There isn't a specific problem with using MD5 here, but there's just no reason
to use a hash function with serious known flaws.
We have to truncate to 30 characters for Django's username field. Using Base32
instead of hex gives us twice as many bits. This reduces the chances of a
collision (which are pretty low already) and also provides resistance against a
targetted attack based on some weakness in SHA256. (There are better ways to
reduce a hash to fewer bits but let's not get too fancy.)
We still need to use MD5 for Gravatar because that's their protocol.
(imported from commit ffe6955312f580676409d4f9c4ed2d7f3d0df62c)
This actually involved refactoring a good bit of existing code; we
in this commit introduce a new property of zephyr called .reply_to, which
is the fully rendered-to-string and pretty-printable version of the person
to which any reply should be addressed.
This is useful for grouping personals, where if you simply went by the
.display_recipient or .sender you would have to check them against
eachother.
We also introduce a new narrow_classish command, which is triggered on
clicking on the "Huddle with…" text. This method intelligently determines
which sort of narrowing to do; we essentially moved out code from the 'r'
key handling section and put it in its own function.
(imported from commit 2406ee0f6f83b990eec83190d2e8858865c06238)
I erroneously switched halfway in ce4f6289491722d4c1aa84fe8b88b3a5932a3f2a, so
let's just do it for real.
(imported from commit 4c09a7805f6e2322cbbab2f8534e9d362acdc826)
We previously weren't actually applying collapsed_parent to any zephyrs,
switching from .children to .find fixes this.
We also don't add a bookend in front of the first zephyr.
Also, borders are handled by the zephyr trs themselves as opposed to the
bookend tr.
(imported from commit 8bdc9bd812833288c85c13a102459a5ef1e36225)
Previously update_pointer POSTed the selected_zephyr_id, which in reality
was the ID of the zephyr we just moved off of, rather than the current
zephyr we just higlighted.
(imported from commit 2b143b34d3042a789b3f6a999117115dd6243782)
For some reason on both my and Waseem's local instances the lack of a
trailing slash was not an issue, but this does fix the issue on the
live site.
This could be because we are running Django 1.4.1 and the deployment
server is running 1.4.0.
(imported from commit 613732d75f204fd654247382088d92879780560b)
We no longer break random things! Its pretty grand, actually.
This reworks and reverts commit fbadd6e854722e41cccd2535748ee47f4efd657b.
Conflicts:
zephyr/static/js/zephyr.js
(imported from commit 534a120290855d3bf2cf979ac174267c2d07bf68)
For now the idea is that if you're in the search view (or the
subscriptions view) and you click 'New Message', we should
snap you back to the main view.
This may or may not be the right behavior in the long term.
(imported from commit 43c24e1af9e80225ff9be8a62f4c8c925960436a)