Commit Graph

334 Commits

Author SHA1 Message Date
Martin Zimmermann
58645ca945 do not reference bytearray in a method definition, fixes #5
This is a severe issue which makes the current voters bloomfilter
completely useless. Functions are first-class objects in Python, which
lead to interesting "issues" like:

    >>> def foo(x=[]):
    ...     x.append(1)
    ...     print x
    ...

    >>> foo()
    [1]

    >>> foo()
    [1, 1]

For Isso, this means the bloomfilter, which is usually only initialized
with the author's IP address, is now initialized with pretty much all
ip addresses from previous authors, thus makes it impossible for the
author to vote on other's people comments.
2013-11-13 20:07:18 +01:00
Martin Zimmermann
f0ee0a18b1 move unittest helpers into a separate file 2013-11-13 14:25:05 +01:00
Martin Zimmermann
ba19900406 yet another location where I forgot MIT 2013-11-13 08:39:15 +01:00
Martin Zimmermann
1e7a4d43b2 add Changelog for 0.5 (so far) 2013-11-11 12:44:44 +01:00
Martin Zimmermann
6356ce800e add various init scripts 2013-11-11 12:18:10 +01:00
Martin Zimmermann
6aad11c291 mention #isso channel on Freenode 2013-11-11 12:13:01 +01:00
Martin Zimmermann
dfed955f23 Merge branch 'feature/migration' 2013-11-11 12:10:42 +01:00
Martin Zimmermann
d4f2123b58 Merge branch 'tmp/refactorization'
Conflicts:
	isso/utils/__init__.py
2013-11-11 12:10:29 +01:00
Martin Zimmermann
6e85c54a2e refactor views and introduce an API for notifications
Keep Isso modular, not monolithic. Make it easy to integrate a
web interface or add XMPP notifications.

This refactorization includes minor bugfixes and changes:

* CORS middleware did not work properly due to wrong unit tests
* more type checks on JSON input
* new detection for origin and public url, closes #28
* new activation and delete url (no redirect for old urls, but you can
  convert the old urls: copy hash after `/activate/` (or delete) and
  open `/id/<id of comment>/activate/<hash>`
* move crypto.py to utils/

With this commit, SMTP is no longer automatically configured: add
`notify = smtp` to the `[general]` section to use SMTP.
2013-11-11 12:09:19 +01:00
Martin Zimmermann
162fe78aa6 ask to continue import if DB is not empty 2013-11-11 12:02:49 +01:00
Martin Zimmermann
5ca3137ddd add --dry-run option to import command 2013-11-11 11:57:31 +01:00
Martin Zimmermann
a8cd418b5e remove website todo, not a high priority 2013-11-11 11:45:12 +01:00
Martin Zimmermann
850b2b4bfb set mode to 4 (deleted) when isDeleted is true 2013-11-11 11:44:32 +01:00
Martin Zimmermann
8c0af3b10f show orphan comments after Disqus import (if any)
An orphan comment is exported by Disqus but its thread id is
non-existent (probably deleted, moved). Usually from the earlier
days (or WordPress migration).

It is not possible to get the thread without manual intervention (
aka SQLite insertions).
2013-11-11 11:34:13 +01:00
Martin Zimmermann
29170ac258 install ipaddr for python2, appendum to #32 2013-11-10 12:51:49 +01:00
Martin Zimmermann
80aaf15128 Merge remote-tracking branch 'origin/pr/32' 2013-11-10 12:42:59 +01:00
Federico Ceratto
68be70af24 Support Python2 ipaddr library. 2013-11-09 15:32:25 +00:00
Martin Zimmermann
a442b8e0ee remove dead code 2013-11-08 19:03:08 +01:00
Martin Zimmermann
ab5d907172 move comments.requires to views package 2013-11-08 19:00:01 +01:00
Martin Zimmermann
1174259b27 mv comment -> comments 2013-11-08 18:55:02 +01:00
Martin Zimmermann
18d7f37878 typo 2013-11-08 10:05:12 +01:00
Martin Zimmermann
ac8d987392 don't monkeypatch if uwsgi is available 2013-11-06 18:10:09 +01:00
Martin Zimmermann
616ec57de2 Merge branch 'feature/data-configuration' 2013-11-06 17:47:14 +01:00
Martin Zimmermann
6f3a2d8072 add an option to prevent Isso from appending the default CSS, closes #29 2013-11-06 17:46:04 +01:00
Martin Zimmermann
c06c11aeca api.js parses custom data attributes for client configuration, part of #29
All data-attributes beginning with `data-isso-` are stored in
`api.config` (without leading data-isso-). Isso tries to parse
the values with JSON (e.g. `-isso-foo="false"` returns false)
and falls back for a simple string value.
2013-11-06 17:39:14 +01:00
Martin Zimmermann
4bb6e91f61 Isso can now listen on unix domain sockets, closes #25
This also changes the server configuration from `host` and `port`
to `listen = http://localhost:8080`.
2013-11-06 16:55:14 +01:00
Martin Zimmermann
6374d8a9e1 fix application profiling 2013-11-05 23:36:52 +01:00
Martin Zimmermann
0a247a7927 data-isso-prefix is now ony data-isso 2013-11-05 23:35:38 +01:00
Martin Zimmermann
6d9f43939a Back to development: 0.5 2013-11-05 14:33:13 +01:00
Martin Zimmermann
5431dd0f0b Preparing release 0.4 2013-11-05 14:33:10 +01:00
Martin Zimmermann
33fb15e241 rename data-prefix to data-isso 2013-11-05 14:25:43 +01:00
Martin Zimmermann
af6695e935 lowercase MiddleWare and fix TypeError in Headers 2013-11-05 14:03:46 +01:00
Martin Zimmermann
1e3245098b change license to MIT setup.py 2013-11-05 13:10:41 +01:00
Martin Zimmermann
4950e7dd4d add unittest for CORS headers 2013-11-05 13:08:21 +01:00
Martin Zimmermann
aa6665c8f0 fix endpoint detection when using require.js 2013-11-05 12:44:31 +01:00
Martin Zimmermann
8d1171df29 improve request decoding and json parsing 2013-11-05 12:44:16 +01:00
Martin Zimmermann
6691810316 handle cross-origin cookies with a custom header X-Set-Cookie, fix #24
Cookies set from a different domain can not be read by JS executed in
the current domain. As a workaround, Isso sends both a Set-Cookie and
X-Set-Cookie header. The former is used by the browser to make the
HTTP request to the API, the latter is read by `embed.min.js` to
determine if a comment can be edited or deleted.

When a comment is deleted, the server sends an expired cookies in
Set-Cookie and X-Set-Cookie.
2013-11-05 12:36:29 +01:00
Martin Zimmermann
05c8b571e2 requirejs-text now uses CORS XHR requests to static files 2013-11-05 01:11:53 +01:00
Martin Zimmermann
6126f0ec6f add CORS middleware to add CORS header to *all* requests 2013-11-05 01:11:28 +01:00
Martin Zimmermann
e3fc33fec4 add backport for werkzeug 0.8 to test matrix 2013-11-04 08:59:42 +01:00
Martin Zimmermann
e14a04ab6c support for werkzeug 0.8 (Python2-only) 2013-11-04 01:13:29 +01:00
Martin Zimmermann
312578457b uwsgi can only cache bytes 2013-11-03 18:55:23 +01:00
Martin Zimmermann
cc2ac11850 inline CSS 2013-11-03 18:55:23 +01:00
Martin Zimmermann
d8a254c304 fix api endpoint detection 2013-11-03 18:55:20 +01:00
Martin Zimmermann
d59fc2ef8e handle OPTIONS request and return CORS headers 2013-11-03 15:18:04 +01:00
Martin Zimmermann
fe63a76960 increase uWSGI's hash cache to 10240 items (=320kb) 2013-11-03 12:55:31 +01:00
Martin Zimmermann
c581e0f05a cache email hash on comment creation 2013-11-03 12:39:51 +01:00
Martin Zimmermann
c567758d81 limit email length to 254 to avoid hash-DDoS 2013-11-03 12:35:33 +01:00
Martin Zimmermann
0473afe2db add profiling option to server configuration 2013-11-03 12:32:38 +01:00
Martin Zimmermann
3c193bef27 request remote_addr only when using the comment form 2013-11-02 18:41:00 +01:00