github/reddit
1
1
Fork 0
mirror of https://github.com/reddit-archive/reddit.git synced 2026-04-27 03:00:12 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,130 Commits 1 Branch 0 Tags
dd67f3ae8352ece3f38483f281c68d0a5fd25e0b
Commit Graph

4130 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jason Harvey
dd67f3ae83 Add a should_incr_counts attr to wrapped things. 2014-02-26 16:32:11 -08:00
Neil Williams
d2ccc40733 Automatically delete password hashes of deleted accounts. 
The password hash is no longer necessary once an account is deleted (and
after a period of time for safety in case it needs to be restored)
 2014-02-26 12:45:55 -08:00
Roger Ostrander
89762c93f0 Add TryLater: a system for scheduling events. 2014-02-26 12:45:55 -08:00
Chad Birch
44a8dd6b1d Other discussions: only count public subreddits 2014-02-26 11:44:09 -08:00
Jason Harvey
3b6dcc9f1f Adjust min_compress_len to 96B for srmembercaches. 2014-02-26 11:44:09 -08:00
Neil Williams
814ee55ecf SRMember: Stop writing to the main cache pool. 
All done!
 2014-02-26 11:44:08 -08:00
Chad Birch
09a402edc3 POST_report: add hook 2014-02-26 11:44:08 -08:00
Chad Birch
7b24dacd77 compute_time_listings MINID query: order by date 2014-02-26 11:44:08 -08:00
Jason Harvey
2b83094357 Add styles for "updated" links in footer. 2014-02-26 11:44:08 -08:00
David Ehrmann
11e739e1c6 Add a cache by URL to the media scraper 
Pull media embeds and thumbnails from a cache when cache use was requested
and cached media are available.
 2014-02-25 16:25:51 -08:00
David Ehrmann
34fd7f89ca Make the rescrape API work with the caching media scraper 
This is a temporary workaround until a new scraper_q request message
type is added that forces a rescrape regardless of the current cache
state.
 2014-02-25 16:25:51 -08:00
David Ehrmann
6cfa691fe5 Modify handle_timeout to support **kwargs 2014-02-25 16:25:51 -08:00
David Ehrmann
79d6e08481 Move code for handling unicode issues in embeds into link.py 
media.py should have minimal (if any) knowledge of having to UTF-8
encode dicts before storing them on Things
 2014-02-25 16:25:51 -08:00
David Ehrmann
52127187ac Prevent a TypeError when Content-Type is empty 2014-02-25 16:25:50 -08:00
Neil Williams
fd61e80f5b Ensure comments get queued for processing even if rendering fails. 
This is a hacky fix for comments failing to render causing incorrect
comment counts.
 2014-02-25 15:52:03 -08:00
Andre D
86265bfe48 r.ui.Bubble: Default to anchor-right logic. 2014-02-25 15:39:11 -08:00
Andre D
2379a24f53 Fix /explore bubble having two anchor- classes. 2014-02-25 15:39:02 -08:00
Andre D
33430d7d85 multi: Fix js error on sr name hover. 
Should also fix the bubble not showing up in general.
 2014-02-25 15:38:58 -08:00
Andre D
811db5937e comment.compact: Implement missing show replies contest mode functionality. 2014-02-25 15:38:37 -08:00
Andre D
a83f03cf7f register.compact: Fix unstyled email field. 2014-02-25 15:38:29 -08:00
Andre D
4031911b3d VDestination: Add extension to default destination. 2014-02-25 15:38:25 -08:00
Andre D
2542e693e7 logout.compact: Fix logout redirect. 2014-02-25 15:38:22 -08:00
Keith Mitchell
0ce026b6c1 Remove debug logic from OAuth2ResourceController 2014-02-25 15:38:16 -08:00
Keith Mitchell
084f5736ce Add formal ratelimiting headers 
Three headers can now be included for API requests:

X-Ratelimit-Used: Number of requests used in this period
X-Ratelimit-Remaining: Number of requests left to use
X-Ratelimit-Reset: Approximate number of seconds to end of period

Additionally, 429 responses can be returned for requests that
exceed the ratelimit.

Ratelimits are per-IP normally. OAuth clients will be
limited per user-client combo.
 2014-02-25 15:38:04 -08:00
Chad Birch
c918fdc587 Messages: keep messages to/from private subreddits 2014-02-25 12:55:44 -07:00
Brian Simpson
6a6201723f Relation._fast_query: Return None for relations that are not found. 2014-02-25 00:57:32 -05:00
Ricky Ramirez
62c8f2d34e Add responsible disclosure link to CONTRIBUTING. 2014-02-24 15:14:20 -08:00
Andre D
d2583b941b UserListing: Show date on all lists. 2014-02-24 14:43:01 -08:00
Brian Simpson
74663dbb8f Use an intermediate time recording for "build_morechildren". 2014-02-24 16:33:11 -05:00
Brian Simpson
d0803cdda0 NewController: simplify keep_fn and fix docstring. 
Docstring no longer accurately described method's behavior.
 2014-02-24 16:31:59 -05:00
Brian Simpson
acccbb8dfb load_subreddits: Don't load 'contributor' SRMembers. 
Used for Comment.add_props to see if user can reply to a comment.
That can be looked up if/when it's needed. Also used for
Builder.must_skip to check if the user can view but only if the
Subreddit is private, so also can be looked up when it's needed.
 2014-02-24 16:31:59 -05:00
Brian Simpson
4f9bbc8fb2 _fast_query: Delete unimplemented timestamp_optimize option. 2014-02-24 16:31:59 -05:00
Brian Simpson
0da12af82e Relation._fast_query: Fix data and thing lookups. 
Don't retrieve data or thing_data in sgm miss function because that
is used only to lookup and cache (thing1_id, thing2_id, name): rel_id.
Also switch to using _byID_rel so we can actually honor the thing_data
and eager_load kwargs.
 2014-02-24 16:31:59 -05:00
Brian Simpson
42466db9dd Relation._fast_query: Delete TODO message. 2014-02-24 16:31:59 -05:00
Brian Simpson
0181d4fbc8 load_subreddits: Don't load things on SRMember. 2014-02-24 16:31:59 -05:00
Brian Simpson
0213927a49 load_subreddits: Don't load subscriber SRMember. 2014-02-24 16:31:54 -05:00
Andre D
aa48e9b46c UserListing: Skip deleted users. 2014-02-24 16:31:25 -05:00
Andre D
1c91e67a68 about: Fix /edit and /traffic for logged out users. 2014-02-24 16:31:10 -05:00
Brian Simpson
d74b0baa85 Delete traffic viewers. 2014-02-24 16:30:45 -05:00
Brian Simpson
8df7d74af8 Delete Userlist. 2014-02-24 16:30:45 -05:00
Andre D
9ecb228d53 /about: Paginate banned and contibutors. 2014-02-24 16:30:37 -05:00
Chad Birch
d54e284b74 RSS/XML: actually fix broken default header url 2014-02-21 12:13:57 -08:00
shlurbee
549e26df0d Don't recommend banned subreddits. 2014-02-21 12:13:42 -08:00
Max Goodman
286379e81a install-reddit: Explicitly disallow installing modules from PYPI. 2014-02-20 15:45:21 -08:00
Chad Birch
a25d502d15 Message icons: no orangered on mark-read pages 2014-02-20 16:25:22 -07:00
Chad Birch
1003e73bf1 Password reset: ratelimit by IP 2014-02-20 16:25:18 -07:00
Chad Birch
60c18aec8a RSS/XML: fix broken default header url 2014-02-20 16:25:13 -07:00
Chad Birch
ebae642bf2 Password reset email: update wording 2014-02-20 16:24:55 -07:00
Neil Williams
3393dc07a9 Add MessagesByAccount index. 
Useful for quickly finding all messages ever created by an account.
 2014-02-18 15:04:40 -08:00
Neil Williams
77fe0dfa3c Require credentials for private subreddit media embeds. 
By knowing the ID36 of a link, it is possible to see its media embed
because the embed request is served off-domain and as a result can't
verify the user's cookie.  To fix this, we add an authentication code to
the iframe URL for media embeds and require its presence for all embeds
in private subreddits.

This makes required the credentials which were added in an earlier
patch.

This fixes an information disclosure vulnerability reported by Jordan
Milne (/u/largenocream).
 2014-02-18 15:04:40 -08:00