opensourcemirror
/
core.sr.ht
mirror of https://git.sr.ht/~sircmpwn/core.sr.ht
1
0
Fork 0
Code Issues Releases Wiki Activity
588 Commits 1 Branch 392 Tags 1.8 MiB
Commit Graph

588 Commits

Author SHA1 Message Date
Steven Guikal bc2ff7eea6 Add aria-hidden="true" to icons 
The vast majority of icon usage is decorative, such as arrows at the end
of link buttons. For the cases where it's not, I'm sending follow-up
patches to the specific services which add appropriate aria-label to
the parent element.
 2021-08-20 10:43:49 +02:00
Drew DeVault 5afaa759b2 Improve error handling for GraphQL 2021-08-20 10:21:45 +02:00
Drew DeVault 452fe09b2d graphql client: add validation integration 2021-08-20 10:11:19 +02:00
Drew DeVault f1b4920360 setup.py: add graphql module 2021-08-19 14:22:06 +02:00
Drew DeVault f125ec3956 graphql: expand support code 2021-08-19 14:11:59 +02:00
Drew DeVault 8c7eeb3690 webhooks: add exception handler 
Without this, any database errors could land us in an invalid
transaction, and we'd never hear about it.
 2021-08-13 10:53:26 +02:00
Drew DeVault 792ecd4e5a .builds/alpine.yml: upgrade to 3.14 2021-08-06 10:09:58 +02:00
Sol Fisher Romanoff 66fad15981 Add custom 401 Unauthorized page 2021-08-06 10:09:16 +02:00
LordNature 33a0db6c69 profile: Fixed markdown bio images from overflowing. 2021-08-06 10:08:33 +02:00
Nguyễn Gia Phong 9cb5c8fa8d Fix typo 2021-07-28 10:56:32 +02:00
Drew DeVault a92a2f1228 Don't use flexbox for markdown headers 
This causes a lot of problems. Just let the browser do the headings and
we'll reposition our anchor links manually.
 2021-07-28 10:47:43 +02:00
Drew DeVault e897a357e5 srht.FlagType: set cache_ok 
Squelches a new warning from SQLAlchemy.
 2021-07-26 11:16:03 +02:00
Drew DeVault 176c415ac9 srht.search: fixes for sqlalchemy 1.4 
See https://groups.google.com/g/sqlalchemy/c/opm2FVNKTTI/m/dVBGlD8FBAAJ
 2021-07-26 11:12:00 +02:00
Tommy Nguyen 99a8168de4 Don't inject styles for every call to markdown 
These styles are already included, so it seems redundant.
 2021-06-10 17:31:15 -04:00
Drew DeVault 9c2110b8f7 Further improvements to the dark theme 2021-06-10 15:41:12 -04:00
Drew DeVault f5be7e7894 Improve legibility of alert-info on dark theme 2021-06-10 13:12:34 -04:00
Sol Fisher Romanoff fd6fa10cf0 css: Add bottom margin to <pre> 2021-06-08 13:28:13 -04:00
Drew DeVault 60a70a8593 Fix Blueprint name for GraphQL explorer 2021-05-26 09:58:08 -04:00
Drew DeVault bf3c22e12b Fix name of srht.oauth blueprint 
The latest Flask release does not support dots in Blueprint names.
 2021-05-26 09:56:29 -04:00
Armaan Bhojwani ceb3620f53 Pre-style whitespace in markdown headings 2021-05-18 12:44:43 -04:00
xpyxel f1838a54b2 use a lighter shade for magic functions 2021-05-17 06:36:08 -04:00
Drew DeVault b60b144048 srht.Validation: return None on invalid cls 2021-05-16 16:54:37 -04:00
Drew DeVault f844286dbf Don't trust user cookie for profile details 2021-04-12 12:50:47 -04:00
Drew DeVault d4bd4528d6 Fix various issues with OAuth 
This was preventing user webhooks from being registered properly and
from taking effect.
 2021-04-12 12:31:04 -04:00
Drew DeVault f86de37150 Circumvent SQLAlchemy for internal auth 2021-04-10 09:08:52 -04:00
Drew DeVault 189028d755 srht.oauth: use upsert for fetching user info 
This fixes an ancient issue where, when several requests come in
quickly, one worker could insert the user details, then another worker
would trip over the constraint.
 2021-04-09 10:11:21 -04:00
Ignas Kiela 7d6920453d Create the metrics directory in gunicorn config 2021-04-08 08:14:26 -04:00
Marco Sirabella 2eb57ae0bb Add redis as a dependency 
This is pulled in from `srht/redis.py` which comes from `service.py`
 2021-04-02 13:56:43 -04:00
Ignas Kiela e41ac24a9a Improve recorded metrics 
Summary currently doesn't expose quintile information and Histogram
records occurrence count, so the Counters are no longer necessary.
 2021-03-16 08:44:35 -04:00
Ignas Kiela d2b5ead93d Allow enabling prometheus multiprocess mode 
This requires changes to packaging to set the gunicorn config and the
'prometheus_multiproc_dir' environment variable to actually enable this
mode.
 2021-03-16 08:44:24 -04:00
Mehdi Sadeghi f770406161 Delegate RTL direction handling to user-agents. 
Check unicode RTL attrs for html content.

Reset global text-align.
 2021-03-08 08:59:32 -05:00
Drew DeVault d24aa33f99 srht.flask: use constant time CRSF token test 2021-03-06 11:22:02 -05:00
Drew DeVault 2a09f6e6d9 flask.get_network: omit tier 2 services 2021-02-25 09:28:05 -05:00
Drew DeVault 87c09ba635 email: fix encryption to key without email 
This was causing an exception when emailing users whose email on file is
not listed in their PGP key.
 2021-02-13 11:20:08 -05:00
Mehdi Sadeghi a2246ea2fd Fix adding gpg key with deleted ids. 
Some users have more than one id in their keys.
See https://lists.sr.ht/~sircmpwn/sr.ht-discuss/%3C949e79a2-666a-617f-80ae-87795d9a6233%40mehdix.org%3E

Solution courtesy of Geoff Beier <geoff@tuxpup.com>
 2021-02-06 13:20:38 -05:00
Drew DeVault 2655a657fd GraphQL explorer: handle error responses 2021-01-25 10:09:15 -05:00
Drew DeVault 135a106664 Re-introduce client_id 
This is pretty shit but it's necessary for the time being.

This reverts commit ef5cd1c20e.
 2021-01-25 09:27:48 -05:00
Drew DeVault f830ef3ead More refinements to internal auth 
God I hate this shit
 2021-01-21 20:45:59 -05:00
Drew DeVault ef5cd1c20e cyrpto: drop client_id entirely 2021-01-21 20:35:20 -05:00
Drew DeVault bd26c70d96 crypto: fix encrypt_request_auth outside app context 2021-01-21 20:27:29 -05:00
Drew DeVault 4910cb35fb .builds/alpine.yml: update to Alpine 3.13 2021-01-21 09:37:42 -05:00
Drew DeVault adea65ccba Remove 'allow_none' re-introduced by partial revert 2021-01-20 09:38:23 -05:00
Drew DeVault e4349d8089 Revert "Properly check empty/missing optional form parameters" 
This has ultimately caused no end of problems, including a security
vulnerability. For one, it doesn't allow "false" to appear in forms or
JSON payloads at all.

This reverts commit 2c2044044f.
 2021-01-19 12:32:08 -05:00
Drew DeVault 1e96f860f5 email.lookup_user: use internal auth 2021-01-18 15:34:12 -05:00
Ludovic Chabant 8abd7e9957 Gracefully handle errors coming from the QGL server 2021-01-13 09:49:57 -05:00
y0ast 4972e0163e Fix parsing plain email and markdown links 
Currently [email@sr.ht](https://sr.ht) is parsed as both an email and a
url, leading to nested urls and incorrect behavior after sanitization.

This was previously fixed in the context of double urls:
a214061c48

That fix works because the regex of PlainLink matches part of the
markdown url (it matches through the `](<url>)` parts) and therefore the
precedence of mistletoe kicks in.

However that fix doesn't work for email addresses. The inner node is
PlainLink (in the case of email) and RawText (in the case of a url).

The only solution I see is to turn `Link` child `PlainLink` nodes into
`RawText` ones. Alternatively the regex of `PlainLink` could be changed
to also match part of the markdown in the case of email (and let the
precedence kick in), but this feels like big hack to me.

Fixes: https://todo.sr.ht/~sircmpwn/sr.ht/271
 2021-01-11 09:16:45 -05:00
Drew DeVault 46b531132a Fix excessively green dark mode syntax highlighting 2021-01-06 12:41:41 -05:00
Drew DeVault d2e1ee8351 Improve GraphQL explorer on dark theme 2021-01-06 11:38:18 -05:00
Drew DeVault 75b39c2d78 highlight-dark: override .gh 2021-01-06 10:37:10 -05:00
Alexey Yerin 56dd1b7381 Extract styles from pygments 2021-01-06 10:28:13 -05:00