Commit Graph

67 Commits (85d0e1b31d330cb8c215ca06b6a6d0c9848ff99e)

Author SHA1 Message Date
rinsuki 44ff9b2e9b fix: embed.js doesn't expands iframes height (#18301)
also including some refactoring:
- add `// @ts-check`
- use Map to completely avoid prototype pollution
- assign random id to each iframe for reduce chance to brute-force attack, and leak of iframe counts
- check iframe.contentWindow and MessageEvent.source to validate message is coming from correct iframe (it works on latest Chrome/Firefox/Safari but I'm not sure this is allowed by spec)

follow-up of #17420
fix #18299
2022-05-04 03:20:44 +02:00
Gaelan Steele 7a00957cbb Fix light-mode emoji borders. (#18131) 2022-04-29 19:23:03 +02:00
Rohan Sharma e96b704def Fixed prototype pollution bug and only allow trusted origin (#17420) 2022-02-01 17:34:48 +01:00
Eugen Rochko a8e442884c Add assets from Twemoji 13.1.0 (#16345)
* Add assets from Twemoji 13.1.0

* Update emoji-mart
2021-06-01 14:35:49 +02:00
Claire 89ef33df51 Add border to 🚲 emoji (#16035) 2021-04-13 23:43:51 +02:00
Claire 9208810829 Add borders to 📱 and 📲 emojis (#15794) 2021-03-01 21:22:54 +01:00
Marcin Mikołajczak 429d837f80 Add app shortcuts (#15234)
* Add app shortcuts

Signed-off-by: mkljczk <me@mkljczk.pl>

* Fix codeclimate issues

Signed-off-by: mkljczk <me@mkljczk.pl>

* Change shortcuts

Signed-off-by: mkljczk <me@mkljczk.pl>

* More consistent new-status icon

Signed-off-by: mkljczk <me@mkljczk.pl>
2020-12-15 02:04:56 +01:00
ThibG 6c612562f0 Add border around 🕺 emoji (#14769)
Fixes #14768
2020-09-10 19:08:03 +02:00
ThibG a3c9062153 Add border around 🐞 emoji (#14712) 2020-08-31 23:30:27 +02:00
leo60228 230a3b36b6 Add emojis:generate_borders Rake task (#13773)
* Add emojis:generate_borders Rake task

* Address review

* Border all dark emoji

* Combine stroke with filter to reduce artifacting

* Cleanup Camera with Flash

* Add stroke-linejoin="round"

The previous filter and tweaks were effectively a poor imitation of it.
There are no artifacts for any dark emoji now!

* Set stroke-width using property

This fixes old versions of Firefox.

* Store emoji in string instead of array

* Use separate arguments for each path segment

* Remove "background: black;"
2020-06-09 00:12:20 +02:00
ThibG b20d0db1eb Remove 'unsafe-inline' from Content-Security-Policy style-src (#13679)
* Make sure wicg-inert doesn't rely on inline CSS

* Remove unsafe-inline from style-src
2020-05-08 21:22:57 +02:00
D Anzorge 945c8e207e Update Twemoji to 12.1.5 (#13021)
* Update Twemoji to 12.1.5

SVGs from Twemoji repo https://github.com/twitter/twemoji

* Update emoji_map.json to Unicode 12
2020-04-19 23:38:31 +02:00
koyu 8349105f03 Updated Twemoji to 12.1.3 (#12342) 2019-11-11 00:04:24 +02:00
Eugen Rochko 41b188dce6 Add OCR tool to media editing modal (#11566) 2019-08-15 15:13:26 +02:00
ThibG 11ca5888f0 Disallow robots from indexing /interact/ (#10666)
This does not provide any new information and may just triple the number
of crawled pages
2019-05-02 00:10:19 +02:00
Eugen Rochko 66758328ba Change error graphic to hover-to-play (#10055)
Fix #6060
2019-02-15 23:33:25 +01:00
nightpool b5e767c04b Change robots.txt to exclude only media proxy URLs (#10038)
* Revert "Change robots.txt to exclude some URLs (#10037)"

This reverts commit 0e8ebc2371.

* Let's block media_proxy

/media_proxy/ is a dynamic route used for requesting uncached media, so it's
probably bad to let crawlers use it

* misleading comment
2019-02-14 03:11:47 +01:00
Eugen Rochko 0e8ebc2371 Change robots.txt to exclude some URLs (#10037)
- Exclude static assets
- Exclude uploaded files
- Exclude alternate versions of the profile page
- Exclude media proxy URLs
2019-02-13 21:28:18 +01:00
Dryusdan 250eb6a6c9 update twemojie to v2 (#7911) 2018-07-06 01:58:07 +02:00
Maciek Baron e5134142bc Crush PNGs to reduce overall size (#7954) 2018-07-05 15:20:16 +02:00
Renato "Lond" Cerqueira 2e4a1d3109 Rename emoji sheet to avoid caching issue (#7777) 2018-06-10 16:12:47 +02:00
Renato "Lond" Cerqueira ae0b751a30 Update to emojimart 2.6.1 (#7746)
* Update to emojimart 2.6.1
WIP using local updated version. Sheet comes from emoji-data@4.0.4,
file sheet_twitter_32_indexed_256.png.

* Update to 2.6.1 and uncompress data if needed

* Remove changes that were not needed

* Fix yarn lock file

* Match emojiToShowFilter behavior to new version of emoji-mart

* Fix codeclimate issue

* Match custom emoji behavior to new version of emoji-mart

* Replace emoji without shortcode in tests

* Fix code climate issues
2018-06-07 19:40:23 +02:00
Una dca7183dfb Optimize public/headers/missing.png (#7084) 2018-04-09 11:34:48 +02:00
Konrad Pozniak 7d455651d3 add new avatar placeholder missing.png (#6728) 2018-03-11 14:55:38 +01:00
David Yip 4d1b81e0db Add artist, title, and date metadata to boop.{mp3,ogg} (#5531)
For boop.mp3, this commit adds both ID3v1 and ID3v2 tags.  For boop.ogg,
we use Vorbis metadata.

In the case of boop.mp3, this also adds a cover image. Interestingly, it
didn't seem to affect the size of boop.mp3 much, despite being ~8k.
boop.ogg seemed to be much more affected and so no cover image was added
to that version.
2017-10-28 00:05:04 +09:00
Eugen Rochko d931706bcd Change Android icon padding again to half of previous (#5339) 2017-10-12 00:58:14 +02:00
Eugen Rochko cb78a30a77 Add padding to Android icon, change Apple and MS icons (#5321) 2017-10-11 19:11:15 +02:00
Eugen Rochko 0cbee44d94 Fix wrong dimensions on Android icon (#5296) 2017-10-10 12:41:30 +02:00
Eugen Rochko 658635d113 Material app icon for Chrome (#5291) 2017-10-09 21:27:16 +02:00
Eugen Rochko 522fa878c3 Fix #5274 - Create symlink from public/500.html to public/assets/500.html (#5288) 2017-10-09 20:51:24 +02:00
Eugen Rochko 1767f9817c New error page graphic. Other error page improvements (#5099)
- 500.html generated with admin-set default locale if set
- Error page `<title>` includes Mastodon site title
- 500 title changed to "This page is not
  correct" (ref: <https://www.youtube.com/watch?v=2VCAP_seh1A>)
- 500 content appended with "on our end" to make clear it's
  not user's fault
2017-09-25 23:05:54 +02:00
Eugen Rochko 6b0ea1e79c Generate 500.html with assets:precompile, remove loading from Google Fonts (#5067) 2017-09-25 04:04:04 +02:00
Eugen Rochko 16a5d1450c Switch from EmojiOne to Twemoji, different emoji picker (#5046)
* Switch from EmojiOne to Twemoji, different emoji picker

* Make emoji-mart use a local spritesheet

* Fix emojify test

* yarn manage:translations
2017-09-23 01:41:00 +02:00
Eugen Rochko 2303725f7d Add script to make embedded iframes autosize (#4853) 2017-09-09 16:23:44 +02:00
Eugen Rochko 2e32794a12 Use consistent icons for web push notifications, same as web UI (#4426) 2017-07-28 18:13:42 +02:00
Satoshi KOJIMA c6344547a3 fix #4356 : place sw.js to assets/sw.js (#4357) 2017-07-28 01:55:52 +02:00
Eugen Rochko e874a4562e Use the "m" version of the logo for favicons (#4345) 2017-07-24 19:54:59 +02:00
Eugen Rochko 78c7c9fb0f New logo (#4306)
* Add new logo

* Remove unused images
2017-07-23 02:40:39 +02:00
Sorin Davidoi ecab38fd66 Web Push Notifications (#3243)
* feat: Register push subscription

* feat: Notify when mentioned

* feat: Boost, favourite, reply, follow, follow request

* feat: Notification interaction

* feat: Handle change of public key

* feat: Unsubscribe if things go wrong

* feat: Do not send normal notifications if push is enabled

* feat: Focus client if open

* refactor: Move push logic to WebPushSubscription

* feat: Better title and body

* feat: Localize messages

* chore: Fix lint errors

* feat: Settings

* refactor: Lazy load

* fix: Check if push settings exist

* feat: Device-based preferences

* refactor: Simplify logic

* refactor: Pull request feedback

* refactor: Pull request feedback

* refactor: Create /api/web/push_subscriptions endpoint

* feat: Spec PushSubscriptionController

* refactor: WebPushSubscription => Web::PushSubscription

* feat: Spec Web::PushSubscription

* feat: Display first media attachment

* feat: Support direction

* fix: Stuff broken while rebasing

* refactor: Integration with session activations

* refactor: Cleanup

* refactor: Simplify implementation

* feat: Set VAPID keys via environment

* chore: Comments

* fix: Crash when no alerts

* fix: Set VAPID keys in testing environment

* fix: Follow link

* feat: Notification actions

* fix: Delete previous subscription

* chore: Temporary logs

* refactor: Move migration to a later date

* fix: Fetch the correct session activation and misc bugs

* refactor: Move migration to a later date

* fix: Remove follow request (no notifications)

* feat: Send administrator contact to push service

* feat: Set time-to-live

* fix: Do not show sensitive images

* fix: Reducer crash in error handling

* feat: Add badge

* chore: Fix lint error

* fix: Checkbox label overlap

* fix: Check for payload support

* fix: Rename action "type" (crash in latest Chrome)

* feat: Action to expand notification

* fix: Lint errors

* fix: Unescape notification body

* fix: Do not allow boosting if the status is hidden

* feat: Add VAPID keys to the production sample environment

* fix: Strip HTML tags from status

* refactor: Better error messages

* refactor: Handle browser not implementing the VAPID protocol (Samsung Internet)

* fix: Error when target_status is nil

* fix: Handle lack of image

* fix: Delete reference to invalid subscriptions

* feat: Better error handling

* fix: Unescape HTML characters after tags are striped

* refactor: Simpify code

* fix: Modify to work with #4091

* Sort strings alphabetically

* i18n: Updated Polish translation

it annoys me that it's not fully localized :P

* refactor: Use current_session in PushSubscriptionController

* fix: Rebase mistake

* fix: Set cacheName to mastodon

* refactor: Pull request feedback

* refactor: Remove logging statements

* chore(yarn): Fix conflicts with master

* chore(yarn): Copy latest from master

* chore(yarn): Readd offline-plugin

* refactor: Use save! and update!

* refactor: Send notifications async

* fix: Allow retry when push fails

* fix: Save track for failed pushes

* fix: Minify sw.js

* fix: Remove account_id from fabricator
2017-07-13 22:15:32 +02:00
Eugen Rochko 143ab47410 Fix #3063 - Add dynamic app manifest (#3563)
* Fix #3063 - Add dynamic app manifest

* Added short_name

* Add background_color
2017-06-06 19:29:42 +02:00
Yamagishi Kazutoshi 67aa79964e Add boop sounds in Vorbis format (#2963)
Vorbis is audio format of Open Source.
Can play audio in a free environment where you can not play mp3.
2017-05-10 16:58:54 +02:00
Lindsey Bieda d440601851 Red favicon for dev (#2470)
* Set a dev specific favicon

* Consistent spacing

* Add trailing slash for consistency

* Update to remove interpolation
2017-04-26 15:45:27 +02:00
Dale Price dd68c1cc16 Add mask-icon.svg (#1572) (#1585)
* Add mask-icon (#1572)

* use updated svg logo for mask-icon
2017-04-17 10:39:54 +02:00
Eugen Rochko cdbfbbc691 Improve emojis - use SVGs where possible 2017-03-29 22:27:24 +02:00
Eugen Rochko 2c29cc400e Improve error page layouting. 500 page has to stay static because it's
used from nginx when Rails fails.
2017-01-21 22:30:47 +01:00
Eugen Rochko 280348f1e0 Merge branch 'fix/error-pages' of https://github.com/ineffyble/mastodon into ineffyble-fix/error-pages 2017-01-21 22:20:01 +01:00
Effy Elden 4dd4664b10 Change missing.png header to 1x1 transparent PNG 2017-01-22 06:42:42 +11:00
Effy Elden d6d5a05e02 Add a default missing.png header image - fixes #492 2017-01-22 05:19:31 +11:00
Eugen Rochko 7865ce28e5 Add sounds for notifications. Boop by @jk@mastodon.social 2017-01-17 20:09:03 +01:00
Effy Elden 80f186cdf0 Add nice error page for CSRF errors/cookie issue, and fix error page handling altogether 2017-01-15 10:30:23 +11:00