Previously the receiving user's name was just black text. The recent
change to link the name to the profile page made regular users and
mods look too similar, causing confusion.
Some advertisers set their ad's url to an intermediate tracker so
they can independently track clicks. This results in a series of
redirects like this:
reddit tracker > intermediate tracker > final destination
The ad's url is communicated to the reddit tracker through a query
parameter which is urlencoded on reddit.com and then unquoted when
being handled by the reddit tracker. This unquoting causes problems
if there is an intermediate tracker with its own query string
that needs to be urlencoded. This commit adds handling for those query
strings.
Grant URI: https://oauth.reddit.com/grants/installed_client
This minor extension grant allows non-confidential
OAuth2 clients to request user-less OAuth2 tokens.
Consumers should provide a unique ID, and re-use that ID
for subsequent token requests from the same device. ID
generation is left up to the client.
This is separate from client_credentials so that the
client_credentials grant can conform to the official spec.
Installed apps are considered "public" as part of the
OAuth2 spec (unable to keep a secret). Don't
show a secret for such apps on the /prefs/apps page,
and don't check the secret as part of client identification
for such apps.
This implements the client_credentials grant type.
This allows 3rd parties to use the OAuth domain for
logged out (user-less) API access in addition to existing use for
logged in access.
The intent of this patch is to refactor the existing vote-casting code
into a state that's ready for pgvotes to be dropped and replaced with
reads from VoteDetailsByThing. Ideally, no behaviour is changed by this
patch (hence "refactor") and then the later data model change will be
lower risk as a result of less code shuffling.
Once this patch is applied, the `Vote` class/rel is considered an
implementation detail of the vote module and hidden from public view.
In reddit/reddit@76858eb, I expanded the places we could use the report form.
Unfortunately, it got caught by a CSS rule on the reddit gold payment page that
made it visible, despite not being at all useful on that page. :)
Now that CSS rule is slightly more scoped. The only other `<form>` that's
inside `.gold-payment` but **not** `.gold-wrap` is the share dialog, which has
an inline style hiding it.
To avoid debate over "login" the noun and "log in" the verb, we're making a
move towards using "sign in" instead. The first part of this was done in the
login rework in reddit/reddit@c4f5b6c2.
This commit continues to make our verbage consistent on "sign in" and "create
an account", avoiding use of "log in" and "register". Specifically, these
should all be consistent:
* Upper-right modal-popping text
* Headers on modal and /login
* Buttons on modal and /login
* Page title on /login
I didn't change the text in the old login flow, because that feature flag seems
like it's going to be pruned soon.
