1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-27 01:02:42 +01:00
Commit graph

100 commits

Author SHA1 Message Date
Austin Seipp
ab923e0a75 Implement new reCAPTCHA interface
Summary:
Fixes T12195. For the past few years, Recaptcha (now part of Google) has supported
a new, "no captcha" one-click user interface. This new UI is stable, doesn't
require any typing or reading words, and can even work without JavaScript (if
the administrator enables it on the Recaptcha side).

Furthermore, the new Recaptcha has a completely trivial API that can be dealt
with in a few lines of code. Thus, the external `recaptcha` php library is now
gone.

This API is a complete replacement for the old one, and does not require any
upgrade path for users or Phabricator administrators - public and secret keys
for the "new" Recaptcha UI are the exact same as the "classic" Recaptcha. Any
old Recaptcha keys for a domain will continue to work.

Note that Google is currently testing Yet Another new Captcha API, called
"Invisible reCAPTCHA", that will not require user interaction at all. In fact,
the user will not even be aware there //is even a captcha form//, as far as I
understand. However, this new API is 1) in beta, 2) requires new Recaptcha keys
(so it cannot be a drop-in replacement), and 3) requires more drastic API
changes, as form submission buttons must instead invoke JavaScript code, rather
than a token being passed along with the form submission. This would require far
more extensive changes to the controllers. Maybe when it's several years old, it
can be considered.

Signed-off-by: Austin Seipp <aseipp@pobox.com>

Test Plan:
Created a brand-new Phabricator installation, saw the new Captcha UI
on administrator sign up. Logged out, made 5 invalid login attempts, and saw the
new Captcha UI. Reworked the conditional to invert the condition, etc to test
and make sure the API responded properly.

Reviewers: epriestley, #blessed_reviewers, chad

Reviewed By: epriestley, #blessed_reviewers

Subscribers: avivey, Korvin

Maniphest Tasks: T12195

Differential Revision: https://secure.phabricator.com/D17304
2017-02-03 20:06:29 +00:00
Brendan Zerr
af218564e5 Backport fix from php-mime-mail-parser to fix attachment parsing
Summary:
- Allow proper parsing of attachments with missing Content-Disposition
  header

Test Plan:
- Create application email for Maniphest.
- Send example broken email from Outlook 2007 to that address {F1842816}

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D16584
2016-09-21 15:04:20 -07:00
epriestley
ee814923a2 Improve Amazon SES code error handling behavior
Summary:
Fixes T10728. Fixes T10476. SES uses third-party code with unique, creative ideas about error handling.

  - Make the error handling behavior more correct, so it doesn't try to use undefined variables.
  - Simplify the error handling behavior (throw exceptions sooner, remove redundant code).
  - Explicitly test for `-smtp` misconfigurations. These can arise if you read the wrong column out of the table in the AWS docs, as in T10728.
  - Explicitly test for SimpleXML, to catch T10476 before it does damage.

Test Plan:
  - Configured SES to use a bogus SMTP endpoint.
  - Faked past the SMTP check, hit sane error on the connection.
  - Undid faking, hit immediate hard stop on the STMP check.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T10476, T10728

Differential Revision: https://secure.phabricator.com/D15632
2016-04-05 17:28:45 -07:00
epriestley
c29bbbab19 Remove bogus '$this->resource' from SES error handling pathway
Summary: Ref T10728. This property does not exist and is never referenced. The `'resource'` key is also never referenced, so I believe this can be safely removed.

Test Plan: Will make @amckinley do my job for me.

Reviewers: chad

Reviewed By: chad

Subscribers: amckinley

Maniphest Tasks: T10728

Differential Revision: https://secure.phabricator.com/D15624
2016-04-05 13:19:07 -07:00
epriestley
cb08757032 Swap S3 to first-party client
Summary:
Ref T5155. Swaps Phabricator over to the new first-party S3 client using the v4 authentication API so it works in all regions.

The API requires an explicit region, so the new `amazon-s3.region` is now required. I'll write guidance about this.

Test Plan:
  - Uploaded files to S3.
  - Migrated ~1GB of files to S3.
  - Loaded a bunch of files off S3.
  - Browsed around the S3 bucket.
  - Deleted a file, verified the data on S3 was destroyed.
  - Hit new setup warning.

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T5155

Differential Revision: https://secure.phabricator.com/D14982
2016-01-10 07:55:27 -08:00
epriestley
8a906b0e18 Remove skins from Phame
Summary:
Ref T9897. Purge a bunch of stuff:

  - Remove skins.
  - Remove all custom sites for skin resources.
  - Remove "framed", "notlive", "preview", separate "live" controllers (see below).
  - Merge "publish" and "unpublish" controllers into one.

New behavior:

  - Blogs and posts have three views:
    - "View": Internal view URI, which is a normal detail page.
    - "Internal Live": Internal view URI which is a little prettier.
    - "External Live": External view URI for an external domain.

Right now, the differences are pretty minor (basically, different crumbs/chrome). This mostly gives us room to put some milder flavor of skins back later (photography or more "presentation" elements, for example).

This removes 9 million lines of code so I probably missed a couple of things, but I think it's like 95% of the way there.

Test Plan:
Here are some examples of what the "view", "internal" and "external" views look like for blogs (posts are similar):

"View": Unchanged

{F1021634}

"Internal": No chrome or footer. Still write actions (edit, post commments). Has crumbs to get back into Phame.

{F1021635}

"External": No chrome or footer. No write actions. No Phabricator crumbs. No policy/status information.

{F1021638}

I figure we'll probably tweak these a bit to figure out what makes sense (like: maybe no actions on "internal, live"? and "external, live" probably needs a way to set a root "Company >" crumb?) but that they're reasonable-ish as a first cut?

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9897

Differential Revision: https://secure.phabricator.com/D14740
2015-12-11 08:14:12 -08:00
epriestley
80f1d01602 Fix Oblivious skin summary remarkup and partially fix title
Summary: Ref T9546. I only got the title to always show the blog title (better than nothing) -- showing the post title properly isn't trivial and is more work than I want to do right now.

Test Plan:
  - Description now has remarkup.
  - Title now shows blog title (better than nothing).

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9546

Differential Revision: https://secure.phabricator.com/D14423
2015-11-06 20:24:11 +00:00
Chad Little
3a90cb56b4 Clean up Oblivious skin
Summary: Adds Remarkup rules and CSS, cleans up some spacing a color. Ref T9546

Test Plan: Review a blog post list, and a blog

Reviewers: epriestley

Reviewed By: epriestley

Subscribers: Korvin

Maniphest Tasks: T9546

Differential Revision: https://secure.phabricator.com/D14421
2015-11-06 11:40:54 -08:00
epriestley
6bd8ee861c Use PEAR Text_Figlet to render figlet fonts
Summary:
Ref T7785. Makes Figlet available without installing the `figlet` package.

The PEAR Text_Figlet code is really sketchy and includes this API, which is quite marvelous:

```
    function loadFont($filename, $loadgerman = true)
```

At some point, this should probably be rewritten into a modern style, but it's not trivial since the figlet file format and rendering engine are somewhat complicated. I made some adjustments:

  - Broke the dependency on the PEAR core.
  - Prevented it from doing any wrong HTML escaping.
  - Looked through it for any glaring security or correctness problems.

This code isn't very pretty or modern, but as far as I can tell it's safe and does render Figlet fonts in a reasonable way.

Test Plan: {F803268}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9408, T7785

Differential Revision: https://secure.phabricator.com/D14102
2015-09-13 12:31:07 -07:00
epriestley
935ced1edd Include "Figlet" and PEAR "Text_Figlet" in externals
Summary:
Ref T7785. This prepares for (but does not yet use) a pure PHP implementation of Figlet parsing and rendering.

Figlet is somewhat complex, but a parser already exists in PEAR. I'll make sure it's suitable and hook it up in the next diff.

Test Plan: N/A, code not reachable

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9408, T7785

Differential Revision: https://secure.phabricator.com/D14101
2015-09-13 12:30:48 -07:00
epriestley
c705c8011e Use PHP implementation of Cowsay for cowsay rule
Summary:
Ref T7785. Convert the Cowsay Remarkup rule to use a PHP implementation so we don't have to execute an external `cowsay` binary.

I removed some of the default ".cow" files that come with Cowsay because they:

  - include Perl code which we can not interpret; or
  - are primarily in-jokes or standalone visual puns or artwork rather than usable actors on the grand stage of cowsay; or
  - offended my delicate sensibilities.

Users can add new cows to `resources/cows/custom/` if they want to make new cows available.

I have included a majestic original artwork depicting the "Companion Cube" character from //Portal//.

Test Plan: {F802535}

Reviewers: chad

Reviewed By: chad

Maniphest Tasks: T9408, T7785

Differential Revision: https://secure.phabricator.com/D14100
2015-09-13 12:27:30 -07:00
Brian Smith
9692c1f2c2 Quickly fix phpqrcode syntax
Summary: phpqrcode has some old looking php syntax. Fix it quickly since it's one line.

Test Plan:
Before this patch, went to add a TOTP token, saw the error about the undefined variable.
After this patch, successfully added a TOTP token, and used it.

Reviewers: avivey, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: Korvin

Maniphest Tasks: T9300

Differential Revision: https://secure.phabricator.com/D14019
2015-08-31 14:05:51 -07:00
epriestley
80b23b21f3 Work around mailparse bug (?) with messages that have no terminal newline
Summary: Under some unusual circumstances, mailparse appears to incorrectly discard the last line of some mail messages.

Test Plan:
  - Constructed a raw mail with no terminal newline.
  - Piped it into `mail_receiver.php`.
  - Saw the last line vanish into the aether.
  - Applied patch; repeated; last line survived.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: chad, epriestley

Differential Revision: https://secure.phabricator.com/D12494
2015-04-21 09:49:40 -07:00
epriestley
7d69d8ae6a Remove support for Balanced payments
Summary: See <https://www.balancedpayments.com/stripe>. Just get rid of support since Phortune is a prototype anyway.

Test Plan: `grep`, poked around Phortune.

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: aurelijus, epriestley

Differential Revision: https://secure.phabricator.com/D12074
2015-03-13 15:47:37 -07:00
epriestley
9e0f70e17d Rewrite Aphlict to use Websockets
Summary:
Fixes T6559. No more flash, use Websockets. This is less aggressive than the earlier version, and retains more server logic.

  - Support "wss".
  - Make the client work.
  - Remove "notification.user" entirely.
  - Seems ok?

Test Plan:
In Safari, Firefox and Chrome, saw the browsers connect. Made a bunch of comments/updates and saw notifications.

Notable holes in the test plan:

  - Haven't tested "wss" yet. I'll do this on secure.
  - Notifications are //too fast// now, locally. I get them after I hit submit but before the page reloads.
  - There are probably some other rough edges, this is a fairly big patch.

Reviewers: joshuaspence, btrahan

Reviewed By: joshuaspence, btrahan

Subscribers: fabe, btrahan, epriestley

Maniphest Tasks: T6713, T6559

Differential Revision: https://secure.phabricator.com/D11143
2015-01-08 10:03:00 -08:00
epriestley
643c1c4a52 Update Stripe PHP API
Summary: Ref T2787. This brings us up to date.

Test Plan: `git clone`

Reviewers: btrahan, chad

Reviewed By: chad

Subscribers: epriestley

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D9916
2014-07-13 09:19:07 -07:00
Joshua Spence
e495ce496b Fix various spelling mistakes
Summary: Minor change, self-explanatory.

Test Plan: Eye-ball it

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9911
2014-07-13 00:45:33 +10:00
Joshua Spence
8756d82cf6 Remove @group annotations
Summary: I'm pretty sure that `@group` annotations are useless now... see D9855. Also fixed various other minor issues.

Test Plan: Eye-ball it.

Reviewers: #blessed_reviewers, epriestley, chad

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin, hach-que

Differential Revision: https://secure.phabricator.com/D9859
2014-07-10 08:12:48 +10:00
Joshua Spence
dd796a44b6 Update JsShrink external library.
Summary: It seems that there was a [[17cbfacae6 | recent-ish commit]] to the `JsShrink` external library. I'm not sure what this commit actually achieves, but we may as well bring it upstream.

Test Plan: Eyeball it.

Reviewers: vrana, epriestley, #blessed_reviewers

Reviewed By: epriestley, #blessed_reviewers

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D9414
2014-06-07 11:26:20 -07:00
epriestley
baa6441668 Remove some needless +x flags. 2014-05-17 15:41:12 -07:00
Bob Trahan
e96c363eef Add SMS support
Summary:
Provides a working SMS implementation with support for Twilio.

This version doesn't really retry if we get any gruff at all. Future versions should retry.

Test Plan: used bin/sms to send messages and look at them.

Reviewers: chad, epriestley

Reviewed By: epriestley

Subscribers: aurelijus, epriestley, Korvin

Maniphest Tasks: T920

Differential Revision: https://secure.phabricator.com/D8930
2014-05-09 12:47:21 -07:00
epriestley
e146958217 Generate QR codes for TOTP tokens
Summary: Ref T4398. I found a reasonable-ish LGPLv3 library for doing this, which isn't too huge or unwieldy.

Test Plan:
  - Scanned QR code with Authy.
  - Scanned QR code with Google Authenticator.

{F149317}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Maniphest Tasks: T4398

Differential Revision: https://secure.phabricator.com/D8923
2014-05-01 10:23:11 -07:00
Hangjun Ye
48f6bd9fea Changed default timeout of smtp from 10s to 60s.
Summary:
Our smtp server responded slowly sometimes and reached the timeout, but actually
it had sent the email successfully. The mta then retried and sent duplicated
emails. So changed to a bigger default value.

Test Plan: Tested in our deployed and it worked

Reviewers: #blessed_reviewers, epriestley

Reviewed By: #blessed_reviewers, epriestley

Subscribers: epriestley, Korvin

Differential Revision: https://secure.phabricator.com/D8852
2014-04-24 04:59:22 -07:00
Bob Trahan
67326bb47a Fix phpmailer-lite bug
Summary: Fixes T4417. In this particular codepath, the lovely CreateHeader already added the to: information, so no need to slap it on the front all ghetto style.

Test Plan: imma push this live and test (I am lazy and don't want to configure amazon ses)

Reviewers: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4417

Differential Revision: https://secure.phabricator.com/D8288
2014-02-20 17:24:51 -08:00
epriestley
02aa193cb0 Add a common password blacklist
Summary:
Fixes T4143. This mitigates the "use a botnet to slowly try to login to every user account using the passwords '1234', 'password', 'asdfasdf', ..." attack, like the one that hit GitHub.

(I also donated some money to Openwall as a thanks for compiling this wordlist.)

Test Plan:
  - Tried to register with a weak password; registered with a strong password.
  - Tried to set VCS password to a weak password; set VCS password to a strong password.
  - Tried to change password to a weak password; changed password to a strong password.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran, chad

Maniphest Tasks: T4143

Differential Revision: https://secure.phabricator.com/D8048
2014-01-23 14:01:18 -08:00
James Rhodes
4c143ad3b2 Phragment v0
Summary: Ref T4205.  This is an initial implementation of Phragment.  You can create and browse fragments in the system (but you can't yet view a fragment's patches / history).

Test Plan: Clicked around and created fragments.

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran

Maniphest Tasks: T4205

Differential Revision: https://secure.phabricator.com/D7726
2013-12-07 12:43:49 +11:00
Brooke Bryan
8af2f0d755 Fix undefined property in Amazon SES
Summary:
When sending an email through ses, the body property on the response object is not set, throwing a notice.  This causes the system to assume a messsage failure, and requeues the email.

As the email is actually delivered, it causes an email bomb :(

Message Undefined property: stdClass::$body
#0 /sidekick/phabricator/phabricator/externals/amazon-ses/ses.php(571): PhutilErrorHandler::handleError(8, 'Undefined prope...', '/sidekick/phabr...', 571, Array)
#1 [internal function]: SimpleEmailServiceRequest->__responseWriteCallback(Resource id #290, '<SendRawEmailRe...')
#2 /sidekick/phabricator/phabricator/externals/amazon-ses/ses.php(526): curl_exec(Resource id #290)
#3 /sidekick/phabricator/phabricator/externals/amazon-ses/ses.php(267): SimpleEmailServiceRequest->getResponse()
#4 /sidekick/phabricator/phabricator/src/applications/metamta/adapter/PhabricatorMailImplementationAmazonSESAdapter.php(33): SimpleEmailService->sendRawEmail('To: brooke.brya...')
#5 /sidekick/phabricator/phabricator/externals/phpmailer/class.phpmailer-lite.php(502): PhabricatorMailImplementationAmazonSESAdapter->executeSend('To: brooke.brya...')
#6 /sidekick/phabricator/phabricator/src/applications/metamta/adapter/PhabricatorMailImplementationPHPMailerLiteAdapter.php(91): PHPMailerLite->Send()
#7 /sidekick/phabricator/phabricator/src/applications/metamta/storage/PhabricatorMetaMTAMail.php(631): PhabricatorMailImplementationPHPMailerLiteAdapter->send()
#8 /sidekick/phabricator/phabricator/src/applications/metamta/management/PhabricatorMailManagementSendTestWorkflow.php(130): PhabricatorMetaMTAMail->sendNow()
#9 /sidekick/phabricator/libphutil/src/parser/argument/PhutilArgumentParser.php(396): PhabricatorMailManagementSendTestWorkflow->execute(Object(PhutilArgumentParser))
#10 /sidekick/phabricator/libphutil/src/parser/argument/PhutilArgumentParser.php(292): PhutilArgumentParser->parseWorkflowsFull(Array)
#11 /sidekick/phabricator/phabricator/scripts/mail/manage_mail.php(28): PhutilArgumentParser->parseWorkflows(Array)
#12 {main}

Test Plan: Send a test email through SES mail provider running on php 5.5

Reviewers: epriestley, #blessed_reviewers

Reviewed By: epriestley

CC: Korvin, epriestley, aran, btrahan

Differential Revision: https://secure.phabricator.com/D7660
2013-11-26 12:52:38 -08:00
epriestley
435134f7eb Strip +x from some WePay files
Summary: I opened a pull request to fix this in the WePay upstream, see
<https://github.com/wepay/PHP-SDK/pull/13>. Fix it here too now until that
gets pulled.

Auditors: btrahan
2013-11-12 17:48:47 -08:00
epriestley
09be177376 Update WePay API to HEAD
Summary: This is mostly to pick up the LICENSE file for packaging purposes,
but also fixes a bug I reported.

Auditors: btrahan
2013-11-06 14:05:29 -08:00
epriestley
f88a2b735d Remove spurious "+x" from files that shouldn't have it
Summary: We have a bunch of files with +x that aren't actually executable.
Remove +x from PNGs, etc.
2013-10-05 05:18:17 -07:00
Cam Spiers
66450698ba Provide clearer syntax highlighting for phame posts. Including background colour, overflow scrolling and border. Also support for tt tag differentiation
Summary: Clode blocks are now much clearer in blog posts with the usage of a bg color, border and scrolling for overflowing content

Test Plan: Create a phame post with a code block and see the visual difference

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin, chad

Differential Revision: https://secure.phabricator.com/D6320
2013-07-03 06:25:45 -07:00
epriestley
d20f4f6f20 Update S3 external library
Summary:
This fixes at least two issues with the S3 library on newer versions of cURL/PHP:

  - NOTICE: PHP message: [2013-07-02 22:15:54] ERROR 8: curl_setopt(): CURLOPT_SSL_VERIFYHOST with value 1 is deprecated and will be removed as of libcurl 7.28.1. It is recommended to use value 2 instead at [/core/lib/phabricator/externals/s3/S3.php:1744]
  - `$this->request->body` was appended to without initializing it, which rasies an error on PHP 5.5.0.

I looked over the rest of the changes briefly and they all seem reasonable-ish.

Test Plan:
  - Uploaded a file to S3.
  - Downloaded a file from S3.
  - Deleted a file from S3.
  - Checked error logs for anything suspicious.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D6349
2013-07-02 18:55:08 -07:00
epriestley
49ef13e876 Add WePay as a one-time payment provider
Summary:
Ref T2787.

I //think// we could also use WePay as a recurring payment provider, but this is somewhat messy (OAuth + requires account) -- basically it's "add a WePay account" instead of "add a credit card".

The WePay checkout workflow is a bit upsell-y but basically reasonable.

I like that their API just has a `request($method, $params)` method instead of 30,000 lines of methods for each request type. I did hit one bug; I'll send a pull for that.

Test Plan: Got as far as the charge callback in testing; the rest isn't implemented for any provider yet.

Reviewers: btrahan, vrana, chad

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D5982
2013-05-21 15:34:46 -07:00
epriestley
0569218201 Use JsShrink if jsxmin is not available
Summary: If `jsxmin` is not available, use a pure PHP implementation instead (JsShrink).

Test Plan:
  - Ran `arc lint --lintall` on all JS and fixed every relevant warning.
  - Forced minification on and browsed around the site using JS behaviors. Didn't hit anything problematic.

Reviewers: vrana, btrahan

Reviewed By: vrana

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5670
2013-05-18 17:04:22 -07:00
epriestley
23786784ef Add Balanced Payments API
Summary: Adds the Balanced PHP API to externals/. Ref T2787.

Test Plan: Used in next diff.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran, aurelijus

Maniphest Tasks: T2787

Differential Revision: https://secure.phabricator.com/D5764
2013-04-25 09:47:30 -07:00
epriestley
1e6deff8ba Don't use deprected "1" value to cURL CURLOPT_SSL_VERIFYHOST
Summary: Fixes T2962. That task discusses this issue.

Test Plan: Read php-curl documentation to verify this change makes sense. Sent an email with SES.

Reviewers: btrahan, garoevans

Reviewed By: garoevans

CC: aran

Maniphest Tasks: T2962

Differential Revision: https://secure.phabricator.com/D5669
2013-04-12 08:10:22 -07:00
epriestley
95f57756aa Move all external JS into webroot/rsrc/externals
Summary:
Currently, Celerity map rebuilds on Windows don't put Stripe or Raphael into the map. Move them into `webroot/rsrc/externals/` so they get picked up.

At some point we should maybe let the mapper load resources from mulitple locations, but this is more straightforward for now.

See https://github.com/facebook/phabricator/issues/294

Test Plan: Rebuilt map, verified Burnup Rate + Stripe work.

Reviewers: vrana, btrahan

Reviewed By: btrahan

CC: aran

Differential Revision: https://secure.phabricator.com/D5661
2013-04-11 10:06:05 -07:00
epriestley
9ca2bb991c Use ExecFuture to raise sendmail error codes out of PHPMailer
Summary:
Ref T2843. We currently drop any stdout/stderr emitted by sendmail. Instead, use `ExecFuture` so we'll throw an exception with debugging information preserved.

@tido, can you apply this and restart the daemons?

Test Plan: Rests on @tido

Reviewers: tido, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2843

Differential Revision: https://secure.phabricator.com/D5464
2013-03-30 15:51:32 -07:00
Jakub Vrana
4d2cf457d4 Add space in header tags
Test Plan: Double clicked on the last word of title. Tag wasn't selected.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5462
2013-03-30 10:10:30 -07:00
Jakub Vrana
1ee7bbe305 Move Javelin to webroot
Summary:
This is a major pain on Windows and the main reason why Phabricator doesn't work there and is hard to fix.
The sad part is that Windows support symlinks (via `MKLINK`) but Git on Windows doesn't use them.

Test Plan: Loaded Phabricator on Windows without JS errors.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5458
2013-03-28 05:18:57 +00:00
epriestley
17b9ac41f1 Treat keyCode 10 as "return" in JX.Event
Summary: Fixes T2753. Return is sent as either 10 or 13, depending on browser and OS. See, e.g. [[ http://code.google.com/p/chromium/issues/detail?id=79407 | this Chromium issue ]].

Test Plan: @cystorm confirmed this patch fixes the issue on his system.

Reviewers: btrahan, codeblock

Reviewed By: codeblock

CC: cystorm, aran

Maniphest Tasks: T2753

Differential Revision: https://secure.phabricator.com/D5381
2013-03-19 10:57:54 -07:00
epriestley
34db006c4b Attempt to fix IE8 mixed content warning. 2013-02-26 08:00:20 -08:00
epriestley
26f8e76ee2 When an image is too wide in Pholio, scale it down
Summary:
Currently, if an image is too wide for the viewport, we freak out. Instead, scale it down.

This means we must also scale down all the rectangles on it, which is why this is tricky. However, all the draw/load separation has made it reasonably straightforward.

We'll possibly need to add some kind of "view full size" thing. I'm planning to add an element which shows "85%" or whatever if it's currently scaled.

Test Plan:
Before:

{F33607}

After:

{F33608}

Reviewers: chad, ljalonen

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5088
2013-02-23 06:28:34 -08:00
epriestley
49c40d209d Tokens v1
Summary:
Features!

  - Giving tokens.
  - Taking tokens back.
  - Not giving tokens.

Test Plan: See screenshots.

Reviewers: chad, vrana

Reviewed By: chad

CC: aran, btrahan

Maniphest Tasks: T2541

Differential Revision: https://secure.phabricator.com/D4964
2013-02-15 07:47:14 -08:00
epriestley
0f1bdbe147 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-04 06:19:52 -08:00
Lauri-Henrik Jalonen
209bf71b32 Add isNormalMouseEvent() to Javelin
Summary:
Added isNormalMouseEvent() that returns true if left mouse button triggered event click, mousedown or mouseup.
Modified isNormalMouseClick() to use new function.

Test Plan: Verified that new function works for click, mousedown and mouseup events.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2475

Differential Revision: https://secure.phabricator.com/D4778
2013-02-01 08:48:27 -08:00
epriestley
fc4cb57357 Fix JSON encoding of PhutilSafeHTML for browser consumption
Summary:
If you run this code:

  json_encode(array('tag' => phutil_tag('div', array())));

...you get this result, because json_encode() does not call toString() on objects:

  {"tag":{}}

Instead, convert such objects to their underlying strings. Javelin has support for JX.HTML and for implicit conversion (which is kind of sketchy for other reasons) but it's sort of complicated (only happens on Ajax, not behaviors) and messy (not metadata-based), so ignore it for now.

We'll need to do something similar for serialization to the database. My plan there is just to throw on any objects. The only time we put HTML in the database is cache-related and those tiny number of callsites can manually handle it.

Test Plan: Various ajax things now receive the correct data.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4684
2013-01-28 18:11:27 -08:00
epriestley
07767fda00 Use direct inclusion, not submodules, to bring Javelin into Phabricator
Summary:
Submoduling is slightly convenient for developers but hellishly difficult for many users. Since we make about a dozen updates to Javelin per year, just include the source directly.

Even if we run `git submodule status` more often, this creates additional problems for users with PATH misconfigured.

Fixes T2062 by nuking it from orbit.

Test Plan: Loaded site, browsed around. Grepped for references to submodules.

Reviewers: btrahan, vrana

CC: aran

Maniphest Tasks: T2062

Differential Revision: https://secure.phabricator.com/D4581
2013-01-22 12:43:55 -08:00
Bob Trahan
2b0526e9f9 one more phame tweak for better social sharing -- make sure $uri is the full uri
Summary: basically when we're on a page we have a URIPath so set that and pass it over. I wasn't super duper happy with this but it seems to be the best way to pass this data.

Test Plan: verified the og:url was correct on my dev instance of phacility blog for both the main blog and individual post view

Reviewers: epriestley

Reviewed By: epriestley

CC: chad, aran, Korvin

Differential Revision: https://secure.phabricator.com/D4269
2012-12-21 13:46:23 -08:00
epriestley
b116861b16 Add draft support to ApplicationTransactions
Summary:
When previewing, save drafts. When loading objects, restore drafts if they are available.

Depends on: D665

Test Plan:
  - Viewed a Mock.
  - Typed text into the comment box.
  - Reloaded the page.
  - Text still there.
  - Hit submit, got my comment.
  - Reloaded the page.
  - Draft correctly deleted.
  - Repeated for Macros.

Reviewers: btrahan, chad, vrana

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2104

Differential Revision: https://secure.phabricator.com/D4252
2012-12-21 05:57:14 -08:00