Commit Graph

134 Commits

Author SHA1 Message Date
Steve Howell d7f9a21519 api docs: Move json-api-example css to portico.scss.
We didn't need to patch the third-party bootstrap code for this.
2019-02-08 07:42:32 -08:00
Rohitt Vashishtha 19672241e6 markdown: Disable definition/reference links in marked.
We had disabled reference style links in bugdown, however,
we hadn't disabled them in marked. This commit rectifies
that and adds test cases for the same.

Fixes #11350.
2019-02-04 11:16:37 -08:00
Adarsh Patel 9b740df277 api_docs: Specify max width for long code examples.
Fixes #10673.
2019-01-28 22:39:54 -03:30
Puneeth Chaganti 9c377a05f3 paste: More robust check to verify if clipboard data is an image.
The commit f863a9b567 had modified
jquery.filedrop's paste method to exit early if any of the items in the
clipboardData is of the string kind. The early exit was added to prevent pasting
an image thumbnail for text copied from software like MS Word, instead of
pasting the actual copied text content. When copying an image in a (modern?)
Browser, though, the clipboard seems to contain a html `img` tag item, along
with the actual image file. This resulted in pastes being broken.

This commit modifies the condition checked for the early exit. We now actually
look at the html content in the clipboard to see if it is an `img` tag, in which
case we upload the image, instead of exiting early.

Closes #7130.
2019-01-25 11:40:33 -08:00
Rohitt Vashishtha 96aa1d4b37 markdown: Reduce mentions inside blockquotes to silent-mentions.
On the backend, we extend the BlockQuoteProcessor's clean function that
just removes '>' from the start of each line to convert each mention to
have the silent mention syntax, before UserMentionPattern is invoked.

The frontend, however, has an edge case where if you are mentioned in
some message and you quote it while having mentioned yourself above
the quoted message, you wouldn't see the red highlight till we get the
final rendered message from the backend.

This is such a subtle glitch that it's likely not worth worrying about.

Fixes #8025.
2019-01-16 16:08:37 -08:00
Rohitt Vashishtha f993fdd480 markdown: Add _@**Name** syntax for silent mentions.
These mentions look like regular mentions except they do not
trigger any notification for the person mentioned. These are
primarily to be used when you make a bot take an action and
the bot mentions you, or when you quote a message that mentions
you.

Fixes #11221.
2019-01-16 16:01:06 -08:00
Tim Abbott cb9b526f0c third: Extract bootstrap typeahead to its own module.
Bootstrap's typeahead is the main part of the project that we've
forked, and moving it to its own module should help unlock our ability
to upgrade bootstrap itself.
2018-12-17 09:06:52 -08:00
Tim Abbott 3079cf803c Revert "typeahead: Tab opens typeahead if not open with a non-empty input."
This reverts commit 0e2c509a24.
2018-12-04 13:58:00 -08:00
Tim Abbott 9ea4f50c1b Revert "search: Open typeahead on empty string only if lookup triggered by Tab."
This reverts commit b961093c14.
2018-12-04 13:58:00 -08:00
Shubham Padia b961093c14 search: Open typeahead on empty string only if lookup triggered by Tab.
Fixes part of #10026.
Adds additional option to typeahead:
`tabOpensEmptyTypeahead`(default: false):
tabOpensEmptyTypeahead overrides helpOnEmptyStrings.
This commit sets helpOnEmptyStrings to false and
tabOpensEmptyTypeahead to true. Now typeahead will
open on an empty string only if Tab has been pressed.
2018-12-03 16:54:38 -08:00
Shubham Padia 0e2c509a24 typeahead: Tab opens typeahead if not open with a non-empty input.
Fixes part of #10026.
NOTE: The Tab key will select option from typeahead if the typeahead
is already open i.e the same behaviour as Enter.
NOTE: This behaviour applies irrespective of search pills are enabled
or not.
2018-12-03 16:54:38 -08:00
Aditya Bansal 75ae94e459 font-awesome: Drop support for legacy font awesome icons.
We drop support for usage of `icon-vector` as base class when
including icons from font awesome icons package.
Now on, only icons as specified in font awesome v4.7.0 can be used
in the code base.
2018-10-15 20:14:55 +05:30
Rohitt Vashishtha 38c7969555 marked: Warn against placing capture blocks below 'text' block. 2018-08-09 17:20:18 -07:00
Shubham Padia 28589c5563 search pills: Backspace should remove a search pill with typeahead open.
Fixes part of #10026.

Typeaheads stopped propogation of keydown and keyup events for any
key except tab and enter. If stopAdvance was true even tab and enter
were not allowed.

advanceKeyCodes option was added to typeahead which allowed to specify
key codes for which propogation of keydown and keyup events should not
stop. advanceKeyCodes does not respect the stopAdvance option.
As the backspace key code is added to advanceKeyCodes in search.js,
the backspace key deletes pill on pressing backspace if input is empty
or only consists of spaces.
2018-07-30 14:33:06 -07:00
Yashashvi Dave 07b63e4886 jquery-form: Remove jquery-form plugin dependency.
Fixes #9430.
2018-05-29 15:44:40 -07:00
Tim Abbott 0dcf873370 third: Rename thirdparty-fonts.css for better clarity.
Now it's clear that this is just legacy fontawesome styles.
2018-05-17 04:58:30 -07:00
Aman Ghebreweldi b05a702285 third: Use font awesome css file from NPM package. 2018-05-17 04:58:30 -07:00
Aman Ghebreweldi e5ec1e83e8 third: Use fontawesome NPM package.
This removes the need for us to have checked in a copy of fontawesome.
2018-05-17 04:58:30 -07:00
Aman Ghebreweldi a781b89ec2 third: Use Underscore throttle function instead of jQuery.
Since we already have _.js and it has this feature, there's no need
for a separate library.
2018-05-16 11:56:49 -07:00
Aman Ghebreweldi b496afc8b9 third: Remove font Source Sans Pro from static/third.
We can just get it from NPM instead.
2018-05-15 16:22:44 -07:00
Aman Ghebreweldi 83ee8211a8 third: Get sorttable package from npm.
We didn't have any local changes, so there's no need to have it
vendored in the repository.
2018-05-15 09:25:48 -07:00
Tim Abbott c7b44d44e4 third: Remove now-unused LazyLoad library.
We don't reference this anymore (it was only ever used by the Dropbox
integration, which was hardcoded-off for years before being removed in
e6833b6427)
2018-05-08 14:38:27 -07:00
Shubham Dhama 38630295ac upload/jquery-filedrop: Fix progress bar for paste upload. 2018-05-05 06:32:10 -07:00
Shubham Dhama 9d575ffd1c upload: Add/enable `uploadStarted` option in jquery-filedrop plugin.
We were missing it but it is added in the upstream, so just added it
at the appropriate place in plugin code(in the upstream there is some
code refactoring but this seems to be the most appropriate place).
2018-05-02 12:32:13 -07:00
Tim Abbott 16873cd1ff static: Remove unnecessary handlebars README. 2018-04-28 10:46:16 -07:00
Cynthia Lin 323e2faac8 css: Change `*-device-width` to `*-width` selectors.
See https://stackoverflow.com/questions/18500836/should-i-use-max-device-width-or-max-width
for an explanation on why this isn't optimal.
2018-04-21 22:15:56 -07:00
Rohitt Vashishtha 3bdc8bbaa5 CVE-2018-9986: Fix XSS issues with frontend markdown processor.
This fixes a set of XSS issues with Zulip's frontend markdown
processor, which is used in a limited set of contexts, such as local
echo of messages and the drafts feature.

The implementation of several syntax elements, including the <em>
syntax, user and stream mentions, and some others failed to properly
escape the content inside the syntax.

Fix this, and add tests for each corrected code path.

Thanks to w2w for reporting this issue.
2018-04-12 09:46:37 -07:00
Shubham Dhama a32e1eb913 markdown: Require double-asterisk around all mentions.
This enforces `**` around all the mentions including "at-all" and
"at-everyone" mentions. Hence this makes `@all` and `@everyone`
invalid mentions, resulting into proper syntax for these mentions as
`@**all**` and `@**everyone**` respectively.

Note from tabbott: This removes an old feature/syntax, which made
sense back when @Tim was also a way to mention a user with Tim as
their first name.  Given how nice typeahead is now, the user part of
the feature was removed a while ago; this should have gone at the same
time.

Fixes: #8143.
2018-02-16 11:45:08 -08:00
Greg Price d053e07760 upload: Make filedrop error handling more consistent.
The first argument to the error callback is *usually* a string code
from a list in the filedrop source; but sometimes it was the text
the server sent in the HTTP status line, instead.  The latter isn't
predictable, and so it's not possible to write app code that uses it
to handle error consistently.

Instead, use that parameter for the numeric HTTP status code.  This
still isn't totally clean in that sometimes it's internal filedrop
errors, as strings, and sometimes it's HTTP status codes, as numbers;
but at least both of those are things we can sanely handle with a
`switch` statement.

Also pass through `serverResponse`, which for a nice JSON error from
the server will contain meaningful information about the error which
the calling code can use for nice error handling.  And just drop the
HTTP status text, which at best is redundant with the numeric code.

In passing, fix one case where for no obvious reason filedrop was
passing the file object but not the index.

This should be a pure refactor.
2018-01-29 16:06:11 -08:00
Greg Price 55cf54c087 upload: Remove old per-user quota feature.
We'll replace this primarily with per-realm quotas (plus the simple
per-file limit of settings.MAX_FILE_UPLOAD_SIZE, 25 MiB by default).

We do want per-user quotas too, but they'll need some more management
apparatus around them so an admin has a practical way to set them
differently for different users.  And the error handling in this
existing code is rather confused.  Just clear this feature out
entirely for now; then we'll build the per-realm version more cleanly,
and then we can later add back per-realm quotas modelled after that.

The migration to actually remove the field is in a subsequent commit.

Based in part on work by Vishnu Ks (hackerkid).
2018-01-29 16:06:11 -08:00
Tim Abbott 852af0e3c5 Revert "katex: Update the `require` path to point to the new one."
This implementation never worked, for two reasons:

(1) The logic for getting the path to the katex package had invalid
syntax in the version of Node we use.

(2) The KaTeX package bundled by webpack doesn't seem to be importable
from Node at all.
2018-01-23 12:30:28 -08:00
rht 953478a189 katex: Update the `require` path to point to the new one.
This fixes #7620.
2018-01-20 08:09:17 -05:00
Andy Perez f0190333b8 bugdown: Remove whitespace strip from inline code.
Fixes #4507
2017-12-14 07:48:10 -05:00
Umair Khan 8f190e0746 user-groups: Update marked.js to do proper local echo for mentions.
We implement markdown in the JS as well to improve the
usability.  Comes complete withunit tests.

Fixes #7381.
2017-11-27 09:16:09 -08:00
Andy Perez e7f1825617 bugdown: Update KaTeX to version 0.8.3 from 0.7.1.
Fixes #7480.
2017-11-23 12:43:34 -08:00
Andy Perez 83f563aeff bugdown: Properly parse empty blockquotes.
The character ">" now only starts a blockquote if the resulting
blockquote would be non-empty.  Thus, by itself, ">" is now
interpreted literally by bugdown, fixing #687.  The message
with contents consisting of ">>>" is now parsed as a doubly
(not triply) nested blockquote with contents ">".  Properly
formed blockquotes have identical behavior as before, but now
bugdown can no longer produce empty blockquotes as output.

Fixes #2886, #687.
2017-11-17 11:41:44 -08:00
Andy Perez 4d51a6cfac bugdown: Fix $$ whitespace handling.
The intended use of $$ is for inline expressions, not for multiline
ones; ```math is an acceptable alternative for the latter.  Hence,
the $$-syntax for inline TeX no longer permits newlines within it.

This was also necessary for the next change to be sensible; namely
allowing for spaces around both $$ when crafting inline TeX instead of
forcing everything to be crammed together, e.g. $$x=7$$.  In order to
avoid uninentionally creating inline expressions, the opening and
closing $$'s of an inline expression must now both exactly consist of
two dollar signs, no more and no less.

Fixes: #6488.
2017-11-10 16:54:27 -08:00
Brock Whittaker 70a14d8b44 bootstrap: Patch bootstrap.js to support contenteditable.
If the lookup input is contenteditable, it should be searching for text
rather than input.
2017-11-10 14:14:03 -08:00
Brock Whittaker 0c42e4a705 typeahead: Fix typeahead positioning for iOS keyboard case.
When the iOS keyboard is open and up, the positioning gotten by
getBoundingClientRect will display a `top` value that is short by the
height of the keyboard, which will usually end up placing things north
of the top of the screen.

By changing to jQuery $.fn.offset instead, the positioning appears to
be correct in all cases; iOS keyboard up, down, and desktop usage.

Fixes: #6366.
2017-10-04 17:39:42 -07:00
Brock Whittaker 2a7480051f third: Update version of Source Sans Pro font.
Our previous version was several years old.
2017-08-28 16:08:30 -07:00
Joshua Pan e6611fec99 markdown.js: Remove paragraph break from numbered lists.
Fixes #5902.
2017-07-28 12:32:20 -07:00
Brock Whittaker ac4ac63353 Change from deprecated $.parseJSON to JSON.parse.
The jQuery function `parseJSON` is now deprecated so we should push to
switch to native `JSON.parse` since all browsers support it.
2017-07-27 14:16:57 -07:00
Cory Lynch d32e89aae4 jQuery: Remove broken use of "removeAttr".
This function no longer sets properties to false, so the supported
way of doing this is to instead use prop(foo, false). Some tests
had to be fixed to accommodate this.
2017-07-24 10:54:47 -07:00
Joshua Pan 5e5ca48063 markdown.js: Fix inconsistent #**stream** on new line.
This commit removes all code related to headers because
(1) we don't need the code and (2) it splits #**stream**
as a paragraph, which we don't want. This commit also
fixes the inconsistency when #**stream** is on a new line.

Fixes #4678.
2017-07-18 11:07:25 -07:00
Joshua Pan ec669a0c45 markdown.js: Fix inconsistent user mention on new line.
The user mention regex was checking for multiple lines,
so it broke when the user mention was on a new line.
This changes the regex AND adds a couple tests to
test inline markdown regexes.
2017-07-18 00:07:49 -07:00
Cory Lynch 802ea9abf5 Refactor to delete mousewheel.js.
This old third party library added support
for a "mousewheel" event to detect scrolling.
However, it is not compatible with jQuery 3
and is obsolete now that there is a standard
"wheel" event that accomplishes the same thing.
2017-07-03 11:04:20 -04:00
Cory Lynch f848ffc03b Patch spectrum.js for jQuery 3 compatibility.
This includes removing deprecated functions
(namely bind/unbind/delegate) and fix an aspect
of event handling that breaks in the new jQuery.
2017-07-02 07:59:24 -04:00
Cory Lynch 10fa6b75f9 Patch filedrop for jQuery 3 compatibility.
This entails removing the use of jQuery.event.props,
which has been removed from jQuery 3.
2017-07-02 07:59:24 -04:00
Rafid Aslam 4f482834b4 deps: Upgrade and move `perfect-scrollbar` from `static/third` to `npm`.
- Remove `perfect-scrollbar` from `static/third` and fetch it from npm.
- Upgrade `perfect-scrollbar` to 0.7.1.
- Bump up the `PROVISION_VERSION` to 5.6.

Changed `wheelSpeed` in "static/js/scroll_bar.js" to 0.5, because when it
20, the scrollbar scrolls very fast.

Changed 'wheelSpeed' in "static/js/emoji_picker.js" from 25 to 0.68
(based on tabbott's testing of scrolling through the emoji list).

Part of #1709.
2017-06-11 10:15:48 -07:00
Harshit Bansal c549dea9ac bugdown: Fix the regex used for unicode emoji matching.
The regex we were using didn't cover all the unicode blocks
to which our emojis belong. This commit fixes the regex to
include all the unicode blocks and also updates the
corresponding JS regex in marked.js.

Fixes: #3460.
2017-05-16 09:05:42 -07:00