Commit Graph

66 Commits (05df66f8d7dee446cd39285283032fd0e3a97cf1)

Author SHA1 Message Date
ThibG e1ef5f3b31 Add honeypot fields and minimum fill-out time for sign-up form (#15276)
* Add honeypot fields to limit non-specialized spam

Add two honeypot fields: a fake website input and a fake password confirmation
one. The label/placeholder/aria-label tells not to fill them, and they are
hidden in CSS, so legitimate users should not fall into these.

This should cut down on some non-Mastodon-specific spambots.

* Require a 3 seconds delay before submitting the registration form

* Fix tests

* Move registration form time check to model validation

* Give people a chance to clear the honeypot fields

* Refactor honeypot translation strings

Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2020-12-10 06:27:26 +01:00
ThibG ce87767572 Change how CDN_HOST is passed down to make assets build reproducible (#14381)
* Change how CDN_HOST is passed down to make assets build reproducible

* Change webpacker/webpack configuration to dynamically load publicPath based on meta header

* Fix embedded layout missing the cdn-host meta header
2020-10-13 01:19:35 +02:00
ThibG ef710bbff6 Add client-side validation in password change forms (#14564)
* Fix client-side username validation at registration

It used the Account::USERNAME_RE regexp which is for *remote* users,
local user validation is stricter. Also take into account max username length.

* Add client-side form validation for password change

* Add client-side form validation to dedicated registration form

Previous changes only applied to the /about page, not the dedicated form on
/auth
2020-08-12 12:11:15 +02:00
ThibG 22aba16386 Add HTML form validation for the registration form (#14560)
* Add HTML-level validation of username in sign-up form

* Make required fields with incorrect values more visible

* Enable HTML form validation for the registration form

* Mark agreement checkbox as required client-side

* Add minimum length to password

* Add client-side password confirmation validation
2020-08-11 23:09:13 +02:00
ThibG 9e14647df8 Fix lock icon not being shown when locking account in profile settings (#14190) 2020-07-01 13:51:50 +02:00
ThibG 3b7373ed4c Fix end-user-facing uses of inline CSS (#13438)
* Move some inline styles to CSS files

* Move default_account_display_name span to fix useless tags with duplicate id

* Change handling of public pages spoiler text from inline CSS to dataset attribute

* Use the `dir` HTML attribute instead of inline CSS

* Move status action bar inline CSS to CSS file

* Hide logo resources from CSS file, not inline CSS

Fixes #11601

* Move translation prompt styling from inline CSS to CSS file

* Move “invited by” styling on registration form from inline to CSS file

* Use the progress tag to display poll results in JS fallback

* Fix poll results JS-less fallback when the user has voted for an option

* Change account public page “moved” notice to use img tags instead of inline CSS

* Move OTP hint inline CSS to SCSS file

* Hide JS-less fallback vote progressbars from accessibility tools

Co-authored-by: Eugen Rochko <eugen@zeonfederated.com>
2020-04-28 10:16:55 +02:00
ThibG edce6fc98f Fix “Show more” not switching to “Show less” on public pages (#13174)
* Fix “Show more” not switching to “Show less” on public pages

Fixes #13169

* Fix initial text of CW button on public pages when CW are unfolded by default
2020-04-05 14:02:22 +02:00
Shlee 056f97744a Migrate Rails ujs as required for Rails 6 Upgrade. (#13280)
* Update yarn.lock

* Update package.json

* Update public.js

* Update admin.js

* Update log_out.js

* Update common.js
2020-03-21 03:14:50 +01:00
ThibG f7deab10a5 Fix dates (without time) being rendered as datetimes in public pages (#13034) 2020-02-03 17:48:56 +01:00
Eugen Rochko 9ebfb23e87 Various fixes and improvements (#12878)
* Fix unused role routes being generated

* Remove unused JavaScript code

* Refactor filters code to be DRYer

* Fix `.count == 0` comparisons to `.empty?` in views

* Fix filters in views
2020-01-20 15:55:03 +01:00
Nolan Lawson 425da2dbaa fix: support KaiOS arrow navigation on public pages (#12251) 2019-11-04 13:03:09 +01:00
Eugen Rochko 53ceb703b3 Fix page body not being scrollable in admin layout (#11893)
Hide navigation behind hamburger icon on small screens in admin layout
2019-09-20 10:52:14 +02:00
nzws✨ 7bfef64877 Fix eslint error of import/no-extraneous-dependencies (#11884)
* Fix eslint error of import/no-extraneous-dependencies
- Add history dependency

* refactoring code
2019-09-18 15:41:50 +02:00
ThibG 867b9f3e9c Add public blocks to /about/blocks (#11298)
* Add automatic blocklist display in /about/blocks

Inspired by https://github.com/Gargron/mastodon.social-misc

* Add admin option to set who can see instance blocks

* Normalize locales files

* Rename “Sandbox” to “Silence” for consistency

* Disable /about/blocks when in whitelist mode

* Optionally display rationale for domain blocks

* Only display domain blocks that have user-facing limitations, and order them

* Redesign table of blocked domains to better handle long domain names and rationales

* Change domain blocks ordering now that rationales aren't displayed right away

* Only show explanation for block severities actually in use

* Reword instance block explanations and add disclaimer for public fetch mode
2019-08-19 11:35:48 +02:00
ThibG 99b3dd5b00 Play animated custom emoji on hover (#11348)
* Play animated custom emoji on hover in status

* Play animated custom emoji on hover in display names

* Play animated custom emoji on hover in bios/bio fields

* Add support for animation on hover on public pages emojis too

* Fix tests

* Code style cleanup
2019-07-21 18:10:40 +02:00
Eugen Rochko de4ead8fc6 Change single-column mode to scroll the whole page (#11359)
Fix #10840
2019-07-19 09:25:22 +02:00
ThibG 026f3a9d2d Fix avatar animation on hover when not logged in (#11349) 2019-07-19 09:18:23 +02:00
ThibG 21acf681d2 Put poll options behind content warnings (#10983)
* Put poll options behind CWs in WebUI

* Put polls behind CWs on public pages

* Add poll icon to public pages CWs

* Revert to not showing an icon in the CW button
2019-06-08 17:40:59 +02:00
Jessica d7c34fb945 Animate avatar GIFs on-hover on public profiles (#10549)
* Third time is the charm?

* Use full asset URL for data-static and data-original

̀image_tag` expands to the full asset URL, we have to do the same in `data` attributes so that it can work when assets and user data are stored on a different host
2019-04-21 04:47:39 +02:00
ThibG aa7fe3101f Hopefully fix input text selection quirks on iOS (#10463)
Fix #10448 (hopefully)
2019-04-03 17:54:54 +02:00
ThibG cbb8399df4 Fix public hashtag timeline width on mobile, fix scrollbar width compensation (#9824)
* Fix hashtag timeline width being potentially larger than window width

* Add automatic computation of scrollbar width
2019-01-16 20:36:10 +01:00
ThibG bb2dbd681f Add attachment list fallback to public pages (#9780)
* Add attachment list fallback to public pages

Fixes #6714

* Refactor attachments lists
2019-01-13 09:23:54 +00:00
ThibG f6a5894af6 Postpone scroll-to-detailed status after react components are loaded (#9773) 2019-01-10 15:13:30 +01:00
Paweł Ngei 03289a4d14 Escape HTML in profile name preview in profile settings (#9446)
* fix non-escaped html in the profile settings

* provide a default profile text in case if there's no custom one

* update haml syntax

* simplify default profile name to username

* sanitize user-input html but display emojified icons
2018-12-07 16:42:22 +01:00
Eugen Rochko 305556274a Redesign admin accounts index (#9340)
* Improve overview of accounts in admin UI

- Display suspended status, role, last activity and IP prominently
- Default to showing local accounts
- Default to not showing suspended accounts

* Remove unused strings

* Fix tests

* Allow filtering accounts by IP mask
2018-11-26 15:53:27 +01:00
Eugen Rochko 3a115d3f49 Remove character counter from edit profile (#9100)
* Remove display name and bio counter hint, simply limit input

* Remove now redundant translations

* Fix code style issue
2018-10-26 01:55:24 +02:00
mayaeh cf43973ecd Fix that the copy button of verify link did not work. (#8938) 2018-10-09 19:36:13 +02:00
Eugen Rochko d3105031f8 Redesign forms, verify link ownership with rel="me" (#8703)
* Verify link ownership with rel="me"

* Add explanation about verification to UI

* Perform link verifications

* Add click-to-copy widget for verification HTML

* Redesign edit profile page

* Redesign forms

* Improve responsive design of settings pages

* Restore landing page sign-up form

* Fix typo

* Support <link> tags, add spec

* Fix links not being verified on first discovery and passive updates
2018-09-18 16:45:58 +02:00
PatrickRWells f89bd5fca5 Fix CW issues in static view on Safari (Fixes #8354) (#8446)
* Fix CW issues in static view on Safari (8354)

* Fixed formatting issues

* Trailing space
2018-08-26 01:19:13 +02:00
Eugen Rochko 273e8f0474 Add remote interaction dialog for toots (#8202)
* Add remote interaction dialog for toots

* Change AuthorizeFollow into AuthorizeInteraction, support statuses

* Update brakeman.ignore

* Adjust how interaction buttons are display on public pages

* Fix tests
2018-08-18 03:03:12 +02:00
ThibG 80d02cf8f9 Scroll to linked status in public status view (fixes #7884) (#8130)
When there is a single detailed status on a public page, scroll to it and
replace the history state to not scroll back on refresh (simulates # anchors).
2018-08-06 15:16:02 +02:00
Eugen Rochko 13df3889f0 Redesign public profiles and toots (#8068) 2018-07-28 19:25:33 +02:00
Yamagishi Kazutoshi 2275752fca Upgrade webpack to version v4.x (#6655) 2018-07-14 03:56:41 +02:00
Eugen Rochko 23624f709a Improve embeds (#7919)
* Make embeds cacheable by reverse proxy

* Make follow button on embeds open remote follow modal

Instead of web+mastodon://, also, turn the button blue, and add a
sign up prompt to the remote follow modal
2018-07-01 04:12:34 +02:00
Yamagishi Kazutoshi fa7cdbeb67 Combine similar components into one on public UI (#7458) 2018-05-12 15:30:06 +02:00
Yamagishi Kazutoshi d006271514 Show card modal on public pages (#7428) 2018-05-09 16:22:52 +02:00
Akihiko Odaki 47d2277ef1 Show media modal on public pages (#6801) 2018-03-24 12:52:26 +01:00
Nolan Lawson 2b34471d9d Compress and combine emoji data (#5229) 2017-10-06 03:42:34 +02:00
Eugen Rochko fbec33df62 Redesign video player (#4911)
* Redesign video player

* Use new video player on static public pages too

* Use media gallery component on static public pages too

* Pause video when hiding it

* Full-screen sizing on WebKit

* Add aria labels to video player buttons

* Display link card on public status page

* Fix fullscreen from modal sizing issue

* Remove contain: strict property to fix fullscreen from columns
2017-09-14 03:39:10 +02:00
unarist b25c112d31 Reset preview image if avatar/header image selection was cancelled (#4893) 2017-09-11 16:19:54 +02:00
Eugen Rochko 2303725f7d Add script to make embedded iframes autosize (#4853) 2017-09-09 16:23:44 +02:00
Eugen Rochko ad769409f7 Embed modal (#4748)
* Embed modal

* Proxy OEmbed requests from web UI
2017-08-31 03:38:35 +02:00
Eugen Rochko 651c659fd6 Update status embeds (#4742)
- Use statuses controller for embeds instead of stream entries controller
- Prefer /@:username/:id/embed URL for embeds
- Use /@:username as author_url in OEmbed
- Add follow link to embeds which opens web intent in new window
- Use redis cache in development
- Cache entire embed
2017-08-30 10:23:43 +02:00
unarist 4c8594d451 Apply user timezone for the title attribute of .time-ago (#4693) 2017-08-25 17:21:16 +02:00
Yamagishi Kazutoshi 5ed05aa5af Dynamicaly change avatar and header bg from account setting (#4289) 2017-07-21 12:47:16 +02:00
Cygnan 77c64924bc Fix a typo in public.js (double semicolons) (#4269)
Signed-off-by: Cygnan <mail@cygnan.com>
2017-07-19 13:35:22 +02:00
Akihiko Odaki df2a07d354 Require any modules after loading polyfill in entry points (#4231)
app/javascript/mastodon/main.js delayed the execution of modules,
but other entry points didn't. That leads to failure in executing
modules, which requires those polyfills.

Strictly enforce the rule to require any modules after loading
polyfill in entry points.
2017-07-18 00:19:02 +02:00
Akihiko Odaki 53cb659076 Require images in common.js (#4232) 2017-07-17 10:23:28 +02:00
Yamagishi Kazutoshi 5b2a54e305 Do not load unnecessary script files (#4193) 2017-07-14 11:08:56 +02:00
Eugen Rochko 49026e27e8 Redesign the landing page, mount public timeline on it (#4122)
* Redesign the landing page, mount public timeline on it

* Adjust the standalone mounted component to the lacking of router

* Adjust auth layout pages to new design

* Fix tests

* Standalone public timeline polling every 5 seconds

* Remove now obsolete translations

* Add responsive design for new landing page

* Address reviews

* Add floating clouds behind frontpage form

* Use access token from public page when available

* Fix mentions and hashtags links, cursor on status content in standalone mode

* Add footer link to source code

* Fix errors on pages that don't embed the component, use classnames

* Fix tests

* Change anonymous autoPlayGif default to false

* When gif autoplay is disabled, hover to play

* Add option to hide the timeline preview

* Slightly improve alt layout

* Add elephant friend to new frontpage

* Display "back to mastodon" in place of "login" when logged in on frontpage

* Change polling time to 3s
2017-07-11 15:27:59 +02:00