Commit graph

67 commits

Author SHA1 Message Date
rinsuki 6e736f2452
fix: embed.js doesn't expands iframes height (#18301)
also including some refactoring:
- add `// @ts-check`
- use Map to completely avoid prototype pollution
- assign random id to each iframe for reduce chance to brute-force attack, and leak of iframe counts
- check iframe.contentWindow and MessageEvent.source to validate message is coming from correct iframe (it works on latest Chrome/Firefox/Safari but I'm not sure this is allowed by spec)

follow-up of #17420
fix #18299
2022-05-04 03:20:44 +02:00
Gaelan Steele 74e20f22cd
Fix light-mode emoji borders. (#18131) 2022-04-29 19:23:03 +02:00
Rohan Sharma 4d6d4b43c6
Fixed prototype pollution bug and only allow trusted origin (#17420) 2022-02-01 17:34:48 +01:00
Eugen Rochko abd7b4636a
Add assets from Twemoji 13.1.0 (#16345)
* Add assets from Twemoji 13.1.0

* Update emoji-mart
2021-06-01 14:35:49 +02:00
Claire e78d06eecf
Add border to 🚲 emoji (#16035) 2021-04-13 23:43:51 +02:00
Claire a8139ab016
Add borders to 📱 and 📲 emojis (#15794) 2021-03-01 21:22:54 +01:00
Marcin Mikołajczak 9342705e6b
Add app shortcuts (#15234)
* Add app shortcuts

Signed-off-by: mkljczk <me@mkljczk.pl>

* Fix codeclimate issues

Signed-off-by: mkljczk <me@mkljczk.pl>

* Change shortcuts

Signed-off-by: mkljczk <me@mkljczk.pl>

* More consistent new-status icon

Signed-off-by: mkljczk <me@mkljczk.pl>
2020-12-15 02:04:56 +01:00
ThibG 91eecd1b3c
Add border around 🕺 emoji (#14769)
Fixes #14768
2020-09-10 19:08:03 +02:00
ThibG f0b6ddd979
Add border around 🐞 emoji (#14712) 2020-08-31 23:30:27 +02:00
leo60228 e0f55f374c
Add emojis:generate_borders Rake task (#13773)
* Add emojis:generate_borders Rake task

* Address review

* Border all dark emoji

* Combine stroke with filter to reduce artifacting

* Cleanup Camera with Flash

* Add stroke-linejoin="round"

The previous filter and tweaks were effectively a poor imitation of it.
There are no artifacts for any dark emoji now!

* Set stroke-width using property

This fixes old versions of Firefox.

* Store emoji in string instead of array

* Use separate arguments for each path segment

* Remove "background: black;"
2020-06-09 00:12:20 +02:00
ThibG e1629a7758
Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)
* Make sure wicg-inert doesn't rely on inline CSS

* Remove unsafe-inline from style-src
2020-05-08 21:22:57 +02:00
D Anzorge 29f5353f8b
Update Twemoji to 12.1.5 (#13021)
* Update Twemoji to 12.1.5

SVGs from Twemoji repo https://github.com/twitter/twemoji

* Update emoji_map.json to Unicode 12
2020-04-19 23:38:31 +02:00
koyu 823dcc4dc6 Updated Twemoji to 12.1.3 (#12342) 2019-11-11 00:04:24 +02:00
Eugen Rochko 28636f43e4
Add OCR tool to media editing modal (#11566) 2019-08-15 15:13:26 +02:00
ThibG c4f2433300 Disallow robots from indexing /interact/ (#10666)
This does not provide any new information and may just triple the number
of crawled pages
2019-05-02 00:10:19 +02:00
Eugen Rochko 80388a3ffe
Change error graphic to hover-to-play (#10055)
Fix #6060
2019-02-15 23:33:25 +01:00
nightpool a5992e5883 Change robots.txt to exclude only media proxy URLs (#10038)
* Revert "Change robots.txt to exclude some URLs (#10037)"

This reverts commit 80161f4351.

* Let's block media_proxy

/media_proxy/ is a dynamic route used for requesting uncached media, so it's
probably bad to let crawlers use it

* misleading comment
2019-02-14 03:11:47 +01:00
Eugen Rochko 80161f4351
Change robots.txt to exclude some URLs (#10037)
- Exclude static assets
- Exclude uploaded files
- Exclude alternate versions of the profile page
- Exclude media proxy URLs
2019-02-13 21:28:18 +01:00
Dryusdan 17b928502a update twemojie to v2 (#7911) 2018-07-06 01:58:07 +02:00
Maciek Baron ca2cc556f1 Crush PNGs to reduce overall size (#7954) 2018-07-05 15:20:16 +02:00
Renato "Lond" Cerqueira 268d90e810 Rename emoji sheet to avoid caching issue (#7777) 2018-06-10 16:12:47 +02:00
Renato "Lond" Cerqueira 0c3ce41031 Update to emojimart 2.6.1 (#7746)
* Update to emojimart 2.6.1
WIP using local updated version. Sheet comes from emoji-data@4.0.4,
file sheet_twitter_32_indexed_256.png.

* Update to 2.6.1 and uncompress data if needed

* Remove changes that were not needed

* Fix yarn lock file

* Match emojiToShowFilter behavior to new version of emoji-mart

* Fix codeclimate issue

* Match custom emoji behavior to new version of emoji-mart

* Replace emoji without shortcode in tests

* Fix code climate issues
2018-06-07 19:40:23 +02:00
Una e057c0e525 Optimize public/headers/missing.png (#7084) 2018-04-09 11:34:48 +02:00
Konrad Pozniak cd252b794e add new avatar placeholder missing.png (#6728) 2018-03-11 14:55:38 +01:00
David Yip 37b267e2ab Add artist, title, and date metadata to boop.{mp3,ogg} (#5531)
For boop.mp3, this commit adds both ID3v1 and ID3v2 tags.  For boop.ogg,
we use Vorbis metadata.

In the case of boop.mp3, this also adds a cover image. Interestingly, it
didn't seem to affect the size of boop.mp3 much, despite being ~8k.
boop.ogg seemed to be much more affected and so no cover image was added
to that version.
2017-10-28 00:05:04 +09:00
Eugen Rochko 8e9911962d Change Android icon padding again to half of previous (#5339) 2017-10-12 00:58:14 +02:00
Eugen Rochko b17e571bc2 Add padding to Android icon, change Apple and MS icons (#5321) 2017-10-11 19:11:15 +02:00
Eugen Rochko 96c942e8ab Fix wrong dimensions on Android icon (#5296) 2017-10-10 12:41:30 +02:00
Eugen Rochko aafe55af81 Material app icon for Chrome (#5291) 2017-10-09 21:27:16 +02:00
Eugen Rochko 92e7815d1d Fix #5274 - Create symlink from public/500.html to public/assets/500.html (#5288) 2017-10-09 20:51:24 +02:00
Eugen Rochko 3b60832214 New error page graphic. Other error page improvements (#5099)
- 500.html generated with admin-set default locale if set
- Error page `<title>` includes Mastodon site title
- 500 title changed to "This page is not
  correct" (ref: <https://www.youtube.com/watch?v=2VCAP_seh1A>)
- 500 content appended with "on our end" to make clear it's
  not user's fault
2017-09-25 23:05:54 +02:00
Eugen Rochko 2c8e3fbbfb Generate 500.html with assets:precompile, remove loading from Google Fonts (#5067) 2017-09-25 04:04:04 +02:00
Eugen Rochko 846cd4e838 Switch from EmojiOne to Twemoji, different emoji picker (#5046)
* Switch from EmojiOne to Twemoji, different emoji picker

* Make emoji-mart use a local spritesheet

* Fix emojify test

* yarn manage:translations
2017-09-23 01:41:00 +02:00
Eugen Rochko 6867681c7c Add script to make embedded iframes autosize (#4853) 2017-09-09 16:23:44 +02:00
Eugen Rochko 13bb1ddc7f Use consistent icons for web push notifications, same as web UI (#4426) 2017-07-28 18:13:42 +02:00
Satoshi KOJIMA e54cc15cbd fix #4356 : place sw.js to assets/sw.js (#4357) 2017-07-28 01:55:52 +02:00
Eugen Rochko 88b5e0b703 Use the "m" version of the logo for favicons (#4345) 2017-07-24 19:54:59 +02:00
Eugen Rochko 0e0f18ce7c New logo (#4306)
* Add new logo

* Remove unused images
2017-07-23 02:40:39 +02:00
Sorin Davidoi 0c7c188c45 Web Push Notifications (#3243)
* feat: Register push subscription

* feat: Notify when mentioned

* feat: Boost, favourite, reply, follow, follow request

* feat: Notification interaction

* feat: Handle change of public key

* feat: Unsubscribe if things go wrong

* feat: Do not send normal notifications if push is enabled

* feat: Focus client if open

* refactor: Move push logic to WebPushSubscription

* feat: Better title and body

* feat: Localize messages

* chore: Fix lint errors

* feat: Settings

* refactor: Lazy load

* fix: Check if push settings exist

* feat: Device-based preferences

* refactor: Simplify logic

* refactor: Pull request feedback

* refactor: Pull request feedback

* refactor: Create /api/web/push_subscriptions endpoint

* feat: Spec PushSubscriptionController

* refactor: WebPushSubscription => Web::PushSubscription

* feat: Spec Web::PushSubscription

* feat: Display first media attachment

* feat: Support direction

* fix: Stuff broken while rebasing

* refactor: Integration with session activations

* refactor: Cleanup

* refactor: Simplify implementation

* feat: Set VAPID keys via environment

* chore: Comments

* fix: Crash when no alerts

* fix: Set VAPID keys in testing environment

* fix: Follow link

* feat: Notification actions

* fix: Delete previous subscription

* chore: Temporary logs

* refactor: Move migration to a later date

* fix: Fetch the correct session activation and misc bugs

* refactor: Move migration to a later date

* fix: Remove follow request (no notifications)

* feat: Send administrator contact to push service

* feat: Set time-to-live

* fix: Do not show sensitive images

* fix: Reducer crash in error handling

* feat: Add badge

* chore: Fix lint error

* fix: Checkbox label overlap

* fix: Check for payload support

* fix: Rename action "type" (crash in latest Chrome)

* feat: Action to expand notification

* fix: Lint errors

* fix: Unescape notification body

* fix: Do not allow boosting if the status is hidden

* feat: Add VAPID keys to the production sample environment

* fix: Strip HTML tags from status

* refactor: Better error messages

* refactor: Handle browser not implementing the VAPID protocol (Samsung Internet)

* fix: Error when target_status is nil

* fix: Handle lack of image

* fix: Delete reference to invalid subscriptions

* feat: Better error handling

* fix: Unescape HTML characters after tags are striped

* refactor: Simpify code

* fix: Modify to work with #4091

* Sort strings alphabetically

* i18n: Updated Polish translation

it annoys me that it's not fully localized :P

* refactor: Use current_session in PushSubscriptionController

* fix: Rebase mistake

* fix: Set cacheName to mastodon

* refactor: Pull request feedback

* refactor: Remove logging statements

* chore(yarn): Fix conflicts with master

* chore(yarn): Copy latest from master

* chore(yarn): Readd offline-plugin

* refactor: Use save! and update!

* refactor: Send notifications async

* fix: Allow retry when push fails

* fix: Save track for failed pushes

* fix: Minify sw.js

* fix: Remove account_id from fabricator
2017-07-13 22:15:32 +02:00
Eugen Rochko 722d152082 Fix #3063 - Add dynamic app manifest (#3563)
* Fix #3063 - Add dynamic app manifest

* Added short_name

* Add background_color
2017-06-06 19:29:42 +02:00
Yamagishi Kazutoshi 2fba4196ef Add boop sounds in Vorbis format (#2963)
Vorbis is audio format of Open Source.
Can play audio in a free environment where you can not play mp3.
2017-05-10 16:58:54 +02:00
Lindsey Bieda 25cbb8454c Red favicon for dev (#2470)
* Set a dev specific favicon

* Consistent spacing

* Add trailing slash for consistency

* Update to remove interpolation
2017-04-26 15:45:27 +02:00
Dale Price f3b86c1bda Add mask-icon.svg (#1572) (#1585)
* Add mask-icon (#1572)

* use updated svg logo for mask-icon
2017-04-17 10:39:54 +02:00
Eugen Rochko 333e44c3fc Improve emojis - use SVGs where possible 2017-03-29 22:27:24 +02:00
Eugen Rochko e22a56183a Improve error page layouting. 500 page has to stay static because it's
used from nginx when Rails fails.
2017-01-21 22:30:47 +01:00
Eugen Rochko b4a4eb73ae Merge branch 'fix/error-pages' of https://github.com/ineffyble/mastodon into ineffyble-fix/error-pages 2017-01-21 22:20:01 +01:00
Effy Elden 77746240aa Change missing.png header to 1x1 transparent PNG 2017-01-22 06:42:42 +11:00
Effy Elden 106dd1a484 Add a default missing.png header image - fixes #492 2017-01-22 05:19:31 +11:00
Eugen Rochko fcb5a85cdd Add sounds for notifications. Boop by @jk@mastodon.social 2017-01-17 20:09:03 +01:00
Effy Elden ed41f9f0b1 Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-15 10:30:23 +11:00