Commit Graph

2340 Commits

Author SHA1 Message Date
Baptiste Gelez
05fb7c9b42
Merge pull request #238 from Plume-org/csrf-issues
Fix CSRF issues
2018-09-21 13:37:35 +01:00
Baptiste Gelez
7afe249a75
Merge pull request #240 from OpenAlgeria/patch-1
Update INSTALL.md
2018-09-20 19:23:49 +01:00
OpenAlgeria
5d21e26406
Update INSTALL.md 2018-09-20 15:21:32 +02:00
Bat
d8ca1d70b7 Fix CSRF issues
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.

Thanks @fdb-hiroshima for noticing it!
2018-09-19 18:13:07 +01:00
Trinity Pointard
f0fb030c7f Update recommended nginx config
Update recommended nginx config to allow iframes
close #234
2018-09-19 18:18:39 +02:00
Bat
1500267125 Add canapi and try to use for the API 2018-09-19 15:49:34 +01:00
Trinity Pointard
fab6360100 Be less restrictive on authorized html tags
Allow users to add ids to tags
Allow users to use iframes
2018-09-19 10:51:27 +02:00
Baptiste Gelez
2bc6052a35
Replace plume by DATABASE_NAME in the docs
To make it clearer you can have multiple Plume instances/databases on the same server, and that this part of the URL may change too.
2018-09-18 21:40:20 +01:00
Baptiste Gelez
d8bfd6d39f
Create ISSUE_TEMPLATE.md 2018-09-18 15:40:17 +01:00
Baptiste Gelez
064c5961e7
Add a CoC
Finally!
2018-09-18 13:59:43 +01:00
Baptiste Gelez
eb24ba1774
Merge pull request #223 from igalic/fix/safe-string
make blog/instance description a SafeString
2018-09-14 20:56:13 +01:00
Igor Galić
fb074e6344
render SafeString thru |safe
thanks again to @fdb-hiroshima for pointing me in the right direction!
2018-09-14 21:44:32 +02:00
Igor Galić
06718a5c8a
directly use SafeString in InstanceSettingsForm 2018-09-14 20:25:16 +02:00
Igor Galić
d62c72dde0
allocate new SafeString in FromFormValue impl
thanks to @fdb-hiroshima for this review!
2018-09-14 19:50:59 +02:00
Igor Galić
0897088aa5
add implementation for FromFormValue for SafeString
thanks again to @pwoolcoc for this!
2018-09-14 18:26:42 +02:00
Igor Galić
65e213309b
do not allocate empty strings
follow review from @pwoolcoc, and do not use

    SafeString::new(&<String>::new())

since this makes an allocation which will then just be thrown away.
Instead, we pass ""
2018-09-14 18:24:27 +02:00
Igor Galić
f5c299f23c
make blog/instance description a SafeString
long_description & short_description's documentation say they can be
Markdown, but they are String, not SafeString.

This led to escaped strings being printed in the editor
https://github.com/Plume-org/Plume/issues/220
2018-09-14 15:14:24 +02:00
Baptiste Gelez
d355379e01
Merge pull request #219 from igalic/fix/env-howto
improve installation "docs"
2018-09-13 19:38:00 +01:00
Igor Galić
e7b5d81687
gitignore docker-compose.yml 2018-09-13 17:21:20 +02:00
Igor Galić
dfc76757bb
fix comment in docker.sample.env
docker's sample .env file under docs/ which contains the wrong command
to generate a rocket secret_key
2018-09-13 17:18:25 +02:00
Bat
5b138df8ce Remove duplicated message in gl.po 2018-09-12 17:07:41 +01:00
Bat
0200a7b223 Only send notifications for mentions if the post is not a draft 2018-09-12 17:00:00 +01:00
Bat
b01212f4a6 Make it impossible to view drafts if you are not the author
Even if you got the URL
2018-09-12 16:58:38 +01:00
Bat
296aa2fbbb Merge branch 'master' of github.com:Plume-org/Plume 2018-09-12 13:41:10 +01:00
Baptiste Gelez
ab640011e3
Merge pull request #215 from xmgz/master
update galician
2018-09-12 13:37:03 +01:00
Xose M
f5633f4e7f
Merge branch 'master' into master 2018-09-12 07:40:16 +02:00
Xosé M
3d52afc804 fixed some fuzzies & new 2018-09-12 07:23:23 +02:00
Xosé M
c5d93a2951 update 2018-09-12 07:15:33 +02:00
Bat
8fa83dfe25 Version bump
0.1.x was the pre-alpha.

The first Alpha will be 0.2.x
2018-09-11 19:53:14 +01:00
Bat
abe90706ff Avoid showing GetText metadata when trying to translate empty strings 2018-09-11 19:34:47 +01:00
Bat
efb71bc40c Translate details in fields label 2018-09-11 19:33:16 +01:00
Bat
d50f989977 Add forgotten message to POT
And translate it in French
2018-09-11 19:30:24 +01:00
Baptiste Gelez
13ef50bb78
Merge pull request #212 from zcdunn/add_webapp_manifest
Add webapp manifest
2018-09-10 20:44:44 +01:00
Bat
501fb39ad6 Update fr.po 2018-09-10 20:42:13 +01:00
Bat
18a892ee61 Update translations
Make sure everything is translatable
2018-09-10 20:23:35 +01:00
Bat
3314387025 Merge branch 'master' of github.com:Plume-org/Plume 2018-09-10 20:06:48 +01:00
Bat
10da8f31b6 Hide articles on public pages
Only show them in the dashboard
2018-09-10 20:06:00 +01:00
Zachary Dunn
8765b12229 Unwrap option 2018-09-10 14:54:18 -04:00
Bat
8879935925 Add the possibility to save an article as draft 2018-09-10 19:38:19 +01:00
Zachary Dunn
fb66b087a4 Merge branch 'add_webapp_manifest' of https://github.com/zcdunn/Plume into add_webapp_manifest 2018-09-10 10:15:25 -04:00
Zachary Dunn
3a81dd7089 Add webapp manifest 2018-09-10 10:14:08 -04:00
Zachary Dunn
2f166bab49 Add webapp manifest 2018-09-10 10:08:22 -04:00
Baptiste Gelez
64a9d8f1f3
Merge pull request #211 from bnjbvr/patch-1
Update markup and use more idiomatic English
2018-09-10 12:47:44 +01:00
Benjamin Bouvier
592ed570b7
Update markup and use more idiomatic English 2018-09-10 13:22:23 +02:00
Bat
fcdd3d4c1a Don't compress avatars
Fixes #210
2018-09-09 21:41:55 +01:00
Bat
de3707983a Account deletion
Fixes #182
2018-09-09 20:49:24 +01:00
Bat
a3b7d5557b Allow newer Tera versions
Tera 0.11.15 was released, and fixes the bug that forced us to downgrade.
2018-09-09 18:53:28 +01:00
Bat
e9337259f8 Pad avatars in user list 2018-09-09 17:17:12 +01:00
Bat
663627c375 Add a default avatar
Really ugly, but is all my skills are permitting
2018-09-09 17:02:16 +01:00
Bat
b48d1694f3 Don't call ap_url for comments, since they are based on posts URLs 2018-09-09 16:22:58 +01:00