58ca5b3e24
Harden rows.get against bad input
...
(imported from commit af0283323089f6ed4edb4cb732fe1cc821fb5dd5)
2012-10-26 20:41:08 -04:00
3ebee51ce0
rows.js: Use full module pattern
...
(imported from commit 770741958798317401e918a7b8331cfc2f73bf77)
2012-10-26 20:41:08 -04:00
6bd2087d89
zephyr.js: Combine get_huddle_recipient{,_names}
...
(imported from commit dcb4c32250f4ff3a3cf32d999d6469916b17b06e)
2012-10-26 20:31:52 -04:00
465bbf5614
print-all: Fix incorrect progress output
...
(imported from commit 266b9da0a4aee094c2df6502766ff06c2a967a2d)
2012-10-26 17:52:47 -04:00
b0d669aa03
print-all: Use psnup rather than pdfnup
...
Our printer strongly dislikes the pdfnup output.
(imported from commit 0539def995191143365ed1e62f1fbf6ec572627e)
2012-10-26 17:49:38 -04:00
5413f74a7e
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
This commit differs from 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe in
that it uses request.POST.get("foo") instead of request.POST["foo"].
For some reason the latter triggers CSRF errors.
(imported from commit b2a4a7322d16dbf241cd6eef146621c79d84cafc)
2012-10-26 17:17:09 -04:00
b36f1702fc
Revert "Allow API users to update the pointer and receive pointer updates"
...
This reverts commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe.
It seems to have broken API users.
(imported from commit 2f861ebc016076547092421f87dbcac00a65e2f6)
2012-10-26 16:19:57 -04:00
faa7565a75
Clean up duplicated code in setup.js
...
(imported from commit 86566f194497b618dff0be6ea2bc829204d03366)
2012-10-26 16:08:18 -04:00
3e86da67f9
Set the CSRF token cookie as HttpOnly
...
(imported from commit 0bf4239db085edcfc311efeb61da3ef409cc6206)
2012-10-26 16:08:18 -04:00
80ef222a60
Get the CSRF token from the DOM rather than a cookie
...
This simplifies the code, and lets us set the CSRF cookie as HttpOnly, which
adds a little bit of security.
(imported from commit 9d5923a1acf19bd27e6e1d55cf627049526de245)
2012-10-26 16:08:18 -04:00
a4fd478e3d
Allow API users to update the pointer and receive pointer updates
...
The get_profile API call now returns a client_id, which an API user
can pass to update_pointer and get_messages (note that clients still
need to pass a pointer argument to get pointer updates). This
client_id is currently the equivalent of the website's session key,
but the website might get client_ids in the future to distinguish
browser windows.
(imported from commit 88f6cf0033c849af88d1b99da3bdc2148dfbb6fe)
2012-10-26 16:06:41 -04:00
22e6a8ac1d
Revert "Hide additional search buttons when not in use."
...
This reverts commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f. For
some reason this introduces some buggy behavior, and if anything I
should debug it more locally first.
(imported from commit 182193e6bb466a5668c2bb64e41712a793fa7ca2)
2012-10-26 15:41:38 -04:00
b0406ee1d2
update_floating_recipient_bar: Don't loop infinitely if no message selected.
...
(imported from commit a75cfd41ed8a8ce5256d1caa29f6c5bc0689e7d2)
2012-10-26 15:10:30 -04:00
fdba3addc8
Update puppet configuration to be slightly more accurate.
...
This still needs a lot of work though.
(imported from commit 4472488c399f7c5b96bcf900b1a5e957625cb450)
2012-10-26 14:58:05 -04:00
9274437eb5
Hide additional search buttons when not in use.
...
(imported from commit 074011dfe7dfa4d3cb331b32fc6cf465f98d095f)
2012-10-26 14:55:42 -04:00
44a6a2b8a4
Have search bar always take on color of main area.
...
(imported from commit 85f6db17ca2fd616e4c7b63a98b80332cbddc1c0)
2012-10-26 14:31:05 -04:00
e365b94a27
Restyle searchbox to look more consistent/bootstrappy.
...
(imported from commit 2d381fb6ea7f27846d583e27dda0fd1a6df77fab)
2012-10-26 14:31:05 -04:00
92593b7cc8
Add basic up/down search functionality, including across narrows.
...
(imported from commit c82acad95e97733b87d65287c685caf7533a774e)
2012-10-26 14:31:05 -04:00
74a75eea0c
Add search bar and buttons above narrowbar.
...
(imported from commit 7def7d5824714a44c65d6a8e6699b2d8cda31418)
2012-10-26 14:29:30 -04:00
14388baf4b
Add jQuery highlight plugin, for use by search.
...
(imported from commit b596d0435db11f0369e2e6903714e2e1346b006b)
2012-10-26 14:29:30 -04:00
8c20bafb98
Add Nagios configuration to puppet.
...
(imported from commit 34c09661e63b31bd177b9704b69a0d8d0d644de7)
2012-10-26 14:15:27 -04:00
7c03f03557
trac-bot: Show summary in tickets.
...
(imported from commit fdf48c0e6cd0c7a94d7ddb1f982d2398381e310a)
2012-10-26 14:15:27 -04:00
53b6fc80c7
register.html: Wrap an extremely long line
...
(imported from commit cc7a2089c156d23c21b91f1cb627e837d4bb236d)
2012-10-26 14:03:23 -04:00
3f9cf64eba
Add a tool to print out the entire codebase (!) as a PDF
...
(imported from commit 51199eb81735137a66a2e441d0392b142ce197d0)
2012-10-26 13:59:34 -04:00
652c524777
Try loading older messages after user is idle
...
(imported from commit bb3c39f9b5a9b7befb353647af75001ec168fc8d)
2012-10-26 13:31:14 -04:00
807303a325
jquery.idle: don't allow the active handler to fire as a result of the user going idle
...
(imported from commit 28793228e50449b096dfe999a8cd17b7fa9e347e)
2012-10-26 13:31:14 -04:00
8173bd720b
privacy.html: Fix markup
...
(imported from commit 20c1fab0e341231acafb13b93a20510ece849189)
2012-10-26 13:19:32 -04:00
6f3b9ef00d
Enable /terms and /privacy on the live site
...
At Jeff's request.
(imported from commit 2cc25252e3183f858fcd63dddcc97573a5ac6082)
2012-10-26 13:00:01 -04:00
ec389c5c83
Non-asynchronous API calls only take two arguments
...
(imported from commit 39f21892e38b0f8c2369d77ffcfb077f1006863e)
2012-10-26 11:53:01 -04:00
6ed1d38743
Show persistent pointer on narrow again
...
(imported from commit c871ec931ffad4bc692a908e687bb21c6cb2e7e9)
2012-10-26 11:44:28 -04:00
9c838c44a1
Scroll to the correct message when narrowing
...
(imported from commit c6f11f3315f1d168b85f80ab524f322b399f5a85)
2012-10-26 11:44:28 -04:00
e3a63937fb
feedbact-bot: send feedback messages sent by non-MIT users too.
...
(imported from commit 00eb1f99af751665d036d25ea31da3dbfdf327a4)
2012-10-26 10:42:54 -04:00
8a66d52228
Expose get_old_messages to API
...
(imported from commit d3b86a049440c54b52d96c27f8925a73496eaffe)
2012-10-26 10:42:11 -04:00
363ee1ec71
Add a 'Feedback' button.
...
(imported from commit 79271015850d6938342bdc0e4a41a76662f0e1fb)
2012-10-26 10:39:50 -04:00
2afa9894ce
Add a draft privacy policy
...
(imported from commit 4095e3bb72a5975b4353bf0eace9da48c0eec200)
2012-10-25 19:11:28 -04:00
ec9e0a4b9f
Have get_updates include an "update_types" array in its response
...
This is similar to the previous "reason_empty" variable, but captures
why we've returned from the call even when there are updates and all
the reasons if there are multiple. For now, it's useful for debugging.
(imported from commit fd8d9e859660e51b57178d066b184f831b71a0b6)
2012-10-25 18:12:11 -04:00
51a39fdb0a
Remove unused variable
...
(imported from commit 5a2a100aa3d9a577cde2517be3d9bacc2147fa7e)
2012-10-25 18:11:23 -04:00
1c904e8607
Only start get_updates call after we've gotten all old messages
...
(imported from commit 8af46008a3abcdacb59e6223f38742a94a87b125)
2012-10-25 18:11:23 -04:00
a9583f6889
Fix get_updates missing messages between calls
...
(imported from commit 2b84df2a35a9a006b8548904ebf145a351a2e92b)
2012-10-25 18:11:23 -04:00
f2c6347471
Return to failing clients immediately the first time.
...
(imported from commit b29df3165030ffd95dfe89b6471aeb74c06b6126)
2012-10-25 17:53:30 -04:00
5b4816eb55
Report failures count in API queries.
...
(imported from commit afb01272db6e0aa1ba10d60d651a97ce924e8cb9)
2012-10-25 17:53:23 -04:00
6dbd689f91
Kill duplicate zephyr mirror processes on startup.
...
(imported from commit 52db0c911e5d60a54eb43c5c075709c02e75da63)
2012-10-25 17:41:08 -04:00
8a314ff46a
Don't let user type stream/subject names that are longer tha max-allowed.
...
(imported from commit 40112e3aab3bf92a2752d45642b147936201e938)
2012-10-25 17:07:44 -04:00
44547e4e36
Properly check stream/subject lengths.
...
(imported from commit 1432266d8db1122f561e9e2f997071a19fb0f190)
2012-10-25 17:07:32 -04:00
98d7116ee8
Delete some dead code in signup workflow.
...
(imported from commit d07fffd4c0efdaaf4a233c1dbc9d09bc5ec03ad3)
2012-10-25 16:59:37 -04:00
0c64c9c2ea
Remove stray quotation mark.
...
(imported from commit 7f880b4465f763412995cd43ec2c8350c84b531d)
2012-10-25 16:50:00 -04:00
c894bab738
Compute a user's realm from the verified email address, not a user-passed field.
...
(imported from commit 5c220a7b9e4b137b5c98b286e409004318565137)
2012-10-25 16:50:00 -04:00
5316fc9863
Rename tos -> terms in urls.py
...
(imported from commit 5cb47202f62b500b2fdaa49b093830df279828b3)
2012-10-25 16:07:18 -04:00
29d94b60b6
Add an "I agree to the terms of use" checkbox inside signup workflow.
...
(imported from commit 6d3320e71e189f4577da464fade9c8f7f5838f78)
2012-10-25 16:05:28 -04:00
0c54fab1e2
Check for too-long stream/subject names.
...
(imported from commit 6d37dff9af7e471e1e6a1ba77a9500bf5bb4ba7d)
2012-10-25 16:04:47 -04:00
Keegan McAllister
Zev Benjamin
Waseem Daher
Tim Abbott
Jessica McKellar
Jeff Arnold