github/reddit
1
1
Fork 0
mirror of https://github.com/reddit-archive/reddit.git synced 2026-01-23 22:08:11 -05:00
Code Issues Packages Projects Releases Wiki Activity
3,960 Commits 1 Branch 0 Tags
7cee17a418e0449ece0c19ff4f3a86c2424320cd
Commit Graph

3960 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Neil Williams
7cee17a418 install-reddit: Only bind the stunnel-internal port on localhost. 
This prevents connections directly on that port from outside.
 2014-01-23 16:13:06 -08:00
Neil Williams
5ead01ca50 install-reddit: Move netcat to proper group of packages. 2014-01-23 16:13:06 -08:00
Roger Ostrander
0fda7910d3 Hooks: Enable public access to the hooks dictionary 2014-01-22 13:09:45 -08:00
Brian Simpson
184079068c GET_submit: sanitize_url before checking for url existence. 2014-01-22 03:48:07 -05:00
Keith Mitchell
770ea6b69f Clean up /prefs/apps view of OAuth2Scopes 
Re-styles the /prefs/apps view of app permissions
so that the new, longer lists of scopes won't overflow.
 2014-01-22 10:17:29 -08:00
Keith Mitchell
0ace7030c6 Be more explicity with merged OAuth2Scopes 
In order to present a precise picture of an OAuth2Client's
overall permissions, a dictionary of OAuth2Scopes with
the exact, per-subreddit scopes is passed.
 2014-01-22 10:17:21 -08:00
Keith Mitchell
61df59cf2c Show only one entry per app on /prefs/apps 
This changes /prefs/apps to show one entry per OAuth2Client,
with a combined scope showing the cumulative scope of all
tokens granted to the app.

Previously, /prefs/apps had one entry per access or refresh
token. This was generally redundant, as the revoke action
would revoke all tokens for the given app.
 2014-01-22 10:17:13 -08:00
Andre D
a7878232f5 POST_block: Do not check inbox if user is a mod of the subreddit. 2014-01-22 10:17:05 -08:00
Chad Birch
13cde008d8 Sidebar mod list: don't count deleted users 2014-01-21 14:47:42 -07:00
Andre D
d26d9b3ca7 flair: Cleanup form submission. 2014-01-21 14:47:35 -07:00
Brian Simpson
8b982b8644 GET_submit: sanitize_url before building listing. 2014-01-21 14:47:29 -07:00
Brian Simpson
5c294c3a4d inventory: Fix logic for determining location overlap. 2014-01-16 07:43:17 -05:00
Brian Simpson
6072f9f515 Disable 'region' input when not applicable. 
Was sending a null value which wasn't being handled correctly
by the VLocation validator.
 2014-01-16 07:43:12 -05:00
Neil Williams
dd78c62417 Use is_moderator_somewhere for moderatorship checks. 
This should be a much lighter weight check than checking
reverse_moderator_ids on every request.
 2014-01-16 14:00:04 -08:00
Neil Williams
cfc462b5f6 Pass return values on from {add,remove}_moderator. 
This was causing modship PMs not to be sent.
 2014-01-16 14:00:04 -08:00
Brian Simpson
8ad42f9d5f sponsored: Show campaign editor before filling it. 2014-01-15 17:29:45 -05:00
Brian Simpson
be9b628194 Geotargeting is for sponsors only. 2014-01-15 17:29:45 -05:00
Brian Simpson
eb75b6075a get_campaigns_by_date: return dict with all srnames and dates. 2014-01-15 17:29:45 -05:00
Brian Simpson
93f29d98f2 Add geotargeting for selfserve advertising. 2014-01-15 17:29:45 -05:00
Brian Simpson
90cafd9933 Add inventory functions for geotargeting. 2014-01-15 17:29:44 -05:00
Brian Simpson
5ab7e0232a Add LocationPromoMetrics. 2014-01-15 17:29:44 -05:00
Brian Simpson
f7be48bcf2 Add locations to app_globals object. 2014-01-15 17:29:44 -05:00
Brian Simpson
138a4c95c6 Add VLocation validator. 2014-01-15 17:29:44 -05:00
Brian Simpson
7f2e9b34d6 Add Location attribute to PromoCampaign. 2014-01-15 17:29:44 -05:00
Brian Simpson
2f4e5a2125 promotelinkform: remove cpm form input. 2014-01-15 17:29:44 -05:00
Brian Simpson
932baf6ea0 sponsored.js: Fix handling for 0 inventory values. 2014-01-15 17:29:37 -05:00
Brian Simpson
394eff4059 toolbar: Use wrap_links correctly. 2014-01-13 14:50:15 -05:00
Kristofer Rye
1090350a8d lib/strings.py: Fix a spelling error 
The past tense of the verb "verify" is "verified," not "verfied."
 2014-01-14 16:00:47 -08:00
Max Goodman
dd41521b6a Add X-XSS-Protection and X-Content-Type-Options headers. 
As suggested by reporter Shahmeer Amir.
 2014-01-14 16:00:47 -08:00
Max Goodman
4bf612f7c1 Don't log users out in the verify email flow. 
Fixes logout CSRF reported by Mathias Karlsson.
 2014-01-14 16:00:47 -08:00
Max Goodman
ecec1e5051 Don't log in / log out in the password reset flow. 
This prevents using valid password reset tokens to force a logout CSRF,
as reported by Mathias Karlsson.
 2014-01-14 16:00:47 -08:00
Max Goodman
c1ef147ad2 Add username display to the reset password form. 2014-01-14 16:00:47 -08:00
Brian Simpson
ee5659e050 Fix path for ModMinus. 2014-01-12 21:59:57 -05:00
Brian Simpson
ed6eecea00 Improve handling of changes to finished promoted links. 2014-01-12 21:59:36 -05:00
Brian Simpson
6374ac87c4 Suppress numbering on promoted links. 2014-01-12 21:57:54 -05:00
Brian Simpson
13198477e6 Show sponsored headlines on all link listings. 2014-01-12 21:57:54 -05:00
Brian Simpson
e13ddac2ba Delete FixListing. 
Not needed since cached queries are always used.
 2014-01-12 21:57:49 -05:00
Brian Simpson
50d35de04b Make hot score continuous. 2014-01-12 21:57:42 -05:00
Brian Simpson
d8e4156825 CachedResults: never skip inserting an item if it's already stored. 2014-01-12 21:57:31 -05:00
Neil Williams
5e249f4773 Make all moderators have a modmsgtime attribute. 
This attribute can serve as a handy indicator that a user is a moderator
somewhere and can therefore replace the more costly modship lookup in
reddit_base.
 2014-01-12 10:08:07 -05:00
Brian Simpson
91a83a6368 Ignore case when building list of subreddits with saved things. 2014-01-12 10:07:59 -05:00
Brian Simpson
1d0a9f3950 Only demangle_url if there is a url. 2014-01-12 10:07:53 -05:00
Brian Simpson
c13923cd2f Delete link_from_url and filter_links. 2014-01-12 10:07:38 -05:00
Brian Simpson
20419241df VUrl: Don't check for already submitted url. 2014-01-12 10:07:38 -05:00
Brian Simpson
299366c473 hot_links_by_url_listing: Return a listing of links for a given url. 2014-01-12 10:07:38 -05:00
Brian Simpson
0e8410c0c0 Link._by_url: always return a list. 2014-01-12 10:07:38 -05:00
Brian Simpson
7a2d237653 AllMinus/ModMinus: Handle case where base_sr doesn't exist. 2014-01-12 10:07:38 -05:00
Brian Simpson
fb19fc689d Allow subtracting subreddits from /r/mod. 2014-01-12 10:07:38 -05:00
Brian Simpson
3dfe258407 is_charged_transaction: refunded is still charged. 2014-01-12 10:07:29 -05:00
Jason Harvey
7cadf9fc7a Update link LastModified if link or thread comment is removed. 2014-01-08 16:40:38 -08:00