github/reddit
1
1
Fork 0
mirror of https://github.com/reddit-archive/reddit.git synced 2026-04-27 03:00:12 -04:00
Code Issues Packages Projects Releases Wiki Activity
3,831 Commits 1 Branch 0 Tags
ac25e39dda668e4260e76085fee1b18222ede837
Commit Graph

3831 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Neil Williams
ac25e39dda pagecache: Degrade gracefully if pagecache.get() fails. 2013-11-25 17:35:49 -08:00
Chad Birch
311d876896 Comment: handle deleted account for link_author 2013-11-25 15:50:26 -08:00
Chad Birch
f9336c9f42 JSON: add link_author to out-of-context comments 2013-11-25 15:50:26 -08:00
Chad Birch
e1bb2f702d Daily gold goal: store in cassandra 2013-11-25 15:50:26 -08:00
Logan Hanks
2afadc9771 Use correct cache for modmail permalinks. 2013-11-22 15:48:49 -08:00
Brian Simpson
f79949ae60 Don't link subreddit creator if they're not a moderator. 2013-11-21 19:19:31 -05:00
Brian Simpson
bad6963ae0 ipn: clean up aborts. 2013-11-21 15:09:30 -05:00
Brian Simpson
65c8ad2787 all_gold_users: retrieve spam users. 2013-11-21 15:09:30 -05:00
Brian Simpson
ae8359c4bd accountid_from_paypalsubscription: find spam users. 2013-11-21 15:09:30 -05:00
Brian Simpson
ac8f971c15 Fix typo in promo email. 2013-11-21 15:09:26 -05:00
Brian Simpson
138ae0e3af StripeController: pass the form to cancel_subscription. 2013-11-21 15:09:16 -05:00
Brian Simpson
3b947ccbff StripeController: create customer then set subscription. 
`create_customer` does address verification and we choose not
to make any charges if the verifications fail. We need to wait
until after that verification before creating a subscription.
 2013-11-21 15:09:16 -05:00
Brian Simpson
9eaa928b7f StripeController: give 404 response to charge notice with no buyer. 2013-11-21 15:09:11 -05:00
Max Goodman
4fe8c5d427 Allow media embed content to be framed, as intended. 2013-11-21 23:55:20 -08:00
Max Goodman
bf5350fbe8 Use HTTPS for password reset emails. 2013-11-21 16:04:11 -08:00
Max Goodman
1ed4ac3848 toolbar: Fix frame sizing with comments pane open. 
Since iframes are "replaced elements" they don't auto fill space when a
left and right absolute position is specified. The hacky solution is to
add a container <div> which we can size appropriately and then fill with
the <iframe>.
 2013-11-21 16:04:11 -08:00
Max Goodman
f0bd94c528 toolbar: Add 'allow-same-origin' to fix AJAX within frames. 2013-11-21 16:04:11 -08:00
Max Goodman
b2a4888496 toolbar: Match reddit subdomains due to framing restrictions. 2013-11-21 16:04:11 -08:00
Max Goodman
e76936aae3 Blanket X-Frame-Options: SAMEORIGIN policy. 
Thanks to /u/saurabh_nemade for bringing a content extraction redressing
technique to our attention.
 2013-11-21 16:02:55 -08:00
Max Goodman
bb8f4b1b57 password reset: Validate token before affecting user session. 
Thanks to /u/largenocream for reporting this.
 2013-11-21 16:02:52 -08:00
Max Goodman
00df060e47 multis: Add missing VModhash to PUT_multi_description. 
Thanks to /u/largenocream for reporting this.
 2013-11-21 16:02:42 -08:00
Max Goodman
2e9383e582 Remove dead client side cnameframe parameter. 
Thanks to /u/largenocream for reporting this.
 2013-11-21 16:02:33 -08:00
Max Goodman
54548ee34c js.py: Handle languages for which translations do not exist. 
This helps when testing language subdomains that aren't translated
locally.
 2013-11-21 16:01:51 -08:00
Max Goodman
dfe8359246 Prevent policy page date from wrapping mid-line. 2013-11-21 16:01:51 -08:00
Andre D
3b0bf9d755 Fix vulnerabilities in setting friend and ban notes. 
Thanks to /u/largenocream for reporting this.
 2013-11-20 10:33:48 -08:00
Neil Williams
9f5a48f97f Don't allow non-admins to even generate admin cookies. 
They weren't usable due to the checks in reddit_base, but it's safer to
not even generate 'em.

Thanks to /u/largenocream for reporting this.
 2013-11-20 10:33:43 -08:00
Max Goodman
7547315410 Count CORS request origin stats. 2013-11-19 16:51:04 -08:00
Max Goodman
15dceb4f62 Allow CORS requests for unauthenticated JSON resources. 2013-11-19 16:51:04 -08:00
Max Goodman
cb24083a32 js.py: Remove LocalizedModule dependency on strings.py. 
Since strings now get sourced from gettext-style markings rather than
strings.py, this is no longer needed.
 2013-11-19 16:51:04 -08:00
Max Goodman
75719fdde4 Remove old dragonage static files. 2013-11-19 16:51:04 -08:00
Max Goodman
9e6deebb6f Add temporary Secret Santa sidebar link. 2013-11-19 16:51:04 -08:00
Max Goodman
ba55a6e68f Parameterize SideBox link target attribute. 2013-11-19 16:51:04 -08:00
Brian Simpson
b557e1297e StripeController: add handling for charge dispute events. 2013-11-19 09:55:48 -05:00
Brian Simpson
954b8b1147 GoldSubscription: use correct check for paypal subscription. 2013-11-19 09:55:48 -05:00
Brian Simpson
0a623d87c4 StripeController: don't raise exception for recent charges. 2013-11-19 09:55:42 -05:00
Brian Simpson
5943242ad7 analytics: run on comments pages for promote links. 2013-11-19 09:54:44 -05:00
Brian Simpson
794f4175b4 PromoteReport: PromoCampaign end_date is not inclusive. 2013-11-19 09:54:44 -05:00
Brian Simpson
4f63023747 get_total_run: Fix handling for house campaigns. 2013-11-19 09:54:44 -05:00
Brian Simpson
ccf4c9c2c4 Gold: redirect to subscription page if use tries to resubscribe. 2013-11-19 09:54:44 -05:00
Brian Simpson
b9d932d233 Don't allow multiple gold subscriptions. 2013-11-19 09:54:44 -05:00
Brian Simpson
64bffb2903 StripeController: don't cancel subscription if the charge was attempted. 2013-11-19 09:54:44 -05:00
Brian Simpson
dcecc09aa6 ProfileBar: attribute is 'paypal_subscr_id'. 2013-11-19 09:54:44 -05:00
Brian Simpson
42bf5b2ced StripeController: handle charge.failed with insufficient information. 2013-11-19 09:54:44 -05:00
Brian Simpson
0d0ac728eb StripeController: handle exception when customer isn't found. 2013-11-19 09:54:44 -05:00
Brian Simpson
210dd1b3fe Store stripe customer id in Account.gold_subscr_id. 
We need to do lookups of Account by stripe customer id and
gold_subscr_id has an index. Previously was using a new attribute
stripe_customer_id which didn't have an index and lookups were too
slow.
 2013-11-19 09:54:44 -05:00
Brian Simpson
1784c60562 GoldPaymentController: secret code must be unique. 
create_claimed_gold attempts to create a row in the gold table and
will fail if secret is not unique.
 2013-11-19 09:54:44 -05:00
Brian Simpson
d6e2425284 StripeController: fix typo in cancel_subscription. 2013-11-19 09:54:44 -05:00
Brian Simpson
b824f80810 StripeController: handle case where description is None. 2013-11-19 09:54:33 -05:00
Neil Williams
5dc0e7e367 Factor activity fuzzing out of Subreddit.get_accounts_active. 
This allows liveupdate to reuse the same code.
 2013-11-19 14:33:28 -08:00
Neil Williams
0e7758db89 Remove unused util interleave_lists. 2013-11-19 14:33:19 -08:00