
22a36bdb7c Support notifications also for replies 2018-04-15 19:42:31 +02:00
Pelle Nilsson
da6bb0cec7 Fix faulty check for parent comment 2018-04-15 19:26:44 +02:00
Rocka
30fef390f5
fix: admin and demo view redirect issue 2018-04-05 23:10:46 +08:00
Benoît Latinier
d854ce8347
Merge pull request #410 from Rocket1184/hotfix/space-between-number-and-cjk-char
i18n: add space between number and CJK character
2018-04-05 17:03:08 +02:00
Rocka
4e2d2dfb20
i18n: add space between number and CJK character 2018-04-05 22:46:17 +08:00
Yuchen Pei
73c7933548 A quick dirty fix of #401 (#406)
Fix URL in moderation mails if isso runs in a sub-URL (closes #401 )
2018-04-02 23:02:45 +02:00
Cimon Lucas (LCM)
361c596bf2 Adding support for ISSO_CORS_ORIGIN env variable to allow defining wildcard CORS origins 2018-04-02 09:40:34 +02:00
Jelmer Vernooij
af3903e462
Merge pull request #399 from facundobatista/patch-1
Small typo fix.
2018-03-21 23:36:35 +00:00
Facundo Batista
28e154acfc
Small typo 2018-03-21 19:39:02 -03:00
Pelle Nilsson
c9045f5b1f Implement opt-out for email notifications 2018-02-21 21:39:35 +01:00
Pelle Nilsson
bc4bc55025 Include link to comment in email notifications 2018-02-20 20:03:52 +01:00
Pelle Nilsson
2e85ec653f Make SMTP connections thread safe 2018-02-18 16:48:08 +01:00
Pelle Nilsson
107b9be003 Add notification column to database if needed 2018-02-18 14:00:18 +01:00
Pelle Nilsson
c30873e8a2 Merge remote-tracking branch 'tsileo/reply_notification' into reply_notification
Conflicts:
	isso/css/isso.scss
	isso/db/comments.py
	isso/ext/notifications.py
	isso/js/app/i18n/fr.js
	isso/js/app/isso.js
	isso/js/app/text/postbox.html
	isso/views/comments.py
2018-02-18 13:58:33 +01:00
Benoît Latinier
450291440f update doc 2018-02-17 00:00:15 +01:00
Benoît Latinier
0ff39017c6 drop wheezy testing which is EndOfLife (closes #385) 2018-02-08 22:57:29 +01:00
cclauss
7f55c81e08 autopep8 the code and then flake8 2018-02-08 22:46:14 +01:00
Benoît Latinier
a68d392f9c add changes in CHANGES file to prepare release 2018-02-08 22:38:02 +01:00
Jelmer Vernooij
2cc564eeca
Merge pull request #380 from cclauss/drop-support-for-python-2.6-and-3.3
Drop support for python 2.6 and 3.3
2018-01-31 12:42:41 +00:00
cclauss
343f24377f
Return to pyflakes 2018-01-31 07:23:54 +01:00
Martin Schenck
6ccebce041 Improved German translation 2018-01-28 19:52:46 +01:00
cclauss
b569b19a7f compat.py passes pyflakes test
Drop support for Python 2.6 and 3.3
2018-01-25 15:03:12 +01:00
Benoît Latinier
2b56963f31 fix pyflakes error, make travis happy 2018-01-20 23:03:08 +01:00
Benoît Latinier
d2b573a4d5
Merge pull request #256 from blatinier/issue-10/admin-interface
Add a basic admin interface (Fix issue #10)
There are more to add in the interface but it's a good start.
2017-11-27 22:55:53 +01:00
Jelmer Vernooij
ea3507910f
Merge pull request #354 from mpchadwick/feature/comment-placeholder-color
Darken placeholder text
2017-11-22 22:11:56 +00:00
Jelmer Vernooij
42bbe174cd
Merge pull request #357 from mpchadwick/feature/hu-order
Put hu into correct alphabetical order
2017-11-22 12:09:52 +00:00
Max Chadwick
3efe0c86d9 Put hu into correct alphabetical order 2017-11-21 21:34:06 -05:00
Max Chadwick
be26948fff Use <label>s rather than placeholders 2017-11-21 21:03:00 -05:00
Jelmer Vernooij
0232051d1d
Merge pull request #355 from mpchadwick/fix/hu-translation
Fix hungarian translation
2017-11-22 02:01:34 +00:00
Max Chadwick
9ab23c0908 Fix hungarian translation 2017-11-21 20:50:14 -05:00
Max Chadwick
21983a61b6 Darken placeholder text
Previously color contrast was insufficient per WCAG AA
2017-11-20 22:15:09 -05:00
Jelmer Vernooij
b7526ecab1
Merge pull request #350 from guthypeter/master
Added hungarian translation
2017-10-31 18:25:06 +00:00
Peter Guthy
02eaffea21 Added hungarian translation 2017-10-31 13:47:49 +01:00
Martin Zimmermann
650c6cf126 Merge pull request #341 from macedigital/fix-identicon-hash-size
Fix: Truncate key-length when generating identicons
2017-08-17 11:27:59 +02:00
Martin Zimmermann
6a60f831b0 remove unused variable 2017-08-17 10:42:36 +02:00
Martin Zimmermann
9b0e3d29fe revert incorrect removal of the internal server startup CLI 2017-08-17 10:37:28 +02:00
Matthias Adler
43623f349b
Fix: Truncate key-length when generating identicons
Hex-digits with character count above 17 cannot be safely converted to an Integer, see [MAX_SAFE_INTEGER](https://medium.com/the-node-js-collection/javascripts-number-type-8d59199db1b6#53cd).

Therefore, when long keys (e.g. 32 characters) are passed into `generateIdenticon()`, and the modulus of 2^18 is performed, the result is 0 all the time. This means, the identicon will render as an empty svg image.

Here is a proof-of-concept (run in any modern browser):

```js
const key = '841b625dcf75413ff3ed5137a81ff1c3';
const int = parseInt(key, 16);
const hash = int % Math.pow(2, 18);
// throws, due to floating point conversion / integer overflow
console.assert(258499 === hash, "Modulus for 'hash' should be != 0");

const int2 = parseInt(key.substr(-16), 16);
const hash2 = int2 % Math.pow(2, 18);
// works as expected
console.assert(258048 === hash2, "Modulus 'hash2' should be != 0");
```

Truncating the passed in argument to a maximum of 16 characters solves the issue.

As a sidenote, the same code in Python will work correctly:

```python
key = '841b625dcf75413ff3ed5137a81ff1c3'
int = int(key, 16)
hash = int % pow(2, 18)
assert 258499 == hash
```
2017-08-06 17:06:20 +02:00
Martin Zimmermann
c3933bd9fd fix sphinx build 2017-07-30 23:28:51 +02:00
Martin Zimmermann
c72946dc14 Run travis tests with python 3.5 & python 3.6 2017-07-30 22:38:12 +02:00
Martin Zimmermann
4c03a43c28 remove data-isso-id from documentation, it usually doesn't work as expected 2017-07-30 22:34:45 +02:00
Martin Zimmermann
e3a8d0b93d fix db test with incorrect SQL id, that happened work with pre-3.6 dicts before 2017-07-30 22:22:52 +02:00
Jelmer Vernooij
dc883e672a
Fix short title underline. 2017-07-29 15:21:33 +00:00